OTL logfile OTL logfile created on: 2012-03-07 13:30:42 - Run 1 OTL by OldTimer - Version 3.2.35.1 Folder = D:\Dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,51% Memory free 3,85 Gb Paging File | 3,32 Gb Available in Paging File | 86,42% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 25,39 Gb Total Space | 4,07 Gb Free Space | 16,05% Space Free | Partition Type: NTFS Drive D: | 207,49 Gb Total Space | 28,18 Gb Free Space | 13,58% Space Free | Partition Type: NTFS Drive E: | 8,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MACIEK | User Name: Maciek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-03-07 13:29:02 | 000,584,704 | ---- | M] (OldTimer Tools) -- D:\Dokumenty\Downloads\OTL.exe PRC - [2012-03-07 12:42:51 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012-03-06 12:49:49 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-02-10 05:10:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2011-06-15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2011-04-27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2010-11-09 07:57:24 | 000,824,224 | ---- | M] (Zbshareware Lab) -- C:\Program Files\USB Disk Security\USBGuard.exe PRC - [2010-06-18 14:36:12 | 003,558,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Movie Maker\moviemk.exe PRC - [2009-08-24 18:04:08 | 001,033,480 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe PRC - [2009-08-24 18:04:04 | 000,935,176 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe PRC - [2008-04-14 21:51:18 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2006-03-30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-03-06 12:49:48 | 000,429,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.66\ppgooglenaclpluginchrome.dll MOD - [2012-03-06 12:49:46 | 003,772,912 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.66\pdf.dll MOD - [2012-03-06 12:48:22 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.66\avutil-51.dll MOD - [2012-03-06 12:48:20 | 000,220,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.66\avformat-53.dll MOD - [2012-03-06 12:48:19 | 001,747,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\17.0.963.66\avcodec-53.dll MOD - [2008-04-14 18:20:37 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2012-03-07 12:42:51 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-02-10 05:10:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2011-04-27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2009-08-24 18:04:08 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine) SRV - [2009-08-24 18:04:04 | 000,935,176 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent) SRV - [2008-04-20 18:46:01 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2006-03-30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2005-01-31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (cpu) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2010-11-30 17:06:04 | 006,261,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-08-20 10:11:30 | 000,073,232 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS) DRV - [2009-06-17 13:20:34 | 000,012,648 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI) DRV - [2008-06-02 11:07:50 | 000,272,256 | ---- | M] (Compro Tech., Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMXVid.sys -- (CXEAGLE) DRV - [2008-04-20 21:29:57 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-04-13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2007-03-15 13:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001) DRV - [2004-12-23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp) DRV - [2004-08-14 01:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2001-04-12 13:04:54 | 000,131,776 | ---- | M] (Intel ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\STVqx3.SYS -- (STVqx3) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBR IE - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.4.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-07 12:55:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-03-07 12:42:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-03-07 12:46:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-09-15 13:39:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Maciek\Dane aplikacji\Mozilla\Extensions [2010-09-15 13:39:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Maciek\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-01-19 10:52:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Maciek\Dane aplikacji\Mozilla\Firefox\Profiles\lvza297l.default\extensions [2010-11-10 20:31:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Maciek\Dane aplikacji\Mozilla\Firefox\Profiles\lvza297l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2008-04-20 21:31:48 | 000,002,921 | ---- | M] () -- C:\Documents and Settings\Maciek\Dane aplikacji\Mozilla\Firefox\Profiles\lvza297l.default\searchplugins\daemon-search.xml [2012-03-07 12:45:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions () (No name found) -- C:\DOCUMENTS AND SETTINGS\MACIEK\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\LVZA297L.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\MACIEK\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\LVZA297L.DEFAULT\EXTENSIONS\{DAD0F81A-CF67-4EED-98D6-26F6E47274CA}.XPI [2012-03-07 12:55:07 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2009-12-18 01:31:54 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-03-07 12:55:05 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-03-07 12:55:05 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-03-07 12:55:05 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-03-07 12:55:05 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-03-07 12:55:05 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-03-07 12:55:05 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.66\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.66\pdf.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: AdBlock = C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.20_0\ CHR - Extension: Ghostery = C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\2.4.0_0\ O1 HOSTS File: ([2010-11-16 15:35:48 | 000,427,137 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 .archivioadulti.com O1 - Hosts: 127.0.0.1 .internet-explorer.name O1 - Hosts: 127.0.0.1 .katasearch.com O1 - Hosts: 127.0.0.1 .preferiti-windows.com O1 - Hosts: 127.0.0.1 .qoogler.com O1 - Hosts: 127.0.0.1 .tuttoavolonta.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 14716 more lines... O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Value error. File not found O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [Tweak UI] C:\WINDOWS\System32\TWEAKUI.CPL (Microsoft Corporation) O4 - HKLM..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab) O4 - HKU\S-1-5-21-1659004503-1409082233-839522115-1006..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (Nero AG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1659004503-1409082233-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = EF FF FF FF [binary data] O7 - HKU\S-1-5-21-1659004503-1409082233-839522115-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1659004503-1409082233-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90C35230-436A-4B34-9E25-6AE6C7AD12D0}: NameServer = 149.156.96.9 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-01-06 15:58:49 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-01-06 15:58:49 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{0e3e4f13-fbae-11df-a499-001e8c634394}\Shell - "" = AutoRun O33 - MountPoints2\{0e3e4f13-fbae-11df-a499-001e8c634394}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{3f0a12ba-bd30-11dd-a39d-001e8c634394}\Shell - "" = Autorun O33 - MountPoints2\{3f0a12ba-bd30-11dd-a39d-001e8c634394}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.exe O33 - MountPoints2\{4ab5a080-0789-11e0-a4a3-001e8c634394}\Shell\AutoRun\command - "" = F:\setupSNK.exe O33 - MountPoints2\{62ac79be-618e-11df-a45b-001e8c634394}\Shell - "" = AutoRun O33 - MountPoints2\{62ac79be-618e-11df-a45b-001e8c634394}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{7a41f3db-221b-11e0-a4bd-004005012707}\Shell\AutoRun\command - "" = F:\urDrive.exe O33 - MountPoints2\{8f44d10c-6fba-11df-a468-001e8c634394}\Shell - "" = AutoRun O33 - MountPoints2\{8f44d10c-6fba-11df-a468-001e8c634394}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{9544b79f-457a-11e0-a4c5-004005012707}\Shell - "" = AutoRun O33 - MountPoints2\{9544b79f-457a-11e0-a4c5-004005012707}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{b3de619c-f01b-11e0-a4ef-004005012707}\Shell - "" = AutoRun O33 - MountPoints2\{b3de619c-f01b-11e0-a4ef-004005012707}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{c3637c28-c396-11de-a42b-001e8c634394}\Shell\AutoRun\command - "" = F:\KLIZAVI/sapun.exe O33 - MountPoints2\{c3637c28-c396-11de-a42b-001e8c634394}\Shell\explore\command - "" = F:\KLIZAVI/sapun.exe O33 - MountPoints2\{c3637c28-c396-11de-a42b-001e8c634394}\Shell\open\command - "" = F:\KLIZAVI/sapun.exe O33 - MountPoints2\{c4be6b26-429e-11dd-a31f-001e8c634394}\Shell\AutoRun\command - "" = F:\0w.com O33 - MountPoints2\{c4be6b26-429e-11dd-a31f-001e8c634394}\Shell\explore\Command - "" = F:\0w.com O33 - MountPoints2\{c4be6b26-429e-11dd-a31f-001e8c634394}\Shell\open\Command - "" = F:\0w.com O33 - MountPoints2\{c4d1abb8-040f-11df-a43b-001e8c634394}\Shell\AutoRun\command - "" = F:\KLIZAVI/sapun.exe O33 - MountPoints2\{c4d1abb8-040f-11df-a43b-001e8c634394}\Shell\explore\command - "" = F:\KLIZAVI/sapun.exe O33 - MountPoints2\{c4d1abb8-040f-11df-a43b-001e8c634394}\Shell\open\command - "" = F:\KLIZAVI/sapun.exe O33 - MountPoints2\{e252a99e-dd20-11e0-a4e6-004005012707}\Shell - "" = AutoRun O33 - MountPoints2\{e252a99e-dd20-11e0-a4e6-004005012707}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{e731e901-e92b-11dd-a3de-001e8c634394}\Shell\AutoRun\command - "" = F:\mamuran\\\budaletinaa.exe O33 - MountPoints2\{e731e901-e92b-11dd-a3de-001e8c634394}\Shell\explore\command - "" = F:\mamuran\\\budaletinaa.exe O33 - MountPoints2\{e731e901-e92b-11dd-a3de-001e8c634394}\Shell\Install\command - "" = F:\mamuran\\\budaletinaa.exe O33 - MountPoints2\{e731e901-e92b-11dd-a3de-001e8c634394}\Shell\open\command - "" = F:\mamuran\\\budaletinaa.exe O33 - MountPoints2\{e731e902-e92b-11dd-a3de-001e8c634394}\Shell\AutoRun\command - "" = G:\USBNB.exe O34 - HKLM BootExecute: (PDBoot.exe) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-03-07 13:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Sun [2012-03-07 12:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack [2012-03-07 12:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2012-03-07 12:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2012-03-07 12:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-03-07 12:42:59 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2012-03-07 12:42:59 | 000,224,136 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-03-07 12:42:59 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-03-07 12:42:59 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-03-07 12:42:59 | 000,141,312 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012-03-07 12:42:49 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-03-07 12:26:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2012-03-07 12:26:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2012-03-07 12:26:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2012-03-07 12:26:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2012-03-07 12:26:25 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2012-03-07 12:26:25 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2012-03-07 12:26:24 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2012-03-07 12:26:24 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2012-03-07 12:26:23 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2012-03-07 12:26:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2012-03-07 12:26:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2012-03-07 12:26:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2012-03-07 12:26:21 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2012-03-07 12:26:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2012-03-07 12:26:20 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2012-03-07 12:26:20 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2012-03-07 12:26:20 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2012-03-07 12:26:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2012-03-07 12:26:18 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2012-03-07 12:26:18 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2012-03-07 12:26:18 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2012-03-07 12:26:17 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2012-03-07 12:26:17 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2012-03-07 12:26:17 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2012-03-07 12:26:17 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2012-03-07 12:26:16 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll [2012-03-07 12:26:16 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll [2012-03-07 12:26:16 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll [2012-03-07 12:26:13 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2012-03-07 12:26:13 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2012-03-07 12:26:13 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2012-03-07 12:26:12 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll [2012-03-07 12:26:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2012-03-07 12:26:12 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll [2012-03-07 12:26:12 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2012-03-07 12:26:11 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2012-03-07 12:26:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2012-03-07 12:26:10 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll [2012-03-07 12:26:10 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2012-03-07 12:26:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2012-03-07 12:26:10 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2012-03-07 12:26:09 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2012-03-07 12:26:09 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2012-03-07 12:26:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2012-03-07 12:26:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2012-03-07 12:26:08 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2012-03-07 12:26:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2012-03-07 12:26:08 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2012-03-07 12:26:07 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2012-03-07 12:26:07 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2012-03-07 12:26:07 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2012-03-07 12:26:06 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2012-03-07 12:26:04 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2012-03-07 12:26:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2012-03-07 12:26:03 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2012-03-07 12:26:02 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2012-03-07 12:26:01 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2012-03-07 12:26:01 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2012-03-07 12:26:00 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll [2012-03-07 12:25:59 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2012-03-07 12:25:59 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2012-03-07 12:25:58 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll [2012-03-07 12:25:58 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2012-03-07 12:25:58 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2012-03-07 12:25:57 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll [2012-03-07 12:25:52 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll [2012-03-07 12:25:51 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll [2012-03-07 12:25:51 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll [2012-03-07 12:25:50 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll [2012-03-07 12:25:49 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2012-03-07 12:25:49 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2012-03-07 12:25:48 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2012-03-07 12:25:48 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2012-03-07 12:25:47 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2012-03-07 12:25:47 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2012-03-07 12:25:47 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2012-03-07 12:25:47 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2012-03-07 12:25:46 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2012-03-07 12:25:37 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2012-03-07 12:25:37 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2012-03-07 12:25:36 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2012-03-07 12:25:35 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2012-03-07 12:25:35 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2012-03-07 12:25:34 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll [2012-03-07 12:25:34 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2012-03-07 12:25:33 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2012-03-07 12:15:52 | 001,000,256 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll [2012-03-07 12:15:52 | 000,881,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll [2012-03-07 12:14:44 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012-03-07 11:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA [2012-02-17 12:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EssentialFTIR [2012-02-17 12:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\EssentialFTIR [2012-02-17 12:23:20 | 000,000,000 | ---D | C] -- D:\Dokumenty\EFTIR [2012-02-17 12:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\EFTIR [2012-02-17 12:22:17 | 000,000,000 | ---D | C] -- D:\Dokumenty\Downloads [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-03-07 13:32:48 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2012-03-07 13:31:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-03-07 13:28:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-03-07 13:27:20 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-03-07 13:27:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-03-07 13:23:03 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-03-07 13:07:48 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-03-07 12:42:51 | 000,224,136 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-03-07 12:42:51 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-03-07 12:42:51 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-03-07 12:42:51 | 000,141,312 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012-03-07 12:42:50 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2012-03-07 12:42:50 | 000,567,696 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012-03-07 12:42:00 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Windows Search.lnk [2012-03-07 12:19:07 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E7986567-26B3-41E9-8C42-C206A37D2132}.job [2012-03-07 12:16:30 | 000,292,700 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2012-03-07 12:16:30 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2012-03-07 12:16:28 | 000,292,700 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2012-03-07 11:56:13 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-03-07 10:43:22 | 000,564,796 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-03-07 10:43:22 | 000,481,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-03-07 10:43:22 | 000,108,104 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-03-07 10:43:22 | 000,079,880 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-03-07 10:32:08 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2012-03-01 10:00:00 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2012-02-22 09:55:29 | 001,430,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-02-17 12:23:29 | 000,001,574 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\EssentialFTIR.lnk [2012-02-17 12:11:51 | 000,144,121 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\prtscreen.zip [2012-02-10 10:55:29 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\Excel 2003.lnk [2012-02-10 05:10:00 | 018,620,416 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll [2012-02-10 05:10:00 | 017,534,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2012-02-10 05:10:00 | 013,415,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys [2012-02-10 05:10:00 | 005,918,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll [2012-02-10 05:10:00 | 004,309,760 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll [2012-02-10 05:10:00 | 002,783,770 | ---- | M] () -- C:\WINDOWS\System32\nvdata.data [2012-02-10 05:10:00 | 002,522,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2012-02-10 05:10:00 | 002,437,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2012-02-10 05:10:00 | 002,292,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll [2012-02-10 05:10:00 | 001,000,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll [2012-02-10 05:10:00 | 000,881,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll [2012-02-10 05:10:00 | 000,065,536 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2012-02-10 05:10:00 | 000,007,843 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb [2012-02-10 04:17:58 | 000,278,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll [2012-02-10 04:17:58 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll [2012-02-10 04:17:57 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll [2012-02-10 04:17:57 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll [2012-02-10 04:17:57 | 000,229,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll [2012-02-10 04:17:56 | 000,266,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll [2012-02-10 04:17:56 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll [2012-02-10 04:17:56 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll [2012-02-10 04:17:55 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll [2012-02-10 04:17:54 | 000,335,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll [2012-02-10 04:17:54 | 000,286,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll [2012-02-10 04:17:54 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll [2012-02-10 04:17:54 | 000,126,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll [2012-02-10 04:17:53 | 000,262,144 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll [2012-02-10 04:17:53 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll [2012-02-10 04:17:52 | 000,335,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll [2012-02-10 04:17:52 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll [2012-02-10 04:17:52 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll [2012-02-10 04:17:52 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll [2012-02-10 04:17:52 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll [2012-02-10 04:17:51 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll [2012-02-10 04:17:51 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll [2012-02-10 04:17:51 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll [2012-02-10 04:17:51 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll [2012-02-10 04:17:51 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll [2012-02-10 04:17:51 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll [2012-02-10 04:17:51 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll [2012-02-10 04:17:50 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll [2012-02-10 04:04:29 | 000,054,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll [2012-02-10 04:04:21 | 000,143,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe [2012-02-10 04:04:20 | 015,494,464 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll [2012-02-10 04:04:19 | 000,108,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll [2012-02-07 13:12:22 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\PowerPoint 2003.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-03-07 12:46:12 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Thunderbird.lnk [2012-03-07 12:45:48 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-03-07 11:50:54 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb [2012-02-17 12:23:29 | 000,001,574 | ---- | C] () -- C:\Documents and Settings\Maciek\Pulpit\EssentialFTIR.lnk [2012-02-17 12:11:50 | 000,144,121 | ---- | C] () -- C:\Documents and Settings\Maciek\Pulpit\prtscreen.zip [2011-05-21 06:01:00 | 002,783,770 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011-03-01 11:43:12 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Maciek\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG [2010-10-12 11:30:29 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010-10-12 11:30:27 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010-10-12 11:30:27 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [color=#E56717]========== LOP Check ==========[/color] [2008-06-10 20:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Agnitum [2008-04-19 17:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2009-01-06 15:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2008-06-10 15:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft [2010-06-30 12:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2011-02-02 10:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-12-07 14:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Zbshareware Lab [2011-04-28 11:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Canon [2008-04-20 21:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\DAEMON Tools [2011-01-31 17:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Dropbox [2008-04-23 10:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\EPSON [2009-10-05 08:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Thinstall [2010-09-15 13:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Thunderbird [2012-03-07 12:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Windows Desktop Search [2010-04-06 10:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Windows Search [2011-01-17 11:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\XnView [2010-12-07 14:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Zbshareware Lab [2012-03-07 13:32:48 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2012-03-07 12:19:07 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E7986567-26B3-41E9-8C42-C206A37D2132}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:5C321E34 < End of report > OTL Extras OTL Extras logfile created on: 2012-03-07 13:30:42 - Run 1 OTL by OldTimer - Version 3.2.35.1 Folder = D:\Dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,51% Memory free 3,85 Gb Paging File | 3,32 Gb Available in Paging File | 86,42% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 25,39 Gb Total Space | 4,07 Gb Free Space | 16,05% Space Free | Partition Type: NTFS Drive D: | 207,49 Gb Total Space | 28,18 Gb Free Space | 13,58% Space Free | Partition Type: NTFS Drive E: | 8,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MACIEK | User Name: Maciek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1659004503-1409082233-839522115-1003\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 4 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.) "C:\Documents and Settings\Maciek\Dane aplikacji\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Maciek\Dane aplikacji\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4 "_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware "{07224AA9-2F2F-46A2-9A56-3B7B603B5E6C}" = Ulead Straight-to-Disc SDK "{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis "{12346CA2-3799-4C06-90BC-A4AF242F439B}" = ComproDTV 3 "{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3 "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{43592B2E-C393-433F-8D0E-5A4B15A8C786}" = Microsoft Antimalware Service PL-PL Language Pack "{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4 "{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client PL-PL Language Pack "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com "{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional "{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA "{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture "{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw "{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP "{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content "{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters "{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav "{8984E374-6C93-427C-A3B9-AD92472FDCA0}" = Asystent rejestracji usługi Windows Live "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1 "{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0209 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{CF097717-F174-4144-954A-FBC4BF301045}" = Nero 7 Ultra Edition "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D72601C5-3960-4093-8DC0-6A4C44553A56}" = VideoMate X-Series Driver "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings "Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3 "AtcL1" = Attansic L1 Gigabit Ethernet Driver "CAL" = Canon Camera Access Library "CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX "CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX "Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder "Canon MOV Decoder" = Canon MOV Decoder "Canon MOV Encoder" = Canon MOV Encoder "CDex" = CDex extraction audio "CodInstl" = Intel A/V Codecs V2.0 "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "CSCLIB" = Canon Camera Support Core Library "DPP" = Canon Utilities Digital Photo Professional 3.9 "EOS Utility" = Canon Utilities EOS Utility "EPSON Printer and Utilities" = Oprogramowanie drukarki EPSON "EPSON Scanner" = EPSON Scan "EssentialFTIR_is1" = EssentialFTIR v2.00 build 45 "ET3" = English Translator 3 "Google Chrome" = Google Chrome "HijackThis" = HijackThis 2.0.2 "ie8" = Windows Internet Explorer 8 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000 "Marsu-Fix 2.5" = Marsu-Fix 2.5 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "Mozilla Firefox 10.0.2 (x86 pl)" = Mozilla Firefox 10.0.2 (x86 pl) "Mozilla Thunderbird 10.0.2 (x86 pl)" = Mozilla Thunderbird 10.0.2 (x86 pl) "NTREGOPT_is1" = NTREGOPT 1.1j "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Original Data Security Tools" = Canon Utilities Original Data Security Tools "Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0 "PhotoStitch" = Canon Utilities PhotoStitch "Picture Style Editor" = Canon Utilities Picture Style Editor "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "Registry Medic_is1" = Registry Medic 4.0 "RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX "Secunia PSI" = Secunia PSI "SequoiaView" = SequoiaView "SpywareBlaster_is1" = SpywareBlaster 4.3 "Totalcmd" = Total Commander (Remove or Repair) "Tweak UI 2.10" = Tweak UI "TweakUI" = Tweak UI "USB Disk Security_is1" = USB Disk Security "VLC media player" = VLC media player 1.1.11 "WFTK" = Canon Utilities WFT Utility "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = WinRAR archiver "winscp3_is1" = WinSCP 4.1.1 beta "xp-AntiSpy" = xp-AntiSpy 3.96-6 "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1659004503-1409082233-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-03-07 07:24:45 | Computer Name = MACIEK | Source = Windows Search Service | ID = 1006 Description = Usługa Windows Search nie może utworzyć indeksu wyszukiwania SystemIndex. Błąd wewnętrzny <0, 0x80070002, Nie można odczytać wartości rejestru: DataDirectory>. Error - 2012-03-07 07:36:22 | Computer Name = MACIEK | Source = Windows Search Service | ID = 1006 Description = Usługa Windows Search nie może utworzyć indeksu wyszukiwania SystemIndex. Błąd wewnętrzny <0, 0x80070002, Nie można odczytać wartości rejestru: DataDirectory>. Error - 2012-03-07 07:36:42 | Computer Name = MACIEK | Source = Windows Search Service | ID = 1006 Description = Usługa Windows Search nie może utworzyć indeksu wyszukiwania SystemIndex. Błąd wewnętrzny <0, 0x80070002, Nie można odczytać wartości rejestru: DataDirectory>. Error - 2012-03-07 07:36:45 | Computer Name = MACIEK | Source = Windows Search Service | ID = 1006 Description = Usługa Windows Search nie może utworzyć indeksu wyszukiwania SystemIndex. Błąd wewnętrzny <0, 0x80070002, Nie można odczytać wartości rejestru: DataDirectory>. Error - 2012-03-07 07:37:05 | Computer Name = MACIEK | Source = Windows Search Service | ID = 1006 Description = Usługa Windows Search nie może utworzyć indeksu wyszukiwania SystemIndex. Błąd wewnętrzny <0, 0x80070002, Nie można odczytać wartości rejestru: DataDirectory>. Error - 2012-03-07 07:38:59 | Computer Name = MACIEK | Source = Windows Search Service | ID = 1006 Description = Usługa Windows Search nie może utworzyć indeksu wyszukiwania SystemIndex. Błąd wewnętrzny <0, 0x80070002, Nie można odczytać wartości rejestru: DataDirectory>. Error - 2012-03-07 07:39:07 | Computer Name = MACIEK | Source = Windows Search Service | ID = 1006 Description = Usługa Windows Search nie może utworzyć indeksu wyszukiwania SystemIndex. Błąd wewnętrzny <0, 0x80070002, Nie można odczytać wartości rejestru: DataDirectory>. Error - 2012-03-07 07:42:18 | Computer Name = MACIEK | Source = Windows Search Service | ID = 3024 Description = Nie można rozpocząć aktualizacji, ponieważ źródła zawartości są niedostępne. Napraw błędy i spróbuj przeprowadzić aktualizację ponownie. Kontekst: aplikacja Windows, wykaz SystemIndex Error - 2012-03-07 08:16:35 | Computer Name = MACIEK | Source = MsiInstaller | ID = 10005 Description = Product: Windows Movie Maker 2.6 -- This product only runs on Windows Vista Error - 2012-03-07 08:18:59 | Computer Name = MACIEK | Source = MsiInstaller | ID = 10005 Description = Product: Windows Movie Maker 2.6 -- This product only runs on Windows Vista [ System Events ] Error - 2012-03-07 07:32:16 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7031 Description = Usługa Microsoft Antimalware Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 15000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-03-07 07:32:20 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Update Service Daemon niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2012-03-07 07:32:27 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7034 Description = Usługa PDEngine niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2012-03-07 07:36:36 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd 2147749155 (0x80040D23). Error - 2012-03-07 07:36:42 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd 2147749155 (0x80040D23). Error - 2012-03-07 07:36:45 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd 2147749155 (0x80040D23). Error - 2012-03-07 07:37:06 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd 2147749155 (0x80040D23). Error - 2012-03-07 07:38:59 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd 2147749155 (0x80040D23). Error - 2012-03-07 07:39:07 | Computer Name = MACIEK | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd 2147749155 (0x80040D23). Error - 2012-03-07 08:06:25 | Computer Name = MACIEK | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE} < End of report >