Windows - system nie zawsze chce się wyłączyć

[CrixDoomsday]

Od jakiegoś czasu mam taki problem. Otóż za każdym razem gdy chcę wyłączyć/uruchomić ponownie komputer gdy daję start -> wyłącz komputer -> np uruchom ponownie to nic się nie dzieje. Dopiero gdy drugi raz robię to samo to komputer dopiero zaskakuje i uruchamia się ponownie. Za pierwszym razem co najwyżej wyłączają się ikonki na pasku start koło zegara. I tak jest za każdym razem. Nie chcę przeinstalowywać windowsa więc się pytam czy się ktoś z czymś takim już spotkał.

[CoolSkull]

Komp ci muli po prostu, masz za dużo nawalone na nim. Format!

[[Ekspert] voodoo1907]

Radze najpierw wyczyścić system(zarówno pliki tmp jak i rejestr) programem CCleaner jak nic nie da to będziemy kombinować

[Sevard]

Wypadałoby też sprawdzić system antywirusami. Przeskanuj kompa programami Malwarebytes' Anti-Malware oraz Dr.Web CureIt! Daj na forum loga, którego wygeneruje ten pierwszy.

[CrixDoomsday]

Komp ci muli po prostu, masz za dużo nawalone na nim. Format!

Bardzo śmieszne...

Radze najpierw wyczyścić system(zarówno pliki tmp jak i rejestr) programem CCleaner jak nic nie da to będziemy kombinować

Komputer jest prawie codziennie skanowany pod względem plików tymczasowych i rejestru więc to raczej nie bardzo to.

-----------------------

Malwarebytes' Anti-Malware 1.44

Wersja bazy definicji: 3700

Windows 5.1.2600 Dodatek Service Pack 3

Internet Explorer 6.0.2900.5512

2010-02-07 09:28:50

mbam-log-2010-02-07 (09-28-50).txt

Typ skanowania: Szybkie skanowanie

Przeskanowane obiekty: 109950

Upłynęło: 2 minute(s), 22 second(s)

Zainfekowane procesy w pamięci: 0

Zainfekowane moduły pamięci: 0

Zainfekowane klucze rejestru: 0

Zainfekowane wartości rejestru: 0

Zainfekowane pliki rejestru: 2

Zainfekowane foldery: 0

Zainfekowane pliki: 0

Zainfekowane procesy w pamięci:

(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:

(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:

(Nie wykryto groźnych plików)

Zainfekowane wartości rejestru:

(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Zainfekowane foldery:

(Nie wykryto groźnych plików)

Zainfekowane pliki:

(Nie wykryto groźnych plików)

[Sevard]

Poproszę jeszcze o log z programów RSIT i OTL (sprawdzę jak będę, czyli pewnie wieczorem).

[CoolSkull]

Rofl CriX. Mówiłem serio. Format wszystko rozwiąże.

[[Ekspert] voodoo1907]

Wow, ale format to żadne rozwiązanie i ostateczna ostateczność

[Gość luq92]

Rofl CriX. Mówiłem serio. Format wszystko rozwiąże.

LOL

Format robi się tylko w ostateczności. Nawet gdy mamy wirusa to nie zawsze to pomaga. Najpierw trzeba spróbować rozwiązać problem w mniej drastyczny sposób.

[CrixDoomsday]

Rsit

--------

Logfile of random's system information tool 1.06 (written by random/random)

Run by CriX at 2010-02-07 17:57:32

Microsoft Windows XP Professional Dodatek Service Pack 3

System drive C: has 11 GB (38%) free of 30 GB

Total RAM: 3199 MB (85% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-10-07 33538048]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"Norton Ghost 9.0"=C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe [2004-07-29 1122304]

"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

"V0350Mon.exe"=C:\WINDOWS\V0350Mon.exe [2007-06-04 32768]

"Ashampoo FireWall"=C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe [2007-04-05 3251800]

"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-11-27 35328]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]

"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-01-28 2757512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

"bluebirds"=C:\Documents and Settings\CriX\Bluebirds\BlueBirds.exe [2009-04-29 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bluebirds]

C:\Documents and Settings\CriX\Bluebirds\BlueBirds.exe [2009-04-29 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Live! Cam Manager]

C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart

Napi-projekt.lnk - C:\Program Files\NAPI-PROJEKT\napisy.exe

Wireless Utility.lnk - C:\Program Files\EDIMAX\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:?Torrent"

"E:\Borderlands\Gearbox Software\Borderlands\Binaries\Borderlands.exe"="E:\Borderlands\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands"

"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"

"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"

"E:\Ghost Recon Advanced Warfighter\GRAW.exe"="E:\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"

"E:\Dragon Age\bin_ship\daorigins.exe"="E:\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra"

"E:\Dragon Age\DAOriginsLauncher.exe"="E:\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy"

"E:\Dragon Age\bin_ship\daupdatersvc.service.exe"="E:\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator"

"E:\Steam\Steam.exe"="E:\Steam\Steam.exe:*:Enabled:Steam"

"E:\League of Legends\Air\LolClient.exe"="E:\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"

"E:\League of Legends\Game\League of Legends.exe"="E:\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"

"E:\James Cameron's AVATAR - THE GAME\bin\Avatar.exe"="E:\James Cameron's AVATAR - THE GAME\bin\Avatar.exe:*:Enabled:James Cameron's AVATAR: THE GAME"

"E:\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe"="E:\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe:*:Enabled:Updater"

"E:\Steam\SteamApps\common\left 4 dead\left4dead.exe"="E:\Steam\SteamApps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"E:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe"="E:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - edit -

.js - open - ""

======List of files/folders created in the last 1 months======

2010-02-07 17:50:53 ----D---- C:\rsit

2010-02-07 17:50:53 ----D---- C:\Program Files\trend micro

2010-02-07 07:50:55 ----D---- C:\Documents and Settings\CriX\Dane aplikacji\Malwarebytes

2010-02-07 07:50:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-02-07 07:50:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes

2010-02-07 00:00:20 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe Systems

2010-02-07 00:00:17 ----D---- C:\Program Files\Common Files\Adobe Systems Shared

2010-02-06 23:59:40 ----SHD---- C:\Config.Msi

2010-02-04 11:30:09 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software

2010-02-02 15:33:23 ----D---- C:\Documents and Settings\CriX\Dane aplikacji\SoundSpectrum

2010-01-28 23:48:56 ----N---- C:\WINDOWS\system32\difxapi.dll

2010-01-28 23:47:17 ----D---- C:\WINDOWS\Prefetch

2010-01-28 23:44:31 ----N---- C:\WINDOWS\system32\smtpapi.dll

2010-01-28 23:44:31 ----N---- C:\WINDOWS\system32\rwnh.dll

2010-01-28 23:44:18 ----A---- C:\WINDOWS\000001_.tmp

2010-01-28 23:26:21 ----D---- C:\WINDOWS\system32\appmgmt

2010-01-28 22:49:22 ----A---- C:\WINDOWS\IsUninst.exe

2010-01-24 16:07:39 ----A---- C:\WINDOWS\system32\unicows.dll

2010-01-20 15:48:07 ----D---- C:\Documents and Settings\CriX\Dane aplikacji\Media Player Classic

2010-01-20 09:39:03 ----N---- C:\WINDOWS\system32\spmsg.dll

2010-01-20 09:38:59 ----HDC---- C:\WINDOWS\$NtUninstall_Xbox_360_CC_Driver$

2010-01-20 09:17:33 ----A---- C:\WINDOWS\system32\unrar.dll

2010-01-20 09:17:33 ----A---- C:\WINDOWS\avisplitter.ini

2010-01-20 09:17:32 ----A---- C:\WINDOWS\system32\yv12vfw.dll

2010-01-20 09:17:32 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2010-01-20 09:17:32 ----A---- C:\WINDOWS\system32\xvidcore.dll

2010-01-20 09:17:31 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest

2010-01-20 09:17:31 ----A---- C:\WINDOWS\system32\ff_vfw.dll

2010-01-20 09:17:29 ----D---- C:\Program Files\K-Lite Codec Pack

2010-01-20 00:11:04 ----D---- C:\Documents and Settings\CriX\Dane aplikacji\runic games

2010-01-14 11:34:40 ----A---- C:\WINDOWS\system32\aswBoot.exe

2010-01-14 11:33:33 ----D---- C:\Program Files\Alwil Software

2010-01-14 09:45:19 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ATI

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\Oemdspif.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\ativcoxx.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atitvo32.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atipdlxx.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atiok3x2.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atioglxx.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\ATIODE.exe

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\ATIODCLI.exe

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atimpc32.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atikvmag.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atiiiexx.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\ATIDDC.DLL

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\aticalrt.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\aticaldd.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\aticalcl.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atibtmon.exe

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\atiadlxx.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\ati2evxx.exe

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\ati2evxx.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\ati2edxx.dll

2010-01-14 09:42:53 ----A---- C:\WINDOWS\system32\amdpcom32.dll

2010-01-14 09:42:36 ----D---- C:\Program Files\ATI

2010-01-14 09:35:19 ----A---- C:\WINDOWS\WININIT.INI

2010-01-12 16:32:02 ----D---- C:\Program Files\Steinberg

2010-01-12 16:31:36 ----A---- C:\WINDOWS\system32\libguide40.dll

2010-01-12 16:31:36 ----A---- C:\WINDOWS\system32\DSE2_DFT.dll

======List of files/folders modified in the last 1 months======

2010-02-07 17:56:22 ----D---- C:\WINDOWS\Temp

2010-02-07 17:53:22 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-02-07 17:50:53 ----RD---- C:\Program Files

2010-02-07 09:48:21 ----A---- C:\WINDOWS\NeroDigital.ini

2010-02-07 09:29:29 ----D---- C:\WINDOWS\system32\CatRoot2

2010-02-07 07:50:52 ----D---- C:\WINDOWS\system32\drivers

2010-02-07 00:00:17 ----D---- C:\Program Files\Common Files

2010-02-07 00:00:16 ----SHD---- C:\WINDOWS\Installer

2010-02-07 00:00:11 ----D---- C:\Program Files\Common Files\Adobe

2010-02-06 23:59:40 ----D---- C:\Program Files\Adobe

2010-02-06 23:59:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe

2010-02-04 21:36:06 ----D---- C:\Documents and Settings\CriX\Dane aplikacji\Skype

2010-02-04 21:21:12 ----D---- C:\Documents and Settings\CriX\Dane aplikacji\skypePM

2010-02-04 11:30:28 ----D---- C:\WINDOWS\WinSxS

2010-02-04 11:30:22 ----D---- C:\WINDOWS\system32

2010-02-02 17:13:27 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

2010-02-02 15:21:49 ----D---- C:\Documents and Settings\CriX\Dane aplikacji\uTorrent

2010-02-01 18:12:22 ----D---- C:\Program Files\Mozilla Firefox

2010-01-28 23:54:02 ----RSH---- C:\boot.ini

2010-01-28 23:54:02 ----A---- C:\WINDOWS\win.ini

2010-01-28 23:54:02 ----A---- C:\WINDOWS\system.ini

2010-01-28 23:52:12 ----D---- C:\WINDOWS

2010-01-28 23:49:48 ----HD---- C:\Program Files\InstallShield Installation Information

2010-01-28 23:49:22 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-01-28 23:49:21 ----D---- C:\Program Files\VIA

2010-01-28 23:49:10 ----D---- C:\WINDOWS\system32\ReinstallBackups

2010-01-28 23:48:20 ----A---- C:\WINDOWS\Ascd_tmp.ini

2010-01-28 23:47:32 ----HD---- C:\WINDOWS\inf

2010-01-28 23:47:23 ----A---- C:\WINDOWS\setuplog.txt

2010-01-28 23:44:46 ----D---- C:\WINDOWS\system32\CatRoot

2010-01-28 23:44:31 ----D---- C:\WINDOWS\system32\oobe

2010-01-28 23:44:31 ----D---- C:\WINDOWS\system32\inetsrv

2010-01-28 23:44:31 ----D---- C:\WINDOWS\Help

2010-01-28 23:44:19 ----D---- C:\WINDOWS\security

2010-01-28 23:43:58 ----D---- C:\WINDOWS\ehome

2010-01-28 23:02:19 ----D---- C:\Program Files\Realtek

2010-01-28 22:11:54 ----A---- C:\WINDOWS\imsins.BAK

2010-01-20 09:39:04 ----SD---- C:\WINDOWS\system32\Microsoft

2010-01-14 13:34:56 ----D---- C:\WINDOWS\system32\config

2010-01-14 09:52:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-01-14 09:46:52 ----D---- C:\Program Files\ATI Technologies

2010-01-14 09:46:23 ----D---- C:\ATI

2010-01-14 09:43:39 ----RSD---- C:\WINDOWS\assembly

2010-01-14 09:42:53 ----DC---- C:\WINDOWS\system32\DRVSTORE

2010-01-08 19:31:43 ----D---- C:\Program Files\Common Files\Adobe AIR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-01-28 28240]

R1 AmdPPM;Sterownik procesora AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]

R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-01-28 163280]

R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-01-28 46672]

R1 GearAspiWDM;GearAspiWDM; C:\WINDOWS\system32\drivers\GearAspiWDM.sys [2004-07-29 14384]

R1 PQIMount;PQIMount; C:\WINDOWS\system32\drivers\PQIMount.sys [2004-07-29 46779]

R1 WmiAcpi;Interfejs zarządzania Microsoft Windows dla ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]

R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-11-15 21361]

R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-01-28 19024]

R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-01-28 100432]

R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]

R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-01-28 23376]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]

R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 93696]

R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []

R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]

R3 RT61;Edimax RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2008-03-05 491648]

R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]

R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]

R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]

R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]

R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]

R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]

R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

R3 VF0350Afx;VF0350 Audio FX; C:\WINDOWS\system32\Drivers\V0350Afx.sys [2007-06-10 142656]

R3 VF0350Vfx;VF0350 Video FX; C:\WINDOWS\system32\DRIVERS\V0350VFx.sys [2007-03-05 7424]

R3 VF0350Vid;Live! Cam Video IM (VF0350); C:\WINDOWS\system32\DRIVERS\V0350Vid.sys [2007-05-10 170368]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-09-29 876288]

S3 aodncry6;aodncry6; C:\WINDOWS\system32\drivers\aodncry6.sys []

S3 ASFWHide;ASFWHide; C:\WINDOWS\system32\drivers\ASFWHide.sys []

S3 BthEnum;Sterownik Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]

S3 BTHMODEM;Sterownik komunikacyjny modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]

S3 BTHPORT;Sterownik portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 273920]

S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]

S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]

S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]

S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]

S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]

S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]

S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S3 xnacc;Microsoft Common Controller For Windows Driver Service; C:\WINDOWS\system32\DRIVERS\xnacc.sys [2006-06-01 509440]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]

R2 GEARSecurity;GEARSecurity; C:\WINDOWS\System32\GEARSec.exe [2004-07-29 53248]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]

R2 Norton Ghost;Norton Ghost; C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe [2004-07-29 1269760]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-02-07 72704]

S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości; E:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []

S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

--------------------------------------------------------------

OTL:

Extras.txt

-------------------

OTL Extras logfile created on: 2010-02-07 17:59:53 - Run 1

OTL by OldTimer - Version 3.1.28.0 Folder = G:\

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free

5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 29,29 Gb Total Space | 11,10 Gb Free Space | 37,90% Space Free | Partition Type: NTFS

Drive D: | 195,31 Gb Total Space | 36,24 Gb Free Space | 18,56% Space Free | Partition Type: NTFS

Drive E: | 97,65 Gb Total Space | 39,08 Gb Free Space | 40,02% Space Free | Partition Type: NTFS

Drive F: | 97,65 Gb Total Space | 1,88 Gb Free Space | 1,92% Space Free | Partition Type: NTFS

Drive G: | 45,84 Gb Total Space | 11,72 Gb Free Space | 25,56% Space Free | Partition Type: NTFS

Drive H: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

I: Drive not present or media not loaded

Computer Name: UNREAL-E0A64FAD

Current User Name: CriX

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Standard

Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.js [@ = ] -- ""

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 1

"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher

"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher

"6977:TCP" = 6977:TCP:*:Enabled:League of Legends Launcher

"6977:UDP" = 6977:UDP:*:Enabled:League of Legends Launcher

"6908:TCP" = 6908:TCP:*:Enabled:League of Legends Launcher

"6908:UDP" = 6908:UDP:*:Enabled:League of Legends Launcher

"6965:TCP" = 6965:TCP:*:Enabled:League of Legends Launcher

"6965:UDP" = 6965:UDP:*:Enabled:League of Legends Launcher

"6882:TCP" = 6882:TCP:*:Enabled:League of Legends Launcher

"6882:UDP" = 6882:UDP:*:Enabled:League of Legends Launcher

"6935:TCP" = 6935:TCP:*:Enabled:League of Legends Launcher

"6935:UDP" = 6935:UDP:*:Enabled:League of Legends Launcher

"6883:TCP" = 6883:TCP:*:Enabled:League of Legends Launcher

"6883:UDP" = 6883:UDP:*:Enabled:League of Legends Launcher

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:?Torrent -- (BitTorrent, Inc.)

"E:\Borderlands\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = E:\Borderlands\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)

"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)

"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)

"E:\Ghost Recon Advanced Warfighter\GRAW.exe" = E:\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW -- ()

"E:\Dragon Age\bin_ship\daorigins.exe" = E:\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare)

"E:\Dragon Age\DAOriginsLauncher.exe" = E:\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare)

"E:\Dragon Age\bin_ship\daupdatersvc.service.exe" = E:\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare)

"E:\Steam\Steam.exe" = E:\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)

"E:\League of Legends\Air\LolClient.exe" = E:\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- ()

"E:\League of Legends\Game\League of Legends.exe" = E:\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()

"E:\James Cameron's AVATAR - THE GAME\bin\Avatar.exe" = E:\James Cameron's AVATAR - THE GAME\bin\Avatar.exe:*:Enabled:James Cameron's AVATAR: THE GAME -- (Ubisoft Entertainment)

"E:\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe" = E:\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe:*:Enabled:Updater -- (Ubisoft)

"E:\Steam\SteamApps\common\left 4 dead\left4dead.exe" = E:\Steam\SteamApps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- ()

"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

"E:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe" = E:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{01840D1A-3B62-1E2A-9997-C9B9007F1E5F}" = Catalyst Control Center Core Implementation

"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform

"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2

"{30233C19-872D-4412-9050-7DC263824A96}" = RealSpeak Solo 4.0 SAPI5 Polish Agata

"{32BAA79B-CBB2-3693-A0E3-71EA4A1E9761}" = ccc-core-static

"{33BA828D-CF19-0B52-8483-61FCFD83F75D}" = Catalyst Control Center HydraVision Full

"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{362CCC45-63D1-9688-C74D-F32F1B0CD919}" = CCC Help English

"{3C759736-8347-4031-BB9C-D75ADFE6B101}" = Norton Ghost 9.0

"{4183E4E3-F943-416C-D4E1-0673F1CBA6E1}" = ccc-utility

"{492C171D-9815-4AC5-AC80-E240C8D89D6B}_is1" = Ninja Blade PL

"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands

"{56415658-366E-4E28-A6BD-68EC63E560E0}" = Vegas Pro 9.0

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype? 3.8

"{69FAC221-570C-A7A2-10FF-30F3BDDED603}" = Catalyst Control Center Graphics Light

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{77C4F53F-8618-B4AC-A54D-694CA504BC2E}" = Catalyst Control Center Graphics Full Existing

"{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK

"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR: THE GAME

"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding

"{90280415-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional z programem FrontPage

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A52C4BAB-E8E7-906E-EF34-91EA765505BE}" = ccc-core-preinstall

"{A778A787-08A4-4089-CB68-02A9737DE532}" = Catalyst Control Center InstallProxy

"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution

"{AC76BA86-7AD7-1045-7B44-A92000000001}" = Adobe Reader 9.2 - Polish

"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek

"{B0F64C44-DC77-497D-9A27-C0F5BAB12493}" = muveeNow 2.0 - Creative

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver

"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX

"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =

"{EB2E2ED5-DE74-F09D-3B23-0C4BA51D8C60}" = Catalyst Control Center Graphics Previews Common

"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE

"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk

"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Edimax Wireless LAN

"{FD3D9B16-44E4-4231-E1E2-85C40A115F87}" = ATI Catalyst Install Manager

"{FDE0EEEA-B1CD-BFED-22BB-AD87B886CC47}" = Catalyst Control Center Graphics Full New

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)

"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Pakiet sterowników systemu Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)

"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Pakiet sterowników systemu Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Advanced Video FX Engine" = Advanced Video FX Engine

"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI

"Any Video Converter_is1" = Any Video Converter 2.7.8

"Ashampoo FireWall_is1" = Ashampoo FireWall 1.20

"ATI Display Driver" = ATI Display Driver

"avast5" = avast! Free Antivirus

"Creative Live! Cam Center" = Creative Live! Cam Center

"Creative Live! Cam Doodling" = Creative Live! Cam Doodling

"Creative Live! Cam FX Creator" = Creative Live! Cam FX Creator

"Creative Live! Cam Manager" = Creative Live! Cam Manager

"Creative Live! Cam User's Guide" = Creative Live! Cam User's Guide

"Creative Photo Calendar" = Creative Photo Calendar

"Creative Photo Manager" = Creative Photo Manager

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"Creative VF0350" = Creative Live! Cam Video Chat or Video IM Driver (1.02.01.00)

"Fraps" = Fraps (remove only)

"Gadu-Gadu" = Gadu-Gadu 7.7

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.5.1 (Full)

"League of Legends_is1" = League of Legends

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 ? PLK

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)

"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2

"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition

"PhotoFiltre" = PhotoFiltre

"Registry Fix_is1" = RegistryFix v7.1

"Runic Games Torchlight" = Torchlight

"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software

"SightSpeed" = SightSpeed (remove only)

"Steam App 500" = Left 4 Dead

"Steam App 550" = Left 4 Dead 2

"Steam App 564" = Left 4 Dead 2 Add-on Support

"SubtitleWorkshop" = Subtitle Workshop 2.51

"SysInfo" = Creative System Information

"uTorrent" = ?Torrent

"Winamp" = Winamp (remove only)

"WinCleaner OneClick CleanUp_is1" = WinCleaner OneClick Cleanup Version 10

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 10

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinRAR archiver" = Archiwizator WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"Xbox_360_CC_Driver" = Xbox 360 Controller for Windows

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"Youtube Downloader_is1" = Youtube Downloader 2.4.3

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]

Error - 2010-02-04 05:56:06 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 05:56:06 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 05:56:08 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 05:56:08 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 05:56:08 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 05:56:16 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 05:56:16 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 05:58:21 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 06:02:14 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

Error - 2010-02-04 06:10:25 | Computer Name = UNREAL-E0A64FAD | Source = avast! | ID = 33554522

Description =

[ Application Events ]

Error - 2010-01-04 08:57:56 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3011

Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl

(WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data).

Error - 2010-01-04 15:03:43 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności

to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis

DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error - 2010-01-04 15:03:43 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności

to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis

DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error - 2010-01-04 15:03:43 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3011

Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl

(WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data).

Error - 2010-01-05 03:55:03 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności

to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis

DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error - 2010-01-05 03:55:03 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności

to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis

DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error - 2010-01-05 03:55:03 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3011

Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl

(WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data).

Error - 2010-01-05 13:44:52 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności

to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis

DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error - 2010-01-05 13:44:52 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności

to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis

DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error - 2010-01-05 13:44:52 | Computer Name = UNREAL-E0A64FAD | Source = LoadPerf | ID = 3011

Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl

(WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data).

[ System Events ]

Error - 2010-02-01 10:46:37 | Computer Name = UNREAL-E0A64FAD | Source = Service Control Manager | ID = 7031

Description = Usługa Zdalne wywoływanie procedur (RPC) niespodziewanie zakończyła

pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca

czynność korekcyjna: Uruchom ponownie komputer.

Error - 2010-02-02 07:08:08 | Computer Name = UNREAL-E0A64FAD | Source = Dhcp | ID = 1002

Description = Adres IP połączenia 192.168.1.101 dla karty sieciowej o adresie 001F1F5C06E6

został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2010-02-02 07:19:58 | Computer Name = UNREAL-E0A64FAD | Source = Dhcp | ID = 1002

Description = Adres IP połączenia 192.168.1.101 dla karty sieciowej o adresie 001F1F5C06E6

został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2010-02-02 09:22:18 | Computer Name = UNREAL-E0A64FAD | Source = Dhcp | ID = 1002

Description = Adres IP połączenia 192.168.1.100 dla karty sieciowej o adresie 001F1F5C06E6

został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2010-02-05 07:49:07 | Computer Name = UNREAL-E0A64FAD | Source = Dhcp | ID = 1002

Description = Adres IP połączenia 192.168.1.100 dla karty sieciowej o adresie 001F1F5C06E6

został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2010-02-06 09:51:28 | Computer Name = UNREAL-E0A64FAD | Source = Dhcp | ID = 1002

Description = Adres IP połączenia 192.168.1.100 dla karty sieciowej o adresie 001F1F5C06E6

został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).

< End of report >

----------------------

otl.txt

-----------------------

OTL logfile created on: 2010-02-07 17:59:53 - Run 1

OTL by OldTimer - Version 3.1.28.0 Folder = G:\

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free

5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 29,29 Gb Total Space | 11,10 Gb Free Space | 37,90% Space Free | Partition Type: NTFS

Drive D: | 195,31 Gb Total Space | 36,24 Gb Free Space | 18,56% Space Free | Partition Type: NTFS

Drive E: | 97,65 Gb Total Space | 39,08 Gb Free Space | 40,02% Space Free | Partition Type: NTFS

Drive F: | 97,65 Gb Total Space | 1,88 Gb Free Space | 1,92% Space Free | Partition Type: NTFS

Drive G: | 45,84 Gb Total Space | 11,72 Gb Free Space | 25,56% Space Free | Partition Type: NTFS

Drive H: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

I: Drive not present or media not loaded

Computer Name: UNREAL-E0A64FAD

Current User Name: CriX

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Standard

Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-02-07 17:59:09 | 000,549,376 | ---- | M] (OldTimer Tools) -- G:\OTL.exe

PRC - [2010-01-28 23:09:31 | 002,757,512 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2010-01-28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010-01-16 04:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-11-25 04:09:04 | 000,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

PRC - [2009-10-30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2009-04-29 10:02:01 | 000,270,336 | R--- | M] (LG Electronics) -- C:\Documents and Settings\CriX\Bluebirds\BlueBirds.exe

PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

PRC - [2009-04-02 18:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

PRC - [2009-03-31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe

PRC - [2008-10-07 11:59:00 | 033,538,048 | R--- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe

PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe

PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008-03-21 10:41:46 | 002,109,952 | ---- | M] () -- C:\Program Files\NAPI-PROJEKT\napisy.exe

PRC - [2007-12-14 14:28:02 | 000,716,800 | ---- | M] (Edimax Technology Co., Ltd) -- C:\Program Files\EDIMAX\Common\RaUI.exe

PRC - [2007-06-04 18:02:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0350Mon.exe

PRC - [2007-04-05 14:57:52 | 003,251,800 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe

PRC - [2006-11-27 22:29:55 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe

PRC - [2004-07-29 04:41:08 | 001,122,304 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

PRC - [2004-07-29 04:02:34 | 001,269,760 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

PRC - [2004-07-29 02:53:58 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe

========== Modules (SafeList) ==========

MOD - [2010-02-07 17:59:09 | 000,549,376 | ---- | M] (OldTimer Tools) -- G:\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2010-02-07 00:00:17 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)

SRV - [2010-01-28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV - [2010-01-28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV - [2010-01-28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2009-11-25 04:09:04 | 000,602,112 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)

SRV - [2009-07-26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)

SRV - [2009-03-31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)

SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2004-07-29 04:02:34 | 001,269,760 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe -- (Norton Ghost)

SRV - [2004-07-29 02:53:58 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "wp.pl"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-01 18:12:21 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-01 18:12:21 | 000,000,000 | ---D | M]

[2009-11-09 16:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Mozilla\Extensions

[2010-02-06 15:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Mozilla\Firefox\Profiles\4w8jvpe3.default\extensions

[2010-01-08 18:34:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\CriX\Dane aplikacji\Mozilla\Firefox\Profiles\4w8jvpe3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010-02-01 18:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Mozilla\Firefox\Profiles\4w8jvpe3.default\extensions\personas@christopher.beard

[2010-02-06 15:02:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010-01-16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2010-01-16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2010-01-16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2010-01-16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2010-01-16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2010-01-16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)

O4 - HKLM..\Run: [Ashampoo FireWall] C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe ()

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe (Symantec Corporation)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [V0350Mon.exe] C:\WINDOWS\V0350Mon.exe (Creative Technology Ltd.)

O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()

O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKCU..\Run: [bluebirds] C:\Documents and Settings\CriX\Bluebirds\BlueBirds.exe (LG Electronics)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Napi-projekt.lnk = C:\Program Files\NAPI-PROJEKT\napisy.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe (Edimax Technology Co., Ltd)

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\CriX\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\CriX\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-11-25 20:53:53 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009-04-29 10:02:01 | 000,000,055 | R--- | M] () - H:\autorun.inf -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-11-09 01:26:27 | 000,000,000 | ---D | M]

NetSvcs: Iprip - File not found

NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (55172488459452416)

========== Files/Folders - Created Within 14 Days ==========

[2010-02-07 17:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro

[2010-02-07 17:50:53 | 000,000,000 | ---D | C] -- C:\rsit

[2010-02-07 07:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CriX\Dane aplikacji\Malwarebytes

[2010-02-07 07:50:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010-02-07 07:50:51 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010-02-07 07:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010-02-07 07:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes

[2010-02-07 00:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe Systems

[2010-02-07 00:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared

[2010-02-06 23:59:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010-02-04 11:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software

[2010-02-02 16:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CriX\WhiteCap

[2010-02-02 16:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CriX\G-Force

[2010-02-02 15:33:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CriX\Dane aplikacji\SoundSpectrum

[2010-02-01 12:55:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CriX\Moje dokumenty\Zdjęcia

[2010-01-28 23:47:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2010-01-28 23:26:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt

[2010-01-08 23:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe

[2010-01-04 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2009-11-09 17:21:50 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys

[2009-11-09 17:21:50 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys

[2009-11-09 00:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2009-11-09 00:50:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2009-11-09 00:50:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010-02-07 17:54:22 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-02-07 17:54:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-02-07 17:53:20 | 005,242,880 | -H-- | M] () -- C:\Documents and Settings\CriX\NTUSER.DAT

[2010-02-07 17:53:20 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\CriX\ntuser.ini

[2010-02-07 09:50:05 | 000,099,840 | ---- | M] () -- C:\Documents and Settings\CriX\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-02-07 09:48:21 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010-02-07 07:50:54 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk

[2010-02-07 07:36:20 | 000,024,960 | ---- | M] () -- C:\Documents and Settings\CriX\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2010-02-07 07:35:36 | 000,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010-02-06 19:58:10 | 000,002,027 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2010-02-04 21:37:16 | 002,109,532 | -H-- | M] () -- C:\Documents and Settings\CriX\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2010-02-04 20:48:55 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash

[2010-02-04 11:30:31 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010-02-02 17:10:24 | 000,023,584 | ---- | M] () -- C:\Documents and Settings\CriX\Pulpit\winamp 2010-02-01 10-28-37-09.avi.sfk

[2010-02-01 18:12:23 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk

[2010-02-01 14:13:55 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\CriX\Pulpit\Spis gier.doc

[2010-02-01 10:47:02 | 055,544,872 | ---- | M] () -- C:\Documents and Settings\CriX\Pulpit\Intro.avi

[2010-02-01 10:32:16 | 007,185,278 | ---- | M] () -- C:\Documents and Settings\CriX\Pulpit\winamp 2010-02-01 10-28-37-09.avi

[2010-01-31 19:46:52 | 055,544,872 | ---- | M] () -- C:\Documents and Settings\CriX\Pulpit\Unreal Reality Productions.avi

[2010-01-31 18:10:23 | 000,171,467 | ---- | M] () -- C:\Documents and Settings\CriX\Pulpit\CBD1009_by_thinking_fish.jpg

[2010-01-31 18:07:53 | 000,133,782 | ---- | M] () -- C:\Documents and Settings\CriX\Pulpit\Signs_of_Age_by_kparks.jpg

[2010-01-31 18:07:49 | 000,059,220 | ---- | M] () -- C:\Documents and Settings\CriX\Pulpit\Old_World_by_kparks.jpg

[2010-01-30 14:43:48 | 002,090,256 | ---- | M] () -- C:\Documents and Settings\CriX\Moje dokumenty\P1300132.JPG

[2010-01-30 14:43:04 | 002,074,880 | ---- | M] () -- C:\Documents and Settings\CriX\Moje dokumenty\P1300129.JPG

[2010-01-30 14:42:42 | 002,132,656 | ---- | M] () -- C:\Documents and Settings\CriX\Moje dokumenty\P1300127.JPG

[2010-01-28 23:54:02 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini

[2010-01-28 23:54:02 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010-01-28 23:54:02 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2010-01-28 23:48:20 | 000,007,234 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini

[2010-01-28 23:47:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010-01-28 23:09:46 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr

[2010-01-28 23:09:26 | 000,152,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe

[2010-01-28 22:57:55 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2010-01-28 22:57:34 | 000,163,280 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2010-01-28 22:54:42 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2010-01-28 22:54:16 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2010-01-28 22:54:12 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2010-01-28 22:54:05 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2010-01-28 22:53:50 | 000,028,240 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2010-01-28 22:11:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-02-07 07:50:54 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk

[2010-02-02 17:10:24 | 000,023,584 | ---- | C] () -- C:\Documents and Settings\CriX\Pulpit\winamp 2010-02-01 10-28-37-09.avi.sfk

[2010-02-01 10:44:02 | 055,544,872 | ---- | C] () -- C:\Documents and Settings\CriX\Pulpit\Intro.avi

[2010-02-01 10:32:13 | 007,185,278 | ---- | C] () -- C:\Documents and Settings\CriX\Pulpit\winamp 2010-02-01 10-28-37-09.avi

[2010-01-31 20:50:03 | 000,084,640 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2010-01-31 19:44:33 | 055,544,872 | ---- | C] () -- C:\Documents and Settings\CriX\Pulpit\Unreal Reality Productions.avi

[2010-01-31 18:10:23 | 000,171,467 | ---- | C] () -- C:\Documents and Settings\CriX\Pulpit\CBD1009_by_thinking_fish.jpg

[2010-01-31 18:07:53 | 000,133,782 | ---- | C] () -- C:\Documents and Settings\CriX\Pulpit\Signs_of_Age_by_kparks.jpg

[2010-01-31 18:07:48 | 000,059,220 | ---- | C] () -- C:\Documents and Settings\CriX\Pulpit\Old_World_by_kparks.jpg

[2010-01-30 14:46:11 | 002,132,656 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\P1300127.JPG

[2010-01-30 14:46:11 | 002,099,272 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\PB270111.JPG

[2010-01-30 14:46:11 | 002,098,148 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\PC100113.JPG

[2010-01-30 14:46:11 | 002,093,522 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\PC100114.JPG

[2010-01-30 14:46:11 | 002,092,970 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\PB270106.JPG

[2010-01-30 14:46:11 | 002,090,256 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\P1300132.JPG

[2010-01-30 14:46:11 | 002,084,028 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\PB270112.JPG

[2010-01-30 14:46:11 | 002,074,880 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\P1300129.JPG

[2010-01-30 14:46:11 | 002,065,207 | ---- | C] () -- C:\Documents and Settings\CriX\Moje dokumenty\PB270110.JPG

[2010-01-26 22:43:04 | 000,000,686 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Napi-projekt.lnk

[2010-01-20 09:17:33 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010-01-20 09:17:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2010-01-20 09:17:32 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010-01-20 09:17:32 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010-01-20 09:17:31 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010-01-20 09:17:31 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010-01-14 09:35:19 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2010-01-12 16:31:36 | 004,874,240 | ---- | C] () -- C:\WINDOWS\System32\DSE2_DFT.dll

[2009-11-17 22:24:59 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-11-14 12:14:53 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2009-11-14 12:14:53 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2009-11-14 12:14:48 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\CriX\Dane aplikacji\$_hpcst$.hpc

[2009-11-09 17:54:19 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-11-09 17:36:22 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009-11-09 17:01:05 | 000,099,840 | ---- | C] () -- C:\Documents and Settings\CriX\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-11-09 16:17:02 | 000,007,234 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2009-11-09 16:17:00 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2004-08-03 22:59:44 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys

========== LOP Check ==========

[2010-02-04 11:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software

[2009-11-17 23:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare

[2009-11-17 22:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2009-11-25 20:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies

[2009-11-14 12:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite

[2009-12-12 00:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Solidshield

[2009-12-02 21:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony

[2010-02-02 17:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2009-11-09 17:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip

[2009-11-09 17:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{92E7A367-8E12-4830-AA70-29C32E331A81}

[2009-12-18 16:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Any Video Converter

[2009-11-09 18:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Business Logic

[2009-11-17 22:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\DAEMON Tools Lite

[2009-11-15 17:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Gadu-Gadu

[2009-11-09 17:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\IsolatedStorage

[2009-11-23 16:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1

[2009-11-14 12:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\PC Suite

[2009-11-09 23:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\ProtectDisc

[2009-12-02 21:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Publish Providers

[2010-01-20 00:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\runic games

[2009-11-14 21:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Samsung

[2009-12-02 21:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\Sony

[2010-02-02 15:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\SoundSpectrum

[2010-02-02 15:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CriX\Dane aplikacji\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >

[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >

[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[2008-04-14 00:10:32 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >

[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >

[2004-08-04 00:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=8BE1BEBB1447EFFAF5F2135DC098431E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

[2008-04-14 22:50:42 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=9858AD0A3FCD83C3B100EDD5852DE540 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008-04-14 22:50:42 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=9858AD0A3FCD83C3B100EDD5852DE540 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >

[2004-08-04 00:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) MD5=3609496AE18FF399920C494270C526F9 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

[2008-04-14 22:50:46 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=3F74B6B4E2721272A117D25990141F73 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008-04-14 22:50:46 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=3F74B6B4E2721272A117D25990141F73 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2009-11-25 04:27:54 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll

[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

[2008-04-14 00:10:32 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys

[2009-11-17 22:24:59 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

[2009-11-09 01:30:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2009-11-09 01:30:29 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2009-11-09 01:30:29 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF

< End of report >