Podobnie jak poprzednim temacie - zrobiłam głupotę i mam tego wirusa( you wanna laugh? ---> filmik na youtube i wirus ściągnięty przez moją własną głupotę).
Czasem otwierają mi się inne strony poza FB a czasem komp nie nadaje się totalnie do użytku.
Mój problem jest taki, że jestem w tym wszystkim zielona trafiłam na to forum, ściągnęłam OMLa
i proszę o instrukcje, co dokładnie powinnam zrobić?
Proszę wytłumaczyć bardzo łopatologicznie...
Wirus z Facebooka.
-
daisy88
- Posty: 4
- Rejestracja: 22 sie 2011, 21:15
Wirus z Facebooka.
Ostatnio zmieniony 22 sie 2011, 21:58 przez XMan, łącznie zmieniany 1 raz.
Powód: korekta tytułu tematu, przeniosłem temat z działu Problemy --> Bezpieczeństwo.
Powód: korekta tytułu tematu, przeniosłem temat z działu Problemy --> Bezpieczeństwo.
-
djkamil09061991
- Posty: 8250
- Rejestracja: 18 lut 2009, 11:54
- Lokalizacja: Wrocław
- Kontaktowanie:
Wirus z Facebooka
Daj log z OTL według instrukcji:
http://www.hotfix.pl/obsluga-programu-otl-a143.htm
http://www.hotfix.pl/obsluga-programu-otl-a143.htm
Mój kanał YouTube - Dostępne tylko dla zarejestrowanych użytkowników
Przyjmuje skiny Cs Go: Dostępne tylko dla zarejestrowanych użytkowników
Przyjmuje skiny Cs Go: Dostępne tylko dla zarejestrowanych użytkowników
-
daisy88
- Posty: 4
- Rejestracja: 22 sie 2011, 21:15
Wirus z facebook.
OTL
Dostępne tylko dla zarejestrowanych użytkowników
-- 22 sie 2011, 22:17 --
OTL Extras logfile created on: 2011-08-22 21:56:34 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1014,36 Mb Total Physical Memory | 324,44 Mb Available Physical Memory | 31,98% Memory free
2,39 Gb Paging File | 1,84 Gb Available in Paging File | 77,05% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,10 Gb Free Space | 10,77% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 5,23 Gb Free Space | 13,40% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 5,60 Gb Free Space | 10,53% Space Free | Partition Type: NTFS
Drive I: | 7,46 Gb Total Space | 2,38 Gb Free Space | 31,92% Space Free | Partition Type: NTFS
Computer Name: PPP-8163AC0F4B3 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE -- (Software 2000 Limited)
"C:\Documents and Settings\admin\Pulpit\Flash-Player.exe" = C:\Documents and Settings\admin\Pulpit\Flash-Player.exe:*:Enabled:C:\Documents and Settings\admin\Pulpit\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe -- ()
"C:\WINDOWS\services32.exe" = C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe -- ()
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe -- ()
"C:\WINDOWS\update.3\svchost.exe" = C:\WINDOWS\update.3\svchost.exe:*:Enabled:C:\WINDOWS\update.3\svchost.exe -- ()
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype? 3.8
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}" = MSN Messenger 7.0
"{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C98F2FE6-5AF5-11D6-8209-00D0B701C7B5}" = Terayon DOCSIS Modem
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnyDVD" = AnyDVD
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Bandoo" = Bandoo
"Budzik_is1" = Budzik 1.04
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Elecard AVC Streaming PlugIn for WMP 1.1.71114" = Elecard AVC Streaming PlugIn for WMP
"Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.5.71225" = Elecard MPEG-2 Decoder&Streaming Plug-in for WMP
"Firebird SQL Server US" = Firebird SQL Server - MAGIX Edition
"Gadu-Gadu" = Gadu-Gadu 7.7
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"iLivid" = iLivid
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.1.1800
"MatlabR2011a" = MATLAB R2011a
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Orb" = Winamp Remote
"PLAY ONLINE" = PLAY ONLINE
"PocketRAR" = Pocket RAR documentation
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Recuva" = Recuva
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"Spotify" = Spotify
"SubEdit-Player_is1" = SubEdit-Player
"TOEFL Sample Questions" = TOEFL Sample Questions
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = Archiwizator WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 2008-08-28 16:24:09 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2008-08-28 16:49:44 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2008-08-29 00:02:10 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2009-01-14 08:20:04 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:02:23 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:02:23 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:05:26 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:05:26 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:15:38 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:15:38 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 2011-08-21 06:52:17 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-21 06:52:59 | Computer Name = PPP-8163AC0F4B3 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca gg.exe, wersja 7.7.0.3746, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-08-21 07:20:14 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 10:00:31 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2344
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2344
Error - 2011-08-22 12:46:19 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 12:49:46 | Computer Name = PPP-8163AC0F4B3 | Source = MsiInstaller | ID = 11722
Description = SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2011 ? Błąd
1722. SA_Error1722: StandardAction(0xC00706BA): Wystąpił problem z tym pakietem
Instalatora Windows. Program uruchamiany jako część instalacji nie zakończył pracy
w oczekiwany sposób. Skontaktuj się z zespołem pomocy technicznej lub dostawcą
pakietu. Akcja RegisterTuneUp, położenie: C:\Program Files\AVG\AVG10\PCTuneup\MicroScanner.exe,
polecenie: -REGSERVER
Error - 2011-08-22 14:00:18 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
[ System Events ]
Error - 2011-08-19 14:42:34 | Computer Name = PPP-8163AC0F4B3 | Source = ipnathlp | ID = 32003
Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji
przez
moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji,
niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu.
Error - 2011-08-20 08:21:36 | Computer Name = PPP-8163AC0F4B3 | Source = ipnathlp | ID = 32003
Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji
przez
moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji,
niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu.
Error - 2011-08-21 15:06:43 | Computer Name = PPP-8163AC0F4B3 | Source = Service Control Manager | ID = 7034
Description = Usługa srvbtcclient niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.
Error - 2011-08-22 12:42:47 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:42:49 | Computer Name = | Source = DCOM | ID = 10021
Description = Deskryptor zabezpieczeń uruchamiania i aktywacji aplikacji serwera
COM z identyfikatorem klasy {8BC3F05E-D86B-11D0-A075-00C04FB68820} jest nieprawidłowy.
Zawiera wpisy kontroli dostępu z nieprawidłowymi uprawnieniami. Z tego powodu żądana
akcja nie została wykonana. To uprawnienie zabezpieczeń można poprawić przy użyciu
narzędzia administracyjnego usług składowych.
Error - 2011-08-22 12:44:41 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:44:57 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:53:23 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 13:10:17 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 13:10:32 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Dostępne tylko dla zarejestrowanych użytkowników
-- 22 sie 2011, 22:17 --
OTL Extras logfile created on: 2011-08-22 21:56:34 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1014,36 Mb Total Physical Memory | 324,44 Mb Available Physical Memory | 31,98% Memory free
2,39 Gb Paging File | 1,84 Gb Available in Paging File | 77,05% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,10 Gb Free Space | 10,77% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 5,23 Gb Free Space | 13,40% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 5,60 Gb Free Space | 10,53% Space Free | Partition Type: NTFS
Drive I: | 7,46 Gb Total Space | 2,38 Gb Free Space | 31,92% Space Free | Partition Type: NTFS
Computer Name: PPP-8163AC0F4B3 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE -- (Software 2000 Limited)
"C:\Documents and Settings\admin\Pulpit\Flash-Player.exe" = C:\Documents and Settings\admin\Pulpit\Flash-Player.exe:*:Enabled:C:\Documents and Settings\admin\Pulpit\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe -- ()
"C:\WINDOWS\services32.exe" = C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe -- ()
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe -- ()
"C:\WINDOWS\update.3\svchost.exe" = C:\WINDOWS\update.3\svchost.exe:*:Enabled:C:\WINDOWS\update.3\svchost.exe -- ()
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype? 3.8
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}" = MSN Messenger 7.0
"{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C98F2FE6-5AF5-11D6-8209-00D0B701C7B5}" = Terayon DOCSIS Modem
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnyDVD" = AnyDVD
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Bandoo" = Bandoo
"Budzik_is1" = Budzik 1.04
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Elecard AVC Streaming PlugIn for WMP 1.1.71114" = Elecard AVC Streaming PlugIn for WMP
"Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.5.71225" = Elecard MPEG-2 Decoder&Streaming Plug-in for WMP
"Firebird SQL Server US" = Firebird SQL Server - MAGIX Edition
"Gadu-Gadu" = Gadu-Gadu 7.7
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"iLivid" = iLivid
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.1.1800
"MatlabR2011a" = MATLAB R2011a
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Orb" = Winamp Remote
"PLAY ONLINE" = PLAY ONLINE
"PocketRAR" = Pocket RAR documentation
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Recuva" = Recuva
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"Spotify" = Spotify
"SubEdit-Player_is1" = SubEdit-Player
"TOEFL Sample Questions" = TOEFL Sample Questions
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = Archiwizator WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 2008-08-28 16:24:09 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2008-08-28 16:49:44 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2008-08-29 00:02:10 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2009-01-14 08:20:04 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:02:23 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:02:23 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:05:26 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:05:26 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:15:38 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:15:38 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 2011-08-21 06:52:17 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-21 06:52:59 | Computer Name = PPP-8163AC0F4B3 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca gg.exe, wersja 7.7.0.3746, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-08-21 07:20:14 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 10:00:31 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2344
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2344
Error - 2011-08-22 12:46:19 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 12:49:46 | Computer Name = PPP-8163AC0F4B3 | Source = MsiInstaller | ID = 11722
Description = SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2011 ? Błąd
1722. SA_Error1722: StandardAction(0xC00706BA): Wystąpił problem z tym pakietem
Instalatora Windows. Program uruchamiany jako część instalacji nie zakończył pracy
w oczekiwany sposób. Skontaktuj się z zespołem pomocy technicznej lub dostawcą
pakietu. Akcja RegisterTuneUp, położenie: C:\Program Files\AVG\AVG10\PCTuneup\MicroScanner.exe,
polecenie: -REGSERVER
Error - 2011-08-22 14:00:18 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
[ System Events ]
Error - 2011-08-19 14:42:34 | Computer Name = PPP-8163AC0F4B3 | Source = ipnathlp | ID = 32003
Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji
przez
moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji,
niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu.
Error - 2011-08-20 08:21:36 | Computer Name = PPP-8163AC0F4B3 | Source = ipnathlp | ID = 32003
Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji
przez
moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji,
niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu.
Error - 2011-08-21 15:06:43 | Computer Name = PPP-8163AC0F4B3 | Source = Service Control Manager | ID = 7034
Description = Usługa srvbtcclient niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.
Error - 2011-08-22 12:42:47 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:42:49 | Computer Name = | Source = DCOM | ID = 10021
Description = Deskryptor zabezpieczeń uruchamiania i aktywacji aplikacji serwera
COM z identyfikatorem klasy {8BC3F05E-D86B-11D0-A075-00C04FB68820} jest nieprawidłowy.
Zawiera wpisy kontroli dostępu z nieprawidłowymi uprawnieniami. Z tego powodu żądana
akcja nie została wykonana. To uprawnienie zabezpieczeń można poprawić przy użyciu
narzędzia administracyjnego usług składowych.
Error - 2011-08-22 12:44:41 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:44:57 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:53:23 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 13:10:17 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 13:10:32 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
-
djkamil09061991
- Posty: 8250
- Rejestracja: 18 lut 2009, 11:54
- Lokalizacja: Wrocław
- Kontaktowanie:
Wirus z Facebooka.
Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:
Uruchom to poprzez Wykonaj skrypt i zatwierdź restart.
Po restarcie wykonaj nowy zestaw logów OTL oraz pokaż raport z usuwania OTL powstały po wykonaniu powyższego skryptu.
:OTL
MOD - [2011-08-22 15:47:33 | 000,137,728 | ---- | M] () -- C:\WINDOWS\systemup.exe
MOD - [2011-08-21 21:06:39 | 000,355,840 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
MOD - [2011-08-21 14:29:28 | 000,634,880 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
MOD - [2011-08-19 14:30:47 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
MOD - [2011-08-18 19:18:49 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
MOD - [2011-08-18 19:10:00 | 000,258,048 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
MOD - [2011-08-18 18:55:15 | 001,208,832 | -H-- | M] () -- C:\WINDOWS\update.tray-7-0\svchost.exe
MOD - [2011-08-18 18:55:15 | 001,208,832 | -H-- | M] () -- C:\WINDOWS\update.tray-12-0\svchost.exe
MOD - [2011-08-18 18:55:15 | 001,208,832 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
SRV - [2011-08-21 21:06:39 | 000,355,840 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011-08-21 14:29:28 | 000,634,880 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.2\svchost.exe -- (srviecheck)
SRV - [2011-08-19 14:30:47 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011-08-18 19:10:00 | 000,258,048 | ---- | M] () [Auto | Running] -- C:\WINDOWS\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011-08-18 18:55:15 | 001,208,832 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\update.1\svchost.exe -- (wxpdrivers)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [6211523.exe] C:\WINDOWS\TEMP\6211523.exe ()
O4 - HKLM..\Run: [7784930.exe] C:\WINDOWS\TEMP\7784930.exe ()
O4 - HKLM..\Run: [92569627-loader2.exe] C:\WINDOWS\TEMP\92569627-loader2.exe ()
O4 - HKLM..\Run: [9480731.exe] C:\WINDOWS\TEMP\9480731.exe ()
O4 - HKLM..\Run: [avast!] File not found
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\WINDOWS\systemup.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] C:\WINDOWS\update.tray-12-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [TrayServer] File not found
O4 - HKLM..\Run: [w_distrib.exe] C:\WINDOWS\update.3\svchost.exe ()
O4 - HKLM..\Run: [wxpdrv] C:\WINDOWS\services32.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\RunOnce: [!SearchquDSFF] C:\Documents and Settings\admin\Ustawienia lokalne\temp\SRAssetsHelper.dll ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\RunOnce: [!SearchquFFHP] C:\Documents and Settings\admin\Ustawienia lokalne\temp\installhelper.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O31 - SafeBoot: AlternateShell - services32.exe
O32 - AutoRun File - [2011-07-27 20:29:53 | 000,000,167 | -HS- | M] () - I:\AutoRun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
[2011-08-22 18:42:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-12-0-lnk
[2011-08-22 18:42:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-12-0
[2011-08-19 14:30:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.7.1
[2011-08-18 19:20:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011-08-18 19:20:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
[2011-08-18 19:20:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011-08-18 19:17:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011-08-18 19:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\WinRAR
[2011-08-18 19:14:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.3
[2011-08-18 19:14:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011-08-18 19:12:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011-08-18 19:08:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011-08-18 19:07:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0-lnk
[2011-08-18 19:07:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0
[2011-08-22 20:09:15 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hîsts
[2011-08-22 15:47:35 | 000,000,224 | ---- | M] () -- C:\WINDOWS\info1
[2011-08-22 15:47:33 | 000,137,728 | ---- | M] () -- C:\WINDOWS\systemup.exe
[2011-08-20 14:51:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-18 19:20:41 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011-08-18 19:20:41 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011-08-18 19:20:24 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011-08-18 19:20:24 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011-08-18 19:20:23 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011-08-18 19:18:49 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
[2011-08-18 19:10:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011-08-18 19:10:00 | 000,258,048 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
[2011-08-18 19:10:00 | 000,258,048 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
[2011-08-18 18:55:15 | 001,208,832 | ---- | M] () -- C:\WINDOWS\services32.exe
[2011-08-18 19:16:37 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\admin\Pulpit\Flash-Player.exe"=-
"C:\WINDOWS\update.1\svchost.exe"=-
"C:\WINDOWS\services32.exe"=-
"C:\WINDOWS\update.2\svchost.exe"=-
"C:\WINDOWS\update.3\svchost.exe"=-
:Commands
[emptyflash]
[resethosts]
[emptytemp]
Uruchom to poprzez Wykonaj skrypt i zatwierdź restart.
Po restarcie wykonaj nowy zestaw logów OTL oraz pokaż raport z usuwania OTL powstały po wykonaniu powyższego skryptu.
Mój kanał YouTube - Dostępne tylko dla zarejestrowanych użytkowników
Przyjmuje skiny Cs Go: Dostępne tylko dla zarejestrowanych użytkowników
Przyjmuje skiny Cs Go: Dostępne tylko dla zarejestrowanych użytkowników
-
daisy88
- Posty: 4
- Rejestracja: 22 sie 2011, 21:15
Wirus z Facebooka.
jak sądzę raport z usuwania:
All processes killed
========== OTL ==========
Service srvbtcclient stopped successfully!
Service srvbtcclient deleted successfully!
C:\WINDOWS\update.5.0\svchost.exe moved successfully.
Service srviecheck stopped successfully!
Service srviecheck deleted successfully!
C:\WINDOWS\update.2\svchost.exe moved successfully.
Service ddservice stopped successfully!
Service ddservice deleted successfully!
C:\WINDOWS\update.7.1\svchostdriver.exe moved successfully.
Service srvsysdriver32 stopped successfully!
Service srvsysdriver32 deleted successfully!
C:\WINDOWS\sysdriver32.exe moved successfully.
Service wxpdrivers stopped successfully!
Service wxpdrivers deleted successfully!
C:\WINDOWS\update.1\svchost.exe moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6211523.exe deleted successfully.
C:\WINDOWS\Temp\6211523.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7784930.exe deleted successfully.
C:\WINDOWS\Temp\7784930.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\92569627-loader2.exe deleted successfully.
C:\WINDOWS\Temp\92569627-loader2.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9480731.exe deleted successfully.
C:\WINDOWS\Temp\9480731.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast! deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\l1rezerv.exe deleted successfully.
C:\WINDOWS\l1rezerv.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe deleted successfully.
File C:\WINDOWS\sysdriver32.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe deleted successfully.
C:\WINDOWS\sysdriver32_.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\systemup deleted successfully.
C:\WINDOWS\systemup.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico0 deleted successfully.
C:\WINDOWS\update.tray-7-0\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully.
C:\WINDOWS\update.tray-12-0\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TrayServer deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\w_distrib.exe deleted successfully.
C:\WINDOWS\update.3\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv deleted successfully.
C:\WINDOWS\services32.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\!SearchquDSFF deleted successfully.
C:\Documents and Settings\admin\Ustawienia lokalne\temp\SRAssetsHelper.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\!SearchquFFHP deleted successfully.
C:\Documents and Settings\admin\Ustawienia lokalne\temp\installhelper.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.
I:\AutoRun.inf moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart deleted successfully.
C:\WINDOWS\update.tray-12-0-lnk folder moved successfully.
C:\WINDOWS\update.tray-12-0 folder moved successfully.
C:\WINDOWS\update.7.1 folder moved successfully.
C:\WINDOWS\ufa folder moved successfully.
C:\WINDOWS\rpcminer folder moved successfully.
C:\WINDOWS\phoenix\kernels\poclbm folder moved successfully.
C:\WINDOWS\phoenix\kernels\phatk folder moved successfully.
C:\WINDOWS\phoenix\kernels folder moved successfully.
C:\WINDOWS\phoenix folder moved successfully.
C:\WINDOWS\update.5.0 folder moved successfully.
C:\Documents and Settings\LocalService\Dane aplikacji\WinRAR folder moved successfully.
C:\WINDOWS\update.3 folder moved successfully.
C:\WINDOWS\update.2 folder moved successfully.
C:\WINDOWS\av_ico folder moved successfully.
C:\WINDOWS\update.1 folder moved successfully.
C:\WINDOWS\update.tray-7-0-lnk folder moved successfully.
C:\WINDOWS\update.tray-7-0 folder moved successfully.
C:\WINDOWS\system32\drivers\etc\hîsts moved successfully.
C:\WINDOWS\info1 moved successfully.
File C:\WINDOWS\systemup.exe not found.
C:\WINDOWS\system32\wpa.dbl moved successfully.
C:\WINDOWS\geoiplist.rar moved successfully.
C:\WINDOWS\unrar.exe moved successfully.
C:\WINDOWS\phoenix.rar moved successfully.
C:\WINDOWS\ufa.rar moved successfully.
C:\WINDOWS\rpcminer.rar moved successfully.
File C:\WINDOWS\l1rezerv.exe not found.
C:\WINDOWS\loader2.exe_ok moved successfully.
File C:\WINDOWS\sysdriver32_.exe not found.
File C:\WINDOWS\sysdriver32.exe not found.
File C:\WINDOWS\services32.exe not found.
C:\WINDOWS\geoiplist moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.
========== COMMANDS ==========
[EMPTYFLASH]
User: admin
->Flash cache emptied: 81564 bytes
User: All Users
User: Default User
->Flash cache emptied: 41 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: admin
->Temp folder emptied: 478158261 bytes
->Temporary Internet Files folder emptied: 584121453 bytes
->Java cache emptied: 3230244 bytes
->FireFox cache emptied: 51980508 bytes
->Google Chrome cache emptied: 6127209 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1630690 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2202960 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134112 bytes
%systemroot%\System32 .tmp files removed: 58404 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19134083 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 096,00 mb
OTL by OldTimer - Version 3.2.26.5 log created on 08222011_222347
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-- 22 sie 2011, 22:36 --
OTL logfile created on: 2011-08-22 22:31:49 - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1014,36 Mb Total Physical Memory | 605,31 Mb Available Physical Memory | 59,67% Memory free
2,39 Gb Paging File | 2,11 Gb Available in Paging File | 88,26% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,17 Gb Free Space | 16,22% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 5,23 Gb Free Space | 13,40% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 5,60 Gb Free Space | 10,53% Space Free | Partition Type: NTFS
Computer Name: PPP-8163AC0F4B3 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-08-22 20:47:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
PRC - [2011-08-09 20:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011-08-09 20:06:05 | 001,599,376 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2010-03-31 22:42:38 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-04-28 07:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- D:\Program Files\winamp\winampa.exe
PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2009-09-04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009-02-03 04:15:28 | 003,771,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- D:\Program Files\winamp\winampa.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-08-09 20:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2005-11-17 14:18:52 | 001,527,900 | ---- | M] (MAGIX?) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - [2009-12-19 20:22:01 | 000,104,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009-05-25 11:49:10 | 000,086,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009-05-25 11:49:08 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009-05-25 11:49:08 | 000,109,480 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV - [2009-05-25 11:49:08 | 000,108,200 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV - [2009-05-25 11:49:08 | 000,104,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009-05-25 11:49:08 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV - [2009-05-25 11:49:08 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2008-05-16 01:15:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008-03-17 11:03:46 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-10-19 10:29:22 | 000,161,792 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007-05-30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-01-25 05:44:06 | 000,290,304 | R--- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-12-23 02:56:44 | 000,988,800 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006-12-23 02:56:00 | 000,209,664 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006-12-23 02:55:56 | 000,730,112 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006-10-13 07:28:42 | 000,604,928 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2001-08-17 23:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 23:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006-01-17 12:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-03 10:16:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\ffox@bandoo.com [2011-08-22 20:44:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\admin\Dane aplikacji\IDM\idmmzcc3
[2011-08-22 20:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2011-08-22 20:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions
[2011-08-22 20:41:55 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011-02-01 14:36:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011-08-22 20:44:28 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\ffox@bandoo.com
[2011-05-01 21:21:44 | 000,002,387 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\searchplugins\askcom.xml
[2011-08-22 20:41:51 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\searchplugins\SearchResults.xml
[2011-08-22 20:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006-01-17 20:32:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2006-01-17 20:32:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-08-22 20:42:00 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2006-01-17 20:32:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009-09-30 08:32:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-09-30 08:32:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-09-30 08:32:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-09-30 08:32:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-08-22 20:41:51 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2009-09-30 08:32:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-09-30 08:32:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2011-08-22 22:24:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Dostępne tylko dla zarejestrowanych użytkowników (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Dostępne tylko dla zarejestrowanych użytkowników (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\datamngr.dll) - c:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\iebho.dll) - c:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-06-25 14:30:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\admin\Pulpit\badyda zagroenia dla rodowiska ze strony transportu.pdf
[2011-08-22 22:23:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-08-22 20:47:29 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
[2011-08-22 20:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Ilivid Player
[2011-08-22 20:44:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bandoo
[2011-08-22 20:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2011-08-22 20:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2011-08-22 20:42:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011-08-22 20:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iLivid
[2011-08-22 20:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2011-08-22 20:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\searchqutoolbar
[2011-08-22 20:41:52 | 002,075,104 | ---- | C] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1(2).exe
[2011-08-22 20:41:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2011-08-22 20:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011-08-22 20:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PackageAware
[2011-08-22 20:41:15 | 002,075,104 | ---- | C] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1.exe
[2011-08-22 20:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-08-22 20:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programy\HiJackThis
[2011-08-22 18:31:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-08-22 18:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes
[2011-08-22 18:25:56 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-08-22 18:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-08-22 18:25:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-08-22 18:25:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-08-22 18:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-08-20 16:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2011-08-18 12:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\rys
[1 C:\Documents and Settings\admin\Pulpit\*.tmp files -> C:\Documents and Settings\admin\Pulpit\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\admin\Pulpit\badyda zagroenia dla rodowiska ze strony transportu.pdf
[2011-08-22 22:26:26 | 000,000,031 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2011-08-22 22:26:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011-08-22 22:26:05 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-22 22:25:59 | 000,002,126 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-22 22:25:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-08-22 22:24:29 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011-08-22 22:07:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-22 20:51:10 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\HiJackThis.lnk
[2011-08-22 20:47:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
[2011-08-22 20:45:17 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Try New Messenger for Facebook.url
[2011-08-22 20:42:40 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iLivid Download Manager.lnk
[2011-08-22 20:41:57 | 002,075,104 | ---- | M] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1(2).exe
[2011-08-22 20:41:23 | 002,075,104 | ---- | M] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1.exe
[2011-08-22 20:00:14 | 000,001,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2011-08-22 19:10:26 | 000,000,331 | ---- | M] () -- C:\boot.ini
[2011-08-22 18:29:43 | 000,001,027 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Continue FoxTab AVI Converter Installation.lnk
[2011-08-22 18:25:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-08-18 18:49:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-08-17 22:56:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-08-17 20:40:41 | 000,380,040 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\tercjemat.pdf
[2011-08-16 18:14:10 | 003,895,707 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\PN_88-B-02171.pdf
[2011-08-05 05:31:58 | 000,436,560 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-08-05 05:31:58 | 000,380,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-08-05 05:31:58 | 000,067,496 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-08-05 05:31:58 | 000,053,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-08-04 18:13:48 | 000,173,143 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\matlab3.pdf
[2011-07-24 16:01:02 | 001,100,796 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Byron Katie i Michael Katz Kłamstwa o miłości.pdf
[2011-07-24 14:21:37 | 000,170,207 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\metroplan.jpg
[1 C:\Documents and Settings\admin\Pulpit\*.tmp files -> C:\Documents and Settings\admin\Pulpit\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011-08-22 22:25:58 | 000,002,126 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-22 20:45:17 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Try New Messenger for Facebook.url
[2011-08-22 20:42:40 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iLivid Download Manager.lnk
[2011-08-22 20:16:25 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\HiJackThis.lnk
[2011-08-22 18:29:43 | 000,001,027 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Continue FoxTab AVI Converter Installation.lnk
[2011-08-22 18:25:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-08-17 20:40:41 | 000,380,040 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\tercjemat.pdf
[2011-08-16 18:13:57 | 003,895,707 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\PN_88-B-02171.pdf
[2011-08-04 18:13:48 | 000,173,143 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\matlab3.pdf
[2011-07-24 16:00:53 | 001,100,796 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Byron Katie i Michael Katz Kłamstwa o miłości.pdf
[2011-07-24 14:21:33 | 000,170,207 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\metroplan.jpg
[2011-05-30 15:01:38 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011-05-30 15:01:15 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2011-05-12 12:39:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-02-09 23:24:45 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysInfo.dll
[2011-02-09 23:24:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-06-23 11:00:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-06-22 22:09:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2010-04-08 16:05:53 | 000,000,113 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\AVSMediaPlayer.m3u
[2010-04-08 15:56:53 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-01-20 16:55:44 | 000,000,031 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2010-01-14 19:25:58 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-06-22 12:37:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-04-03 00:35:06 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2008-09-04 17:49:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008-07-07 23:31:47 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-06-27 18:29:58 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-06-27 18:22:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-06-25 16:18:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-06-25 16:16:38 | 000,145,216 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-06-25 16:12:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-06-25 16:12:19 | 000,212,480 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-06-25 15:43:51 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-06-25 14:52:19 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008-06-25 14:52:15 | 000,910,464 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008-06-25 14:33:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008-06-25 14:27:15 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-02-07 10:05:18 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2006-01-17 12:29:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2006-01-17 12:29:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2006-01-17 12:29:55 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2006-01-17 12:29:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2006-01-17 12:29:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002-10-06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002-10-05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002-10-05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002-10-05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001-10-26 18:15:16 | 000,436,560 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,067,496 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:30:24 | 000,380,684 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,053,098 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2009-02-09 00:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\BESTplayer
[2011-05-10 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\DMCache
[2008-06-28 14:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu
[2009-12-31 02:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu 10
[2011-05-12 10:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\IDM
[2009-10-16 20:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ipla
[2009-06-24 22:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\LG Electronics
[2011-05-30 15:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\MAGIX
[2011-08-22 20:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\searchqutoolbar
[2011-08-22 18:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Spotify
[2011-03-07 21:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TS3Client
[2011-02-06 22:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent
[2011-08-22 20:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2011-08-22 20:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2009-06-19 20:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-05-30 19:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2011-08-22 18:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2008-06-27 18:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2010-01-20 16:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SlySoft
[2010-11-02 15:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009-10-07 20:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011-08-22 20:42:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011-08-22 22:26:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
< End of report >
-- 22 sie 2011, 22:36 --
OTL logfile created on: 2011-08-22 22:31:49 - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1014,36 Mb Total Physical Memory | 605,31 Mb Available Physical Memory | 59,67% Memory free
2,39 Gb Paging File | 2,11 Gb Available in Paging File | 88,26% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,17 Gb Free Space | 16,22% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 5,23 Gb Free Space | 13,40% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 5,60 Gb Free Space | 10,53% Space Free | Partition Type: NTFS
Computer Name: PPP-8163AC0F4B3 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-08-22 20:47:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
PRC - [2011-08-09 20:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011-08-09 20:06:05 | 001,599,376 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2010-03-31 22:42:38 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-04-28 07:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- D:\Program Files\winamp\winampa.exe
PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2009-09-04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009-02-03 04:15:28 | 003,771,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- D:\Program Files\winamp\winampa.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-08-09 20:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2005-11-17 14:18:52 | 001,527,900 | ---- | M] (MAGIX?) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - [2009-12-19 20:22:01 | 000,104,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009-05-25 11:49:10 | 000,086,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009-05-25 11:49:08 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009-05-25 11:49:08 | 000,109,480 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV - [2009-05-25 11:49:08 | 000,108,200 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV - [2009-05-25 11:49:08 | 000,104,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009-05-25 11:49:08 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV - [2009-05-25 11:49:08 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2008-05-16 01:15:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008-03-17 11:03:46 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-10-19 10:29:22 | 000,161,792 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007-05-30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-01-25 05:44:06 | 000,290,304 | R--- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-12-23 02:56:44 | 000,988,800 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006-12-23 02:56:00 | 000,209,664 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006-12-23 02:55:56 | 000,730,112 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006-10-13 07:28:42 | 000,604,928 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2001-08-17 23:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 23:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006-01-17 12:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-03 10:16:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\ffox@bandoo.com [2011-08-22 20:44:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\admin\Dane aplikacji\IDM\idmmzcc3
[2011-08-22 20:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2011-08-22 20:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions
[2011-08-22 20:41:55 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011-02-01 14:36:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011-08-22 20:44:28 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\ffox@bandoo.com
[2011-05-01 21:21:44 | 000,002,387 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\searchplugins\askcom.xml
[2011-08-22 20:41:51 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\searchplugins\SearchResults.xml
[2011-08-22 20:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006-01-17 20:32:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2006-01-17 20:32:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-08-22 20:42:00 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2006-01-17 20:32:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009-09-30 08:32:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-09-30 08:32:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-09-30 08:32:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-09-30 08:32:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-08-22 20:41:51 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2009-09-30 08:32:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-09-30 08:32:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2011-08-22 22:24:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Dostępne tylko dla zarejestrowanych użytkowników (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Dostępne tylko dla zarejestrowanych użytkowników (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\datamngr.dll) - c:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\iebho.dll) - c:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-06-25 14:30:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\admin\Pulpit\badyda zagroenia dla rodowiska ze strony transportu.pdf
[2011-08-22 22:23:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-08-22 20:47:29 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
[2011-08-22 20:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Ilivid Player
[2011-08-22 20:44:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bandoo
[2011-08-22 20:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2011-08-22 20:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2011-08-22 20:42:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011-08-22 20:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iLivid
[2011-08-22 20:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2011-08-22 20:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\searchqutoolbar
[2011-08-22 20:41:52 | 002,075,104 | ---- | C] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1(2).exe
[2011-08-22 20:41:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2011-08-22 20:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011-08-22 20:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PackageAware
[2011-08-22 20:41:15 | 002,075,104 | ---- | C] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1.exe
[2011-08-22 20:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-08-22 20:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programy\HiJackThis
[2011-08-22 18:31:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-08-22 18:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes
[2011-08-22 18:25:56 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-08-22 18:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-08-22 18:25:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-08-22 18:25:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-08-22 18:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-08-20 16:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2011-08-18 12:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\rys
[1 C:\Documents and Settings\admin\Pulpit\*.tmp files -> C:\Documents and Settings\admin\Pulpit\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\admin\Pulpit\badyda zagroenia dla rodowiska ze strony transportu.pdf
[2011-08-22 22:26:26 | 000,000,031 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2011-08-22 22:26:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011-08-22 22:26:05 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-22 22:25:59 | 000,002,126 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-22 22:25:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-08-22 22:24:29 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011-08-22 22:07:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-22 20:51:10 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\HiJackThis.lnk
[2011-08-22 20:47:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
[2011-08-22 20:45:17 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Try New Messenger for Facebook.url
[2011-08-22 20:42:40 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iLivid Download Manager.lnk
[2011-08-22 20:41:57 | 002,075,104 | ---- | M] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1(2).exe
[2011-08-22 20:41:23 | 002,075,104 | ---- | M] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1.exe
[2011-08-22 20:00:14 | 000,001,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2011-08-22 19:10:26 | 000,000,331 | ---- | M] () -- C:\boot.ini
[2011-08-22 18:29:43 | 000,001,027 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Continue FoxTab AVI Converter Installation.lnk
[2011-08-22 18:25:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-08-18 18:49:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-08-17 22:56:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-08-17 20:40:41 | 000,380,040 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\tercjemat.pdf
[2011-08-16 18:14:10 | 003,895,707 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\PN_88-B-02171.pdf
[2011-08-05 05:31:58 | 000,436,560 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-08-05 05:31:58 | 000,380,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-08-05 05:31:58 | 000,067,496 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-08-05 05:31:58 | 000,053,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-08-04 18:13:48 | 000,173,143 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\matlab3.pdf
[2011-07-24 16:01:02 | 001,100,796 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Byron Katie i Michael Katz Kłamstwa o miłości.pdf
[2011-07-24 14:21:37 | 000,170,207 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\metroplan.jpg
[1 C:\Documents and Settings\admin\Pulpit\*.tmp files -> C:\Documents and Settings\admin\Pulpit\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011-08-22 22:25:58 | 000,002,126 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-22 20:45:17 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Try New Messenger for Facebook.url
[2011-08-22 20:42:40 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iLivid Download Manager.lnk
[2011-08-22 20:16:25 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\HiJackThis.lnk
[2011-08-22 18:29:43 | 000,001,027 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Continue FoxTab AVI Converter Installation.lnk
[2011-08-22 18:25:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-08-17 20:40:41 | 000,380,040 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\tercjemat.pdf
[2011-08-16 18:13:57 | 003,895,707 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\PN_88-B-02171.pdf
[2011-08-04 18:13:48 | 000,173,143 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\matlab3.pdf
[2011-07-24 16:00:53 | 001,100,796 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Byron Katie i Michael Katz Kłamstwa o miłości.pdf
[2011-07-24 14:21:33 | 000,170,207 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\metroplan.jpg
[2011-05-30 15:01:38 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011-05-30 15:01:15 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2011-05-12 12:39:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-02-09 23:24:45 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysInfo.dll
[2011-02-09 23:24:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-06-23 11:00:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-06-22 22:09:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2010-04-08 16:05:53 | 000,000,113 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\AVSMediaPlayer.m3u
[2010-04-08 15:56:53 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-01-20 16:55:44 | 000,000,031 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2010-01-14 19:25:58 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-06-22 12:37:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-04-03 00:35:06 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2008-09-04 17:49:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008-07-07 23:31:47 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-06-27 18:29:58 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-06-27 18:22:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-06-25 16:18:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-06-25 16:16:38 | 000,145,216 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-06-25 16:12:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-06-25 16:12:19 | 000,212,480 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-06-25 15:43:51 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-06-25 14:52:19 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008-06-25 14:52:15 | 000,910,464 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008-06-25 14:33:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008-06-25 14:27:15 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-02-07 10:05:18 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2006-01-17 12:29:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2006-01-17 12:29:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2006-01-17 12:29:55 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2006-01-17 12:29:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2006-01-17 12:29:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002-10-06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002-10-05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002-10-05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002-10-05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001-10-26 18:15:16 | 000,436,560 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,067,496 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:30:24 | 000,380,684 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,053,098 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2009-02-09 00:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\BESTplayer
[2011-05-10 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\DMCache
[2008-06-28 14:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu
[2009-12-31 02:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu 10
[2011-05-12 10:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\IDM
[2009-10-16 20:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ipla
[2009-06-24 22:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\LG Electronics
[2011-05-30 15:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\MAGIX
[2011-08-22 20:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\searchqutoolbar
[2011-08-22 18:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Spotify
[2011-03-07 21:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TS3Client
[2011-02-06 22:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent
[2011-08-22 20:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2011-08-22 20:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2009-06-19 20:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-05-30 19:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2011-08-22 18:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2008-06-27 18:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2010-01-20 16:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SlySoft
[2010-11-02 15:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009-10-07 20:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011-08-22 20:42:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011-08-22 22:26:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
< End of report >
-- 22 sie 2011, 22:39 --
przepraszam, 2 razy to samo
teraz Extras.txt:
OTL Extras logfile created on: 2011-08-22 22:31:49 - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1014,36 Mb Total Physical Memory | 605,31 Mb Available Physical Memory | 59,67% Memory free
2,39 Gb Paging File | 2,11 Gb Available in Paging File | 88,26% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,17 Gb Free Space | 16,22% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 5,23 Gb Free Space | 13,40% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 5,60 Gb Free Space | 10,53% Space Free | Partition Type: NTFS
Computer Name: PPP-8163AC0F4B3 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE -- (Software 2000 Limited)
"C:\Documents and Settings\admin\Pulpit\Flash-Player.exe" = C:\Documents and Settings\admin\Pulpit\Flash-Player.exe:*:Enabled:C:\Documents and Settings\admin\Pulpit\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe
"C:\WINDOWS\services32.exe" = C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe
"C:\WINDOWS\update.3\svchost.exe" = C:\WINDOWS\update.3\svchost.exe:*:Enabled:C:\WINDOWS\update.3\svchost.exe
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype? 3.8
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}" = MSN Messenger 7.0
"{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C98F2FE6-5AF5-11D6-8209-00D0B701C7B5}" = Terayon DOCSIS Modem
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnyDVD" = AnyDVD
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Bandoo" = Bandoo
"Budzik_is1" = Budzik 1.04
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Elecard AVC Streaming PlugIn for WMP 1.1.71114" = Elecard AVC Streaming PlugIn for WMP
"Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.5.71225" = Elecard MPEG-2 Decoder&Streaming Plug-in for WMP
"Firebird SQL Server US" = Firebird SQL Server - MAGIX Edition
"Gadu-Gadu" = Gadu-Gadu 7.7
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"iLivid" = iLivid
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.1.1800
"MatlabR2011a" = MATLAB R2011a
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Orb" = Winamp Remote
"PLAY ONLINE" = PLAY ONLINE
"PocketRAR" = Pocket RAR documentation
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Recuva" = Recuva
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"Spotify" = Spotify
"SubEdit-Player_is1" = SubEdit-Player
"TOEFL Sample Questions" = TOEFL Sample Questions
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = Archiwizator WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 2008-08-28 16:24:09 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2008-08-28 16:49:44 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2008-08-29 00:02:10 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2009-01-14 08:20:04 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:02:23 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:02:23 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:05:26 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:05:26 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:15:38 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:15:38 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 2011-08-22 10:00:31 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2344
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2344
Error - 2011-08-22 12:46:19 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 12:49:46 | Computer Name = PPP-8163AC0F4B3 | Source = MsiInstaller | ID = 11722
Description = SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2011 ? Błąd
1722. SA_Error1722: StandardAction(0xC00706BA): Wystąpił problem z tym pakietem
Instalatora Windows. Program uruchamiany jako część instalacji nie zakończył pracy
w oczekiwany sposób. Skontaktuj się z zespołem pomocy technicznej lub dostawcą
pakietu. Akcja RegisterTuneUp, położenie: C:\Program Files\AVG\AVG10\PCTuneup\MicroScanner.exe,
polecenie: -REGSERVER
Error - 2011-08-22 14:00:18 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 16:24:50 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to 800706BA z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 16:24:50 | Computer Name = PPP-8163AC0F4B3 | Source = VSS | ID = 8193
Description = Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas
wywoływania procedury CoCreateInstance. hr = 0x80040206.
Error - 2011-08-22 16:25:59 | Computer Name = PPP-8163AC0F4B3 | Source = Windows Product Activation | ID = 1010
Description = Licencja systemu Windows została przywrócona z powodu błędu systemowego.
Może być potrzebne ponowne przeprowadzenie aktywacji tego produktu Windows.
[ System Events ]
Error - 2011-08-19 14:42:34 | Computer Name = PPP-8163AC0F4B3 | Source = ipnathlp | ID = 32003
Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji
przez
moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji,
niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu.
Error - 2011-08-20 08:21:36 | Computer Name = PPP-8163AC0F4B3 | Source = ipnathlp | ID = 32003
Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji
przez
moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji,
niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu.
Error - 2011-08-21 15:06:43 | Computer Name = PPP-8163AC0F4B3 | Source = Service Control Manager | ID = 7034
Description = Usługa srvbtcclient niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.
Error - 2011-08-22 12:42:47 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:42:49 | Computer Name = | Source = DCOM | ID = 10021
Description = Deskryptor zabezpieczeń uruchamiania i aktywacji aplikacji serwera
COM z identyfikatorem klasy {8BC3F05E-D86B-11D0-A075-00C04FB68820} jest nieprawidłowy.
Zawiera wpisy kontroli dostępu z nieprawidłowymi uprawnieniami. Z tego powodu żądana
akcja nie została wykonana. To uprawnienie zabezpieczeń można poprawić przy użyciu
narzędzia administracyjnego usług składowych.
Error - 2011-08-22 12:44:41 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:44:57 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:53:23 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 13:10:17 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 13:10:32 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
All processes killed
========== OTL ==========
Service srvbtcclient stopped successfully!
Service srvbtcclient deleted successfully!
C:\WINDOWS\update.5.0\svchost.exe moved successfully.
Service srviecheck stopped successfully!
Service srviecheck deleted successfully!
C:\WINDOWS\update.2\svchost.exe moved successfully.
Service ddservice stopped successfully!
Service ddservice deleted successfully!
C:\WINDOWS\update.7.1\svchostdriver.exe moved successfully.
Service srvsysdriver32 stopped successfully!
Service srvsysdriver32 deleted successfully!
C:\WINDOWS\sysdriver32.exe moved successfully.
Service wxpdrivers stopped successfully!
Service wxpdrivers deleted successfully!
C:\WINDOWS\update.1\svchost.exe moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6211523.exe deleted successfully.
C:\WINDOWS\Temp\6211523.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7784930.exe deleted successfully.
C:\WINDOWS\Temp\7784930.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\92569627-loader2.exe deleted successfully.
C:\WINDOWS\Temp\92569627-loader2.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9480731.exe deleted successfully.
C:\WINDOWS\Temp\9480731.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast! deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\l1rezerv.exe deleted successfully.
C:\WINDOWS\l1rezerv.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe deleted successfully.
File C:\WINDOWS\sysdriver32.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe deleted successfully.
C:\WINDOWS\sysdriver32_.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\systemup deleted successfully.
C:\WINDOWS\systemup.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico0 deleted successfully.
C:\WINDOWS\update.tray-7-0\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully.
C:\WINDOWS\update.tray-12-0\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TrayServer deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\w_distrib.exe deleted successfully.
C:\WINDOWS\update.3\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv deleted successfully.
C:\WINDOWS\services32.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\!SearchquDSFF deleted successfully.
C:\Documents and Settings\admin\Ustawienia lokalne\temp\SRAssetsHelper.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\!SearchquFFHP deleted successfully.
C:\Documents and Settings\admin\Ustawienia lokalne\temp\installhelper.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.
I:\AutoRun.inf moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart deleted successfully.
C:\WINDOWS\update.tray-12-0-lnk folder moved successfully.
C:\WINDOWS\update.tray-12-0 folder moved successfully.
C:\WINDOWS\update.7.1 folder moved successfully.
C:\WINDOWS\ufa folder moved successfully.
C:\WINDOWS\rpcminer folder moved successfully.
C:\WINDOWS\phoenix\kernels\poclbm folder moved successfully.
C:\WINDOWS\phoenix\kernels\phatk folder moved successfully.
C:\WINDOWS\phoenix\kernels folder moved successfully.
C:\WINDOWS\phoenix folder moved successfully.
C:\WINDOWS\update.5.0 folder moved successfully.
C:\Documents and Settings\LocalService\Dane aplikacji\WinRAR folder moved successfully.
C:\WINDOWS\update.3 folder moved successfully.
C:\WINDOWS\update.2 folder moved successfully.
C:\WINDOWS\av_ico folder moved successfully.
C:\WINDOWS\update.1 folder moved successfully.
C:\WINDOWS\update.tray-7-0-lnk folder moved successfully.
C:\WINDOWS\update.tray-7-0 folder moved successfully.
C:\WINDOWS\system32\drivers\etc\hîsts moved successfully.
C:\WINDOWS\info1 moved successfully.
File C:\WINDOWS\systemup.exe not found.
C:\WINDOWS\system32\wpa.dbl moved successfully.
C:\WINDOWS\geoiplist.rar moved successfully.
C:\WINDOWS\unrar.exe moved successfully.
C:\WINDOWS\phoenix.rar moved successfully.
C:\WINDOWS\ufa.rar moved successfully.
C:\WINDOWS\rpcminer.rar moved successfully.
File C:\WINDOWS\l1rezerv.exe not found.
C:\WINDOWS\loader2.exe_ok moved successfully.
File C:\WINDOWS\sysdriver32_.exe not found.
File C:\WINDOWS\sysdriver32.exe not found.
File C:\WINDOWS\services32.exe not found.
C:\WINDOWS\geoiplist moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.
========== COMMANDS ==========
[EMPTYFLASH]
User: admin
->Flash cache emptied: 81564 bytes
User: All Users
User: Default User
->Flash cache emptied: 41 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: admin
->Temp folder emptied: 478158261 bytes
->Temporary Internet Files folder emptied: 584121453 bytes
->Java cache emptied: 3230244 bytes
->FireFox cache emptied: 51980508 bytes
->Google Chrome cache emptied: 6127209 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1630690 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2202960 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134112 bytes
%systemroot%\System32 .tmp files removed: 58404 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19134083 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 096,00 mb
OTL by OldTimer - Version 3.2.26.5 log created on 08222011_222347
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-- 22 sie 2011, 22:36 --
OTL logfile created on: 2011-08-22 22:31:49 - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1014,36 Mb Total Physical Memory | 605,31 Mb Available Physical Memory | 59,67% Memory free
2,39 Gb Paging File | 2,11 Gb Available in Paging File | 88,26% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,17 Gb Free Space | 16,22% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 5,23 Gb Free Space | 13,40% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 5,60 Gb Free Space | 10,53% Space Free | Partition Type: NTFS
Computer Name: PPP-8163AC0F4B3 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-08-22 20:47:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
PRC - [2011-08-09 20:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011-08-09 20:06:05 | 001,599,376 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2010-03-31 22:42:38 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-04-28 07:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- D:\Program Files\winamp\winampa.exe
PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2009-09-04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009-02-03 04:15:28 | 003,771,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- D:\Program Files\winamp\winampa.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-08-09 20:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2005-11-17 14:18:52 | 001,527,900 | ---- | M] (MAGIX?) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - [2009-12-19 20:22:01 | 000,104,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009-05-25 11:49:10 | 000,086,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009-05-25 11:49:08 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009-05-25 11:49:08 | 000,109,480 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV - [2009-05-25 11:49:08 | 000,108,200 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV - [2009-05-25 11:49:08 | 000,104,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009-05-25 11:49:08 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV - [2009-05-25 11:49:08 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2008-05-16 01:15:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008-03-17 11:03:46 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-10-19 10:29:22 | 000,161,792 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007-05-30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-01-25 05:44:06 | 000,290,304 | R--- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-12-23 02:56:44 | 000,988,800 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006-12-23 02:56:00 | 000,209,664 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006-12-23 02:55:56 | 000,730,112 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006-10-13 07:28:42 | 000,604,928 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2001-08-17 23:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 23:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006-01-17 12:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-03 10:16:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\ffox@bandoo.com [2011-08-22 20:44:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\admin\Dane aplikacji\IDM\idmmzcc3
[2011-08-22 20:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2011-08-22 20:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions
[2011-08-22 20:41:55 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011-02-01 14:36:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011-08-22 20:44:28 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\ffox@bandoo.com
[2011-05-01 21:21:44 | 000,002,387 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\searchplugins\askcom.xml
[2011-08-22 20:41:51 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\searchplugins\SearchResults.xml
[2011-08-22 20:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006-01-17 20:32:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2006-01-17 20:32:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-08-22 20:42:00 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2006-01-17 20:32:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009-09-30 08:32:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-09-30 08:32:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-09-30 08:32:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-09-30 08:32:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-08-22 20:41:51 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2009-09-30 08:32:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-09-30 08:32:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2011-08-22 22:24:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Dostępne tylko dla zarejestrowanych użytkowników (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Dostępne tylko dla zarejestrowanych użytkowników (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\datamngr.dll) - c:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\iebho.dll) - c:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-06-25 14:30:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\admin\Pulpit\badyda zagroenia dla rodowiska ze strony transportu.pdf
[2011-08-22 22:23:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-08-22 20:47:29 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
[2011-08-22 20:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Ilivid Player
[2011-08-22 20:44:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bandoo
[2011-08-22 20:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2011-08-22 20:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2011-08-22 20:42:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011-08-22 20:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iLivid
[2011-08-22 20:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2011-08-22 20:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\searchqutoolbar
[2011-08-22 20:41:52 | 002,075,104 | ---- | C] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1(2).exe
[2011-08-22 20:41:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2011-08-22 20:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011-08-22 20:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PackageAware
[2011-08-22 20:41:15 | 002,075,104 | ---- | C] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1.exe
[2011-08-22 20:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-08-22 20:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programy\HiJackThis
[2011-08-22 18:31:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-08-22 18:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes
[2011-08-22 18:25:56 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-08-22 18:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-08-22 18:25:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-08-22 18:25:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-08-22 18:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-08-20 16:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2011-08-18 12:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\rys
[1 C:\Documents and Settings\admin\Pulpit\*.tmp files -> C:\Documents and Settings\admin\Pulpit\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\admin\Pulpit\badyda zagroenia dla rodowiska ze strony transportu.pdf
[2011-08-22 22:26:26 | 000,000,031 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2011-08-22 22:26:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011-08-22 22:26:05 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-22 22:25:59 | 000,002,126 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-22 22:25:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-08-22 22:24:29 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011-08-22 22:07:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-22 20:51:10 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\HiJackThis.lnk
[2011-08-22 20:47:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
[2011-08-22 20:45:17 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Try New Messenger for Facebook.url
[2011-08-22 20:42:40 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iLivid Download Manager.lnk
[2011-08-22 20:41:57 | 002,075,104 | ---- | M] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1(2).exe
[2011-08-22 20:41:23 | 002,075,104 | ---- | M] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1.exe
[2011-08-22 20:00:14 | 000,001,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2011-08-22 19:10:26 | 000,000,331 | ---- | M] () -- C:\boot.ini
[2011-08-22 18:29:43 | 000,001,027 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Continue FoxTab AVI Converter Installation.lnk
[2011-08-22 18:25:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-08-18 18:49:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-08-17 22:56:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-08-17 20:40:41 | 000,380,040 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\tercjemat.pdf
[2011-08-16 18:14:10 | 003,895,707 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\PN_88-B-02171.pdf
[2011-08-05 05:31:58 | 000,436,560 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-08-05 05:31:58 | 000,380,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-08-05 05:31:58 | 000,067,496 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-08-05 05:31:58 | 000,053,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-08-04 18:13:48 | 000,173,143 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\matlab3.pdf
[2011-07-24 16:01:02 | 001,100,796 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Byron Katie i Michael Katz Kłamstwa o miłości.pdf
[2011-07-24 14:21:37 | 000,170,207 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\metroplan.jpg
[1 C:\Documents and Settings\admin\Pulpit\*.tmp files -> C:\Documents and Settings\admin\Pulpit\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011-08-22 22:25:58 | 000,002,126 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-22 20:45:17 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Try New Messenger for Facebook.url
[2011-08-22 20:42:40 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iLivid Download Manager.lnk
[2011-08-22 20:16:25 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\HiJackThis.lnk
[2011-08-22 18:29:43 | 000,001,027 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Continue FoxTab AVI Converter Installation.lnk
[2011-08-22 18:25:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-08-17 20:40:41 | 000,380,040 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\tercjemat.pdf
[2011-08-16 18:13:57 | 003,895,707 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\PN_88-B-02171.pdf
[2011-08-04 18:13:48 | 000,173,143 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\matlab3.pdf
[2011-07-24 16:00:53 | 001,100,796 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Byron Katie i Michael Katz Kłamstwa o miłości.pdf
[2011-07-24 14:21:33 | 000,170,207 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\metroplan.jpg
[2011-05-30 15:01:38 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011-05-30 15:01:15 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2011-05-12 12:39:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-02-09 23:24:45 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysInfo.dll
[2011-02-09 23:24:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-06-23 11:00:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-06-22 22:09:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2010-04-08 16:05:53 | 000,000,113 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\AVSMediaPlayer.m3u
[2010-04-08 15:56:53 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-01-20 16:55:44 | 000,000,031 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2010-01-14 19:25:58 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-06-22 12:37:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-04-03 00:35:06 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2008-09-04 17:49:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008-07-07 23:31:47 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-06-27 18:29:58 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-06-27 18:22:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-06-25 16:18:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-06-25 16:16:38 | 000,145,216 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-06-25 16:12:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-06-25 16:12:19 | 000,212,480 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-06-25 15:43:51 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-06-25 14:52:19 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008-06-25 14:52:15 | 000,910,464 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008-06-25 14:33:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008-06-25 14:27:15 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-02-07 10:05:18 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2006-01-17 12:29:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2006-01-17 12:29:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2006-01-17 12:29:55 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2006-01-17 12:29:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2006-01-17 12:29:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002-10-06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002-10-05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002-10-05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002-10-05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001-10-26 18:15:16 | 000,436,560 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,067,496 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:30:24 | 000,380,684 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,053,098 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2009-02-09 00:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\BESTplayer
[2011-05-10 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\DMCache
[2008-06-28 14:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu
[2009-12-31 02:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu 10
[2011-05-12 10:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\IDM
[2009-10-16 20:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ipla
[2009-06-24 22:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\LG Electronics
[2011-05-30 15:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\MAGIX
[2011-08-22 20:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\searchqutoolbar
[2011-08-22 18:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Spotify
[2011-03-07 21:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TS3Client
[2011-02-06 22:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent
[2011-08-22 20:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2011-08-22 20:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2009-06-19 20:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-05-30 19:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2011-08-22 18:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2008-06-27 18:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2010-01-20 16:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SlySoft
[2010-11-02 15:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009-10-07 20:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011-08-22 20:42:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011-08-22 22:26:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
< End of report >
-- 22 sie 2011, 22:36 --
OTL logfile created on: 2011-08-22 22:31:49 - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1014,36 Mb Total Physical Memory | 605,31 Mb Available Physical Memory | 59,67% Memory free
2,39 Gb Paging File | 2,11 Gb Available in Paging File | 88,26% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,17 Gb Free Space | 16,22% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 5,23 Gb Free Space | 13,40% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 5,60 Gb Free Space | 10,53% Space Free | Partition Type: NTFS
Computer Name: PPP-8163AC0F4B3 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-08-22 20:47:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
PRC - [2011-08-09 20:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011-08-09 20:06:05 | 001,599,376 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2010-03-31 22:42:38 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-04-28 07:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- D:\Program Files\winamp\winampa.exe
PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2009-09-04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009-02-03 04:15:28 | 003,771,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- D:\Program Files\winamp\winampa.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-08-09 20:29:52 | 002,051,472 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2005-11-17 14:18:52 | 001,527,900 | ---- | M] (MAGIX?) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - [2009-12-19 20:22:01 | 000,104,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009-05-25 11:49:10 | 000,086,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009-05-25 11:49:08 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009-05-25 11:49:08 | 000,109,480 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV - [2009-05-25 11:49:08 | 000,108,200 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV - [2009-05-25 11:49:08 | 000,104,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009-05-25 11:49:08 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV - [2009-05-25 11:49:08 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2008-05-16 01:15:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008-03-17 11:03:46 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-10-19 10:29:22 | 000,161,792 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007-05-30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-01-25 05:44:06 | 000,290,304 | R--- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-12-23 02:56:44 | 000,988,800 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006-12-23 02:56:00 | 000,209,664 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006-12-23 02:55:56 | 000,730,112 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006-10-13 07:28:42 | 000,604,928 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2001-08-17 23:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 23:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006-01-17 12:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-03 10:16:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\ffox@bandoo.com [2011-08-22 20:44:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\admin\Dane aplikacji\IDM\idmmzcc3
[2011-08-22 20:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2011-08-22 20:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions
[2011-08-22 20:41:55 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011-02-01 14:36:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011-08-22 20:44:28 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\extensions\ffox@bandoo.com
[2011-05-01 21:21:44 | 000,002,387 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\searchplugins\askcom.xml
[2011-08-22 20:41:51 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2o18nzwa.default\searchplugins\SearchResults.xml
[2011-08-22 20:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006-01-17 20:32:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2006-01-17 20:32:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-08-22 20:42:00 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2006-01-17 20:32:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009-09-30 08:32:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-09-30 08:32:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-09-30 08:32:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-09-30 08:32:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-08-22 20:41:51 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2009-09-30 08:32:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-09-30 08:32:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2011-08-22 22:24:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Dostępne tylko dla zarejestrowanych użytkowników (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Dostępne tylko dla zarejestrowanych użytkowników (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\datamngr.dll) - c:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\iebho.dll) - c:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-06-25 14:30:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\admin\Pulpit\badyda zagroenia dla rodowiska ze strony transportu.pdf
[2011-08-22 22:23:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-08-22 20:47:29 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
[2011-08-22 20:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Ilivid Player
[2011-08-22 20:44:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bandoo
[2011-08-22 20:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2011-08-22 20:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2011-08-22 20:42:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011-08-22 20:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iLivid
[2011-08-22 20:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2011-08-22 20:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\searchqutoolbar
[2011-08-22 20:41:52 | 002,075,104 | ---- | C] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1(2).exe
[2011-08-22 20:41:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2011-08-22 20:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011-08-22 20:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PackageAware
[2011-08-22 20:41:15 | 002,075,104 | ---- | C] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1.exe
[2011-08-22 20:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-08-22 20:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programy\HiJackThis
[2011-08-22 18:31:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-08-22 18:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes
[2011-08-22 18:25:56 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-08-22 18:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-08-22 18:25:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-08-22 18:25:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-08-22 18:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-08-20 16:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2011-08-18 12:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\rys
[1 C:\Documents and Settings\admin\Pulpit\*.tmp files -> C:\Documents and Settings\admin\Pulpit\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\admin\Pulpit\badyda zagroenia dla rodowiska ze strony transportu.pdf
[2011-08-22 22:26:26 | 000,000,031 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2011-08-22 22:26:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011-08-22 22:26:05 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-22 22:25:59 | 000,002,126 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-22 22:25:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-08-22 22:24:29 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011-08-22 22:07:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-22 20:51:10 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\HiJackThis.lnk
[2011-08-22 20:47:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTL.exe
[2011-08-22 20:45:17 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Try New Messenger for Facebook.url
[2011-08-22 20:42:40 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iLivid Download Manager.lnk
[2011-08-22 20:41:57 | 002,075,104 | ---- | M] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1(2).exe
[2011-08-22 20:41:23 | 002,075,104 | ---- | M] (Bandoo Media Inc. ) -- C:\Documents and Settings\admin\Pulpit\iLividSetupV1.exe
[2011-08-22 20:00:14 | 000,001,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2011-08-22 19:10:26 | 000,000,331 | ---- | M] () -- C:\boot.ini
[2011-08-22 18:29:43 | 000,001,027 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Continue FoxTab AVI Converter Installation.lnk
[2011-08-22 18:25:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-08-18 18:49:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-08-17 22:56:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-08-17 20:40:41 | 000,380,040 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\tercjemat.pdf
[2011-08-16 18:14:10 | 003,895,707 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\PN_88-B-02171.pdf
[2011-08-05 05:31:58 | 000,436,560 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-08-05 05:31:58 | 000,380,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-08-05 05:31:58 | 000,067,496 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-08-05 05:31:58 | 000,053,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-08-04 18:13:48 | 000,173,143 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\matlab3.pdf
[2011-07-24 16:01:02 | 001,100,796 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Byron Katie i Michael Katz Kłamstwa o miłości.pdf
[2011-07-24 14:21:37 | 000,170,207 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\metroplan.jpg
[1 C:\Documents and Settings\admin\Pulpit\*.tmp files -> C:\Documents and Settings\admin\Pulpit\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011-08-22 22:25:58 | 000,002,126 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011-08-22 20:45:17 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Try New Messenger for Facebook.url
[2011-08-22 20:42:40 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iLivid Download Manager.lnk
[2011-08-22 20:16:25 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\HiJackThis.lnk
[2011-08-22 18:29:43 | 000,001,027 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Continue FoxTab AVI Converter Installation.lnk
[2011-08-22 18:25:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-08-17 20:40:41 | 000,380,040 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\tercjemat.pdf
[2011-08-16 18:13:57 | 003,895,707 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\PN_88-B-02171.pdf
[2011-08-04 18:13:48 | 000,173,143 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\matlab3.pdf
[2011-07-24 16:00:53 | 001,100,796 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Byron Katie i Michael Katz Kłamstwa o miłości.pdf
[2011-07-24 14:21:33 | 000,170,207 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\metroplan.jpg
[2011-05-30 15:01:38 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011-05-30 15:01:15 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2011-05-12 12:39:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-02-09 23:24:45 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysInfo.dll
[2011-02-09 23:24:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-06-23 11:00:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-06-22 22:09:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2010-04-08 16:05:53 | 000,000,113 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\AVSMediaPlayer.m3u
[2010-04-08 15:56:53 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-01-20 16:55:44 | 000,000,031 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2010-01-14 19:25:58 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-06-22 12:37:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-04-03 00:35:06 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2008-09-04 17:49:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008-07-07 23:31:47 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-06-27 18:29:58 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-06-27 18:22:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-06-25 16:18:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-06-25 16:16:38 | 000,145,216 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-06-25 16:12:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-06-25 16:12:19 | 000,212,480 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-06-25 15:43:51 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-06-25 14:52:19 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008-06-25 14:52:15 | 000,910,464 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008-06-25 14:33:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008-06-25 14:27:15 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-02-07 10:05:18 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2006-01-17 12:29:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2006-01-17 12:29:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2006-01-17 12:29:55 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2006-01-17 12:29:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2006-01-17 12:29:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002-10-06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002-10-05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002-10-05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002-10-05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001-10-26 18:15:16 | 000,436,560 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,067,496 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:30:24 | 000,380,684 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,053,098 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2009-02-09 00:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\BESTplayer
[2011-05-10 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\DMCache
[2008-06-28 14:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu
[2009-12-31 02:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu 10
[2011-05-12 10:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\IDM
[2009-10-16 20:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ipla
[2009-06-24 22:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\LG Electronics
[2011-05-30 15:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\MAGIX
[2011-08-22 20:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\searchqutoolbar
[2011-08-22 18:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Spotify
[2011-03-07 21:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TS3Client
[2011-02-06 22:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent
[2011-08-22 20:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2011-08-22 20:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2009-06-19 20:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-05-30 19:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2011-08-22 18:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2008-06-27 18:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2010-01-20 16:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SlySoft
[2010-11-02 15:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009-10-07 20:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011-08-22 20:42:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011-08-22 22:26:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
< End of report >
-- 22 sie 2011, 22:39 --
przepraszam, 2 razy to samo
teraz Extras.txt:
OTL Extras logfile created on: 2011-08-22 22:31:49 - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1014,36 Mb Total Physical Memory | 605,31 Mb Available Physical Memory | 59,67% Memory free
2,39 Gb Paging File | 2,11 Gb Available in Paging File | 88,26% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,17 Gb Free Space | 16,22% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 5,23 Gb Free Space | 13,40% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 5,60 Gb Free Space | 10,53% Space Free | Partition Type: NTFS
Computer Name: PPP-8163AC0F4B3 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE -- (Software 2000 Limited)
"C:\Documents and Settings\admin\Pulpit\Flash-Player.exe" = C:\Documents and Settings\admin\Pulpit\Flash-Player.exe:*:Enabled:C:\Documents and Settings\admin\Pulpit\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe
"C:\WINDOWS\services32.exe" = C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe
"C:\WINDOWS\update.3\svchost.exe" = C:\WINDOWS\update.3\svchost.exe:*:Enabled:C:\WINDOWS\update.3\svchost.exe
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype? 3.8
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}" = MSN Messenger 7.0
"{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C98F2FE6-5AF5-11D6-8209-00D0B701C7B5}" = Terayon DOCSIS Modem
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnyDVD" = AnyDVD
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Bandoo" = Bandoo
"Budzik_is1" = Budzik 1.04
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Elecard AVC Streaming PlugIn for WMP 1.1.71114" = Elecard AVC Streaming PlugIn for WMP
"Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.5.71225" = Elecard MPEG-2 Decoder&Streaming Plug-in for WMP
"Firebird SQL Server US" = Firebird SQL Server - MAGIX Edition
"Gadu-Gadu" = Gadu-Gadu 7.7
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"iLivid" = iLivid
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.1.1800
"MatlabR2011a" = MATLAB R2011a
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Orb" = Winamp Remote
"PLAY ONLINE" = PLAY ONLINE
"PocketRAR" = Pocket RAR documentation
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Recuva" = Recuva
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"Spotify" = Spotify
"SubEdit-Player_is1" = SubEdit-Player
"TOEFL Sample Questions" = TOEFL Sample Questions
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = Archiwizator WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1004336348-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 2008-08-28 16:24:09 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2008-08-28 16:49:44 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2008-08-29 00:02:10 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2009-01-14 08:20:04 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:02:23 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:02:23 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:05:26 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:05:26 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:15:38 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
Error - 2010-03-01 17:15:38 | Computer Name = PPP-8163AC0F4B3 | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 2011-08-22 10:00:31 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2344
Error - 2011-08-22 12:07:17 | Computer Name = PPP-8163AC0F4B3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2344
Error - 2011-08-22 12:46:19 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 12:49:46 | Computer Name = PPP-8163AC0F4B3 | Source = MsiInstaller | ID = 11722
Description = SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2011 ? Błąd
1722. SA_Error1722: StandardAction(0xC00706BA): Wystąpił problem z tym pakietem
Instalatora Windows. Program uruchamiany jako część instalacji nie zakończył pracy
w oczekiwany sposób. Skontaktuj się z zespołem pomocy technicznej lub dostawcą
pakietu. Akcja RegisterTuneUp, położenie: C:\Program Files\AVG\AVG10\PCTuneup\MicroScanner.exe,
polecenie: -REGSERVER
Error - 2011-08-22 14:00:18 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to C0000005 z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 16:24:50 | Computer Name = PPP-8163AC0F4B3 | Source = EventSystem | ID = 4609
Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył
zły kod powrotu. HRESULT to 800706BA z w wierszu 44 z d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą
Error - 2011-08-22 16:24:50 | Computer Name = PPP-8163AC0F4B3 | Source = VSS | ID = 8193
Description = Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas
wywoływania procedury CoCreateInstance. hr = 0x80040206.
Error - 2011-08-22 16:25:59 | Computer Name = PPP-8163AC0F4B3 | Source = Windows Product Activation | ID = 1010
Description = Licencja systemu Windows została przywrócona z powodu błędu systemowego.
Może być potrzebne ponowne przeprowadzenie aktywacji tego produktu Windows.
[ System Events ]
Error - 2011-08-19 14:42:34 | Computer Name = PPP-8163AC0F4B3 | Source = ipnathlp | ID = 32003
Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji
przez
moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji,
niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu.
Error - 2011-08-20 08:21:36 | Computer Name = PPP-8163AC0F4B3 | Source = ipnathlp | ID = 32003
Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji
przez
moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji,
niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu.
Error - 2011-08-21 15:06:43 | Computer Name = PPP-8163AC0F4B3 | Source = Service Control Manager | ID = 7034
Description = Usługa srvbtcclient niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.
Error - 2011-08-22 12:42:47 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:42:49 | Computer Name = | Source = DCOM | ID = 10021
Description = Deskryptor zabezpieczeń uruchamiania i aktywacji aplikacji serwera
COM z identyfikatorem klasy {8BC3F05E-D86B-11D0-A075-00C04FB68820} jest nieprawidłowy.
Zawiera wpisy kontroli dostępu z nieprawidłowymi uprawnieniami. Z tego powodu żądana
akcja nie została wykonana. To uprawnienie zabezpieczeń można poprawić przy użyciu
narzędzia administracyjnego usług składowych.
Error - 2011-08-22 12:44:41 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:44:57 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 12:53:23 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 13:10:17 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2011-08-22 13:10:32 | Computer Name = PPP-8163AC0F4B3 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi
EventSystem z argumentami ?? w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
-
djkamil09061991
- Posty: 8250
- Rejestracja: 18 lut 2009, 11:54
- Lokalizacja: Wrocław
- Kontaktowanie:
Wirus z Facebooka.
Wydaje się być ok, jeśli problem juz nie występuje naciśnij w OTL sprzątanie to go usunie
Dla pewności mozesz wykonać pełne skanowanie programem Malwarebytes, usuń co znajdzie:
http://www.hotfix.pl/obsluga-programu-m ... re-a55.htm
Dla pewności mozesz wykonać pełne skanowanie programem Malwarebytes, usuń co znajdzie:
http://www.hotfix.pl/obsluga-programu-m ... re-a55.htm
Mój kanał YouTube - Dostępne tylko dla zarejestrowanych użytkowników
Przyjmuje skiny Cs Go: Dostępne tylko dla zarejestrowanych użytkowników
Przyjmuje skiny Cs Go: Dostępne tylko dla zarejestrowanych użytkowników
-
daisy88
- Posty: 4
- Rejestracja: 22 sie 2011, 21:15
Wirus z Facebooka.
zalogowałam się znowu na fb, zmieniłam hasło, wszytsko wydaje sie działać ok. Wielkie dzięki. jedyne co mi wyskoczyło to znow te wiadomości ale nie wiem czy to stare czy już po usuwaniu. Więc jakby coś się dalej działo, dam znać. Jeszcze raz wielkie dzięki!! Jestem pod wrażeniem szybkości odpowiedzi. 
-
XMan
- Posty: 13385
- Rejestracja: 30 lis 2008, 00:40
Wirus z Facebooka.
Logi wklejasz np. na :
Dostępne tylko dla zarejestrowanych użytkowników
lub : Dostępne tylko dla zarejestrowanych użytkowników
a na forum podajesz link.
Użyj opcji EDYTUJ - popraw,
XMan.
Dostępne tylko dla zarejestrowanych użytkowników
lub : Dostępne tylko dla zarejestrowanych użytkowników
a na forum podajesz link.
Użyj opcji EDYTUJ - popraw,
XMan.
-
- Reklama
Kto jest online
Użytkownicy przeglądający to forum: Google [Bot] i 1 gość
