OTL-logi.rar

System Tool 2011 – analiza logów ComboFix i HJT po infekcji fałszywym antywirusem

Ok, dodam też, że kiedy się pospieszę i razem ze startem komputera wyłączę w menedżerze zadań procesy tego programu, to wtedy jest spokojnie, a kiedy nie zdążę to wtedy nie mam dostępu do menedżera zadań i 70% programów nie działa (ich procesy są zablokowane). Zaraz dam loga z OTL... Dodano po 6 : Proszę bardzo, czy logi z HJT są dalej potrzebne?

Pobierz plik - link do postu

• OTL-logi.rar
  • OTL.Txt
  • Extras.Txt

OTL-logi.rar > OTL.Txt

OTL logfile created on: 2011-01-11 20:16:39 - Run 5
OTL by OldTimer - Version 3.2.20.1 Folder = E:\Ściągawki
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

510,00 Mb Total Physical Memory | 172,00 Mb Available Physical Memory | 34,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1200 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,52 Gb Total Space | 7,02 Gb Free Space | 35,94% Space Free | Partition Type: FAT32
Drive D: | 68,36 Gb Total Space | 12,57 Gb Free Space | 18,38% Space Free | Partition Type: NTFS
Drive E: | 61,15 Gb Total Space | 3,25 Gb Free Space | 5,31% Space Free | Partition Type: NTFS

Computer Name: MAZU-0590F9D734 | User Name: Mazuro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-01-11 20:14:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Ściągawki\OTL.exe
PRC - [2010-12-09 23:54:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-10-20 20:56:36 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010-09-01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2007-01-09 12:57:02 | 000,212,992 | ---- | M] () -- C:\WINDOWS\VMSnap23.exe
PRC - [2007-01-09 12:56:16 | 000,049,152 | ---- | M] (Vimicro) -- C:\WINDOWS\Domino.exe
PRC - [2004-10-26 16:54:26 | 000,421,888 | ---- | M] () -- C:\Program Files\PLANET\PLANET WL-U356A\WlanUtil.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-01-11 20:14:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Ściągawki\OTL.exe
MOD - [2004-08-04 00:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-05-17 18:21:00 | 003,592,432 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mazuro\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - [2010-12-17 00:08:36 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-06-29 10:00:42 | 000,502,368 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010-05-17 14:31:08 | 000,040,128 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\vujlvhht.sys -- (vujlvhht)
DRV - [2010-04-24 15:49:12 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007-04-03 16:22:12 | 000,260,224 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326) Vimicro USB2.0 PC Camera(VC0323)
DRV - [2006-08-08 11:25:40 | 000,476,672 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323)
DRV - [2005-04-20 20:00:56 | 002,317,696 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-04-01 16:16:00 | 003,454,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-10-15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004-09-29 11:00:42 | 000,247,296 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(PLANET Technology Corp.)) PLANET WL-U356A Driver(PLANET Technology Corp.)
DRV - [2004-08-03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-06-30 13:54:04 | 000,019,200 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDBRGSYS.sys -- (ZDBRGSYS)
DRV - [2004-01-14 11:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0



IE - HKU\S-1-5-21-1801674531-73586283-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKU\S-1-5-21-1801674531-73586283-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: " http://www.google.com/webhp?hl=pl "
FF - prefs.js..extensions.enabledItems: firefox@red-cog.com:2.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-22 17:37:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-22 17:37:14 | 000,000,000 | ---D | M]

[2008-09-25 17:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Extensions
[2010-08-02 21:52:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Extensions\mozswing@mozswing.org
[2008-09-25 17:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions
[2010-08-11 14:57:04 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009-08-13 11:00:28 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009-08-13 11:00:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010-12-24 13:08:20 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-09-29 00:08:36 | 000,000,000 | ---D | M] (Embedded Objects) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\firefox@red-cog.com
[2010-09-12 12:36:16 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\personas@christopher.beard
[2010-08-01 21:57:46 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\extensions\YoutubeDownloader@PeterOlayev.com
[2009-05-27 12:57:38 | 000,001,972 | ---- | M] () -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\searchplugins\wrzuta.xml
[2011-01-10 14:53:24 | 000,002,039 | ---- | M] () -- C:\Documents and Settings\Mazuro\Dane aplikacji\Mozilla\Firefox\Profiles\ou8hlvn5.default\searchplugins\torrentyorg.xml
[2009-09-22 17:37:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-02 23:21:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-01 14:55:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-04-12 17:29:20 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-09-21 23:37:22 | 000,024,576 | ---- | M] (My Global Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
[2010-04-05 00:41:38 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-05 00:41:38 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-05 00:41:38 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-05 00:41:38 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-05 00:41:38 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-05 00:41:38 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-12-28 14:43:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKLM\..\Toolbar: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-73586283-839522115-1003\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKU\S-1-5-21-1801674531-73586283-839522115-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [BigDogPath323Domino] C:\WINDOWS\Domino.exe (Vimicro)
O4 - HKLM..\Run: [BigDogPath323VMSnap] C:\WINDOWS\VMSnap23.exe ()
O4 - HKLM..\Run: [CleanIt] C:\Program Files\CleanIt\CleanIt.exe (Silmaril Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe File not found
O4 - HKU\S-1-5-21-1801674531-73586283-839522115-1003..\Run: [ares] e:\Program Files\Ares\Ares.exe File not found
O4 - HKU\S-1-5-21-1801674531-73586283-839522115-1003..\Run: [BitComet] E:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKU\S-1-5-21-1801674531-73586283-839522115-1003..\Run: [Gadu-Gadu 10] E:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1801674531-73586283-839522115-1003..\RunOnce: [lPpFi07000] C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\lPpFi07000\lPpFi07000.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\PLANET WL-U356A Utility.lnk = C:\Program Files\PLANET\PLANET WL-U356A\WlanUtil.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-73586283-839522115-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1801674531-73586283-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1801674531-73586283-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1801674531-73586283-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mazuro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mazuro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-08-05 15:26:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = ComFile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-01-11 19:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mazuro\Menu Start\Programy\System Tool
[2011-01-11 19:23:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\lPpFi07000
[2011-01-02 04:09:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mazuro\Recent
[2010-12-25 22:08:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Neverwinter Nights
[2010-12-17 00:08:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Hamachi
[2010-12-17 00:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\Hamachi

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-01-11 20:11:22 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-01-11 20:11:20 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-01-11 20:10:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-01-11 20:02:02 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-01-11 19:40:34 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Mazuro\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-11 19:35:40 | 000,001,010 | ---- | M] () -- C:\Documents and Settings\Mazuro\Pulpit\System Tool 2011.lnk
[2011-01-10 14:35:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-01-09 15:30:04 | 000,030,574 | ---- | M] () -- C:\Documents and Settings\Mazuro\.recently-used.xbel
[2011-01-05 23:14:32 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-01-04 19:08:10 | 000,205,189 | ---- | M] () -- C:\Documents and Settings\Mazuro\Moje dokumenty\ts3_clientui-win32-12815-2011-01-04 19_08_09.343750.dmp
[2011-01-04 19:08:10 | 000,203,033 | ---- | M] () -- C:\Documents and Settings\Mazuro\Moje dokumenty\ts3_clientui-win32-12815-2011-01-04 19_08_07.546875.dmp
[2011-01-03 15:33:58 | 000,000,117 | ---- | M] () -- C:\Documents and Settings\Mazuro\jagex_runescape_preferences2.dat
[2011-01-03 15:33:58 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\Mazuro\jagex_runescape_preferences.dat
[2010-12-17 00:08:36 | 000,025,544 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2010-12-17 00:08:36 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Hamachi.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-01-11 19:35:37 | 000,001,010 | ---- | C] () -- C:\Documents and Settings\Mazuro\Pulpit\System Tool 2011.lnk
[2011-01-09 15:30:02 | 000,030,574 | ---- | C] () -- C:\Documents and Settings\Mazuro\.recently-used.xbel
[2011-01-04 19:08:09 | 000,205,189 | ---- | C] () -- C:\Documents and Settings\Mazuro\Moje dokumenty\ts3_clientui-win32-12815-2011-01-04 19_08_09.343750.dmp
[2011-01-04 19:08:07 | 000,203,033 | ---- | C] () -- C:\Documents and Settings\Mazuro\Moje dokumenty\ts3_clientui-win32-12815-2011-01-04 19_08_07.546875.dmp
[2010-12-17 00:08:35 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Hamachi.lnk
[2010-06-24 22:07:53 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010-05-24 20:38:25 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisvvan.sys
[2010-05-17 14:31:05 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\vujlvhht.sys
[2010-05-05 19:59:29 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-05-05 19:59:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-05-05 19:59:27 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-05-05 19:59:27 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-05-05 19:59:24 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-05-01 01:00:16 | 000,000,203 | ---- | C] () -- C:\WINDOWS\GSdx9 sse2.INI
[2010-05-01 00:51:57 | 000,000,208 | ---- | C] () -- C:\WINDOWS\GSdx9.INI
[2010-03-07 06:42:04 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\kailleraclient.dll
[2009-11-30 19:14:53 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2009-11-24 15:20:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-14 22:19:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009-11-12 13:32:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\zSpy.INI
[2009-09-18 20:09:38 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2009-09-14 18:13:44 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll
[2009-08-09 06:37:45 | 000,000,147 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-06-29 18:47:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009-05-24 14:03:15 | 000,000,030 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008-12-26 16:56:44 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008-12-26 16:56:44 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2008-12-26 16:51:07 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2008-12-07 14:58:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008-11-09 21:46:38 | 000,137,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-10-22 16:23:40 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-10-05 22:21:22 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2008-09-26 12:05:13 | 000,000,526 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-09-26 12:00:11 | 000,107,520 | ---- | C] () -- C:\Documents and Settings\Mazuro\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-09-25 17:15:21 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2008-09-25 16:22:28 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007-03-26 10:45:18 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007-02-20 14:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007-02-20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007-02-20 14:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2005-08-30 00:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005-08-30 00:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005-08-30 00:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2005-04-01 16:16:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2004-07-17 11:36:38 | 000,029,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[color=#E56717]========== LOP Check ==========[/color]

[2008-01-18 14:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith
[2008-02-13 14:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2008-02-13 14:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2008-02-13 14:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2008-02-13 14:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-08-20 01:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2008-10-06 22:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\MailFrontier
[2008-11-27 12:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Oberon Games
[2008-12-26 16:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ScanSoft
[2009-01-18 15:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP
[2009-02-26 14:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\DAEMON Tools Lite
[2009-07-27 22:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-09-14 02:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2009-12-15 17:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\NexonEU
[2010-02-13 18:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\boost_interprocess
[2010-02-16 20:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10
[2010-06-24 19:22:24 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\SMSJPWBJSLAV
[2011-01-11 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\lPpFi07000
[2008-09-26 19:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\Gadu-Gadu
[2008-10-22 16:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\DAEMON Tools
[2009-01-10 14:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\Iomatic
[2009-02-26 14:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\DAEMON Tools Lite
[2009-02-26 14:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\DAEMON Tools Pro
[2009-03-17 21:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\fltk.org
[2009-04-12 22:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\OTSPW
[2009-04-16 22:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\Soldat
[2009-04-19 16:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\Remere's Map Editor
[2009-05-12 20:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\GanymedeNet
[2009-07-17 22:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\BlackBean
[2009-08-22 16:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\GetRightToGo
[2009-08-25 19:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\gtk-2.0
[2009-08-28 18:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\COWON
[2009-09-14 02:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-14 02:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\OpenFM
[2009-11-09 21:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\ScanSoft
[2009-12-15 19:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\WoDBO
[2010-02-16 20:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\Gadu-Gadu 10
[2010-05-28 22:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\foobar2000
[2010-10-01 18:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\Tibia
[2010-11-30 20:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mazuro\Dane aplikacji\LimeWire

[color=#E56717]========== Purity Check ==========[/color]



& lt; End of report & gt;

OTL-logi.rar > Extras.Txt

OTL Extras logfile created on: 2011-01-11 20:16:40 - Run 5
OTL by OldTimer - Version 3.2.20.1 Folder = E:\Ściągawki
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

510,00 Mb Total Physical Memory | 172,00 Mb Available Physical Memory | 34,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1200 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,52 Gb Total Space | 7,02 Gb Free Space | 35,94% Space Free | Partition Type: FAT32
Drive D: | 68,36 Gb Total Space | 12,57 Gb Free Space | 18,38% Space Free | Partition Type: NTFS
Drive E: | 61,15 Gb Total Space | 3,25 Gb Free Space | 5,31% Space Free | Partition Type: NTFS

Computer Name: MAZU-0590F9D734 | User Name: Mazuro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ & lt; extension & gt; ]

[HKEY_USERS\S-1-5-21-1801674531-73586283-839522115-1003\SOFTWARE\Classes\ & lt; extension & gt; ]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ & lt; key & gt; \shell\[command]\command]
batfile [open] -- " %1 " %*
cmdfile [open] -- " %1 " %*
comfile [open] -- " %1 " %*
exefile [open] -- " %1 " %*
piffile [open] -- " %1 " %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- " %1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- " %1 " /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
" FirstRunDisabled " = 1
" AntiVirusDisableNotify " = 0
" FirewallDisableNotify " = 0
" UpdatesDisableNotify " = 0
" AntiVirusOverride " = 0
" FirewallOverride " = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
" DisableSR " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
" Start " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
" Start " = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\domainprofile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\standardprofile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
" EnableFirewall " = 1
" DoNotAllowExceptions " = 0
" DisableNotifications " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
" 1900:UDP " = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
" 2869:TCP " = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
" 139:TCP " = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
" 445:TCP " = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
" 137:UDP " = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
" 138:UDP " = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
" 13784:TCP " = 13784:TCP:*:Enabled:BitComet 13784 TCP
" 13784:UDP " = 13784:UDP:*:Enabled:BitComet 13784 UDP

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
" E:\GRY\Exteel\System\Exteel.exe " = E:\GRY\Exteel\System\Exteel.exe:*:Enabled:Exteel -- File not found
" E:\GRY\Multiplayer\Combat Arms EU\CombatArms.exe " = E:\GRY\Multiplayer\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
" E:\GRY\Multiplayer\Combat Arms EU\Engine.exe " = E:\GRY\Multiplayer\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found
" E:\Program Files\BearShare\BearShare\BearShare.exe " = E:\Program Files\BearShare\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
" E:\Program Files\BitComet\BitComet.exe " = E:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
" C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\NexonEU\NGM\NGM.exe " = C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
" C:\WINDOWS\System32\USMT\migwiz.exe " = C:\WINDOWS\System32\USMT\migwiz.exe:*:Enabled:Kreator transferu plików i ustawień -- (Microsoft Corporation)
" E:\GRY\Multiplayer\Vietcong\vietcong.exe " = E:\GRY\Multiplayer\Vietcong\vietcong.exe:*:Enabled:vietcong -- ()
" E:\Program Files\Teamspeak2_RC2\server_windows.exe " = E:\Program Files\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server -- ()
" C:\Documents and Settings\Mazuro\Pulpit\CS2D\Counter-Strike 2D\CounterStrike2D.exe " = C:\Documents and Settings\Mazuro\Pulpit\CS2D\Counter-Strike 2D\CounterStrike2D.exe:*:Enabled:CounterStrike2D -- File not found
" E:\GRY\Multiplayer\Metin2 US\metin2.bin " = E:\GRY\Multiplayer\Metin2 US\metin2.bin:*:Enabled:metin2 -- File not found
" E:\Program Files\Gadu-Gadu 10\gg.exe " = E:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
" E:\GRY\Multiplayer\Metin2\metin2client.bin " = E:\GRY\Multiplayer\Metin2\metin2client.bin:*:Enabled:metin2client -- File not found
" E:\GRY\Multiplayer\Metin2\metin2mod.bin " = E:\GRY\Multiplayer\Metin2\metin2mod.bin:*:Enabled:metin2mod -- File not found
" E:\Program Files\BearShare\BearShare\BearShare.exe " = E:\Program Files\BearShare\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
" C:\Documents and Settings\Mazuro\Pulpit\CS2D\CS2D b 0.1.1.8\CounterStrike2D.exe " = C:\Documents and Settings\Mazuro\Pulpit\CS2D\CS2D b 0.1.1.8\CounterStrike2D.exe:*:Enabled:CounterStrike2D -- ()
" C:\Program Files\BearShare\BearShare.exe " = C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
" E:\GRY\Gothic\System\zSpy.exe " = E:\GRY\Gothic\System\zSpy.exe:*:Enabled:ZSPY -- File not found
" E:\Program Files\Ares\Ares.exe " = E:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- File not found
" E:\Program Files\LimeWire\LimeWire.exe " = E:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
" E:\Ściągawki\PCS GamePack 1.1\PCS GamePack 1.1\Guardian 0.46b\Guardian.exe " = E:\Ściągawki\PCS GamePack 1.1\PCS GamePack 1.1\Guardian 0.46b\Guardian.exe:*:Enabled:Guardian -- File not found
" E:\GRY\NeverwinterNights\NWN\nwmain.exe " = E:\GRY\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights -- (BioWare)
" C:\Documents and Settings\Mazuro\Pulpit\CS2D\Guardian 0.46b\Guardian.exe " = C:\Documents and Settings\Mazuro\Pulpit\CS2D\Guardian 0.46b\Guardian.exe:*:Enabled:Guardian -- ()
" E:\GRY\Multiplayer\Netsoccer\server.exe " = E:\GRY\Multiplayer\Netsoccer\server.exe:*:Enabled:server -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" " Ascension to the Throne. Valkyrie " _is1 " = " Ascension to the Throne. Valkyrie "
" {036FD544-AED6-3F33-856D-A2292D0CF471} " = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
" {0D499481-22C6-4B25-8AC2-6D3F6C885FB9} " = OpenOffice.org Installer 1.0
" {111E336D-30BF-4CD4-8D69-4541732AFB27} " = Rayman Raving Rabbids
" {14C87AA7-08E6-419F-A165-998EBE5023D7} " = Oblivion - Knights of the Nine
" {16D919E6-F019-4E15-BFBE-4A85EF19DA57} " = Oblivion - Spell Tomes
" {1a413f37-ed88-4fec-9666-5c48dc4b7bb7} " = YouTube Downloader 2.5.7
" {1AB16B10-3B55-499E-9918-5527DD082C6D} " = ILLUSION 人工少女2
" {26A24AE4-039D-4CA4-87B4-2F83216019FF} " = Java(TM) 6 Update 20
" {2965C062-FBC0-4505-9EB8-4497252BB41F} " = Gothic II
" {2BA00471-0328-3743-93BD-FA813353A783} " = Microsoft .NET Framework 3.0 Service Pack 1
" {2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B} " = Next Generation Visualisations
" {2F2E3D62-8B8C-448F-8900-451325E50948} " = Oblivion - Wizard's Tower
" {2FC099BD-AC9B-33EB-809C-D332E1B27C40} " = Microsoft .NET Framework 3.5
" {332CC6BF-E6C7-48EE-BA3D-435E576AD67F} " = PaperPort Image Printer
" {350C9415-3D7C-4EE8-BAA9-00BCB3D54227} " = WebFldrs XP
" {35CB6715-41F8-4F99-8881-6FC75BF054B0} " = Oblivion
" {36820BCA-FC55-452E-9085-6E6F1F55508D} " = Vimicro USB2.0 PC Camera (VC0323)
" {3921A67A-5AB1-4E48-9444-C71814CF3027} " = VCRedistSetup
" {3ABEBD00-299D-4DCA-967F-B912163AB5EA} " = Oblivion - Horse Armor Pack
" {4286E640-B5FB-11DF-AC4B-005056C00008} " = Google Earth
" {4A03706F-666A-4037-7777-5F2748764D10} " = Java Auto Updater
" {520F4B09-3A51-47A2-82B0-9FF1DC2D20FA} " = Oblivion - Vile Lair
" {56C049BE-79E9-4502-BEA7-9754A3E60F9B} " = neroxml
" {581CE7EA-A30D-F000-1211-088635773309} " = PLANET WL-U356A
" {5A9FE525-8B8F-4701-A937-7F6745A4E9C7} " = RGSS-RTP Standard
" {5C82DAE5-6EB0-4374-9254-BE3319BA4E82} " = Skype™ 3.8
" {5EE7D259-D137-4438-9A5F-42F432EC0421} " = VC80CRTRedist - 8.0.50727.4053
" {65A9FFB6-E734-424C-BDFE-DF20B36808D3}_is1 " = " Ascension to the Throne " (Remove Only)
" {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} " = PowerDVD
" {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} " = Windows Media Player Firefox Plugin
" {758A4269-70E5-4B11-B419-F692882408A9} " = Gothic
" {789289CA-F73A-4A16-A331-54D498CE069F} " = Ventrilo
" {7C503E58-B2BC-11D5-978A-0050BA84F5F7} " = Neverwinter Nights
" {7C77393F-8237-3825-A88A-AFAF3C69C072} " = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
" {80CD98CB-995A-4524-826B-D03B331FF12A} " = Restaurant Empire 2
" {837b34e3-7c30-493c-8f6a-2b0f04e2912c} " = Microsoft Visual C++ 2005 Redistributable
" {849F6C2A-3F9C-4731-B659-8C606B706CF0}_is1 " = Counter-Strike 2D 0.1.1.8
" {85EBB283-65AF-4C53-9EBE-7C0A232762F7} " = AGEIA PhysX v7.03.21
" {90110415-6000-11D3-8CFE-0150048383C9} " = Microsoft Office Professional Edition 2003
" {9A25302D-30C0-39D9-BD6F-21E6EC160475} " = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
" {9FB8CAC0-CCF6-47C9-8EDE-3AC69FD61045} " = Nero 7
" {A3FEC306-FBFF-4B0D-95B9-F9C67C65079E} " = Brother MFL-Pro Suite
" {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} " = Google Update Helper
" {AC76BA86-7AD7-1045-7B44-A81200000003} " = Adobe Reader 8 - Polish
" {B508B3F1-A24A-32C0-B310-85786919EF28} " = Microsoft .NET Framework 2.0 Service Pack 1
" {B6C89654-A6A2-477C-873B-724EC1C56407} " = ScanSoft PaperPort 11
" {D642E38E-0D24-486C-9A2D-E316DD696F4B} " = Microsoft XML Parser
" {EC425CFC-EE78-4A91-AA25-3BFA65B75364} " = Oblivion - Orrery
" {EF295F5C-7B57-47AA-8889-6B3E8E214E89} " = Oblivion - Mehrunes Razor
" {F31E509D-3597-324E-83CF-0C160B2320F0} " = Microsoft .NET Framework 3.5 Language Pack - plk
" {F59205C8-E5FB-43F5-AAB2-16C1760D4F59} " = FaceFilter Studio Brother Edition
" {FFFFFD17-B460-41EB-93F1-C48ABAD63828} " = Oblivion - Thieves Den
" Adobe Flash Player ActiveX " = Adobe Flash Player 10 ActiveX
" Adobe Flash Player Plugin " = Adobe Flash Player 10 Plugin
" allplayer_is1 " = ALLPlayer V4.X
" Audacity_is1 " = Audacity 1.2.6
" BitComet " = BitComet 1.14
" Browser Defender_is1 " = Browser Defender 2.0.6.15
" CCleaner " = CCleaner
" CleanIt! v.2.0_is1 " = CleanIt!
" DivX Setup.divx.com " = DivX Setup
" DofusArena 2.29.0 " = DofusArena 2.29.0
" EAX(tm) Unified (SHELL) " = EAX(tm) Unified (SHELL)
" FINAL FANTASY VIII " = FINAL FANTASY VIII
" foobar2000 " = foobar2000 v1.0.3
" Fraps " = Fraps (remove only)
" Gadu-Gadu 10 " = Gadu-Gadu 10
" GoMan_is1 " = GoMan 0.92a
" Google Updater " = Aktualizator Google
" Hamachi " = Hamachi 1.0.2.2
" Heroes III Armageddon's Blade " = Heroes III Armageddon's Blade
" Heroes III The Restoration of Erathia " = Heroes III The Restoration of Erathia
" Heroes III The Shadow of Death " = Heroes III The Shadow of Death
" ie8 " = Windows Internet Explorer 8
" JAIELangPack " = Japanese Language Support
" KLiteCodecPack_is1 " = K-Lite Codec Pack 5.9.0 (Full)
" LAME for Audacity_is1 " = LAME v3.98.2 for Audacity
" Legacy of Kain: Defiance " = Legacy of Kain: Defiance 1.0
" MediaInfo " = MediaInfo 0.7.32
" Microsoft .NET Framework 3.5 " = Microsoft .NET Framework 3.5
" Microsoft .NET Framework 3.5 Language Pack - plk " = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK
" Mozilla Firefox (3.6.4) " = Mozilla Firefox (3.6.4)
" MSTTS " = Microsoft Text-to-Speech Engine 4.0 (English)
" Multimedia keyboard utility 1.3 " = Multimedia keyboard utility 1.3
" My Global Search Uninstall " = My Global Search Bar
" Myspace Video Downloader_is1 " = Myspace Video Downloader 3.16
" NAPIPROJEKT_is1 " = NAPIPROJEKT 1.0.6.2
" Neffy " = Neffy 1,3,29,0
" NVIDIA Drivers " = NVIDIA Drivers
" Odkurzacz 12.2_is1 " = Odkurzacz 12.2
" RealAlt_is1 " = Real Alternative 2.0.2
" save2pc Converter_is1 " = save2pc Converter 3.46
" System Tool2011 " = System Tool2011
" Teamspeak 2 RC2_is1 " = TeamSpeak 2 RC2
" TeamSpeak 2 Server_is1 " = TeamSpeak 2 Server RC2
" TeamSpeak 3 Client " = TeamSpeak 3 Client
" Tibia_is1 " = Tibia
" TMIPC " = Tibia MULTI-ip changer
" UltraISO_is1 " = UltraISO Premium V9.3
" Vietcong " = Vietcong
" Vietcong Fist Alpha " = Vietcong Fist Alpha
" VLC media player " = VLC media player 1.0.5
" Windows Media Format Runtime " = Windows Media Format Runtime
" WinGimp-2.0_is1 " = GIMP 2.6.7
" WinGTK-2_is1 " = GTK+ 2.6.10-20050823 runtime environment
" WinRAR archiver " = Archiwizator WinRAR
" Wise Disk Cleaner_is1 " = Wise Disk Cleaner 4.83
" Wise Registry Cleaner_is1 " = Wise Registry Cleaner 4 Free 4.9
" Worms Reloaded_is1 " = Worms Reloaded
" XpsEPSC " = XML Paper Specification Shared Components Pack 1.0
" Yahoo! Companion " = Yahoo! Toolbar
" Yahoo! Toolbar " = Yahoo! Toolbar

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-09-25 08:05:53 | Computer Name = MAZU-0590F9D734 | Source = Google Update | ID = 20
Description =

Error - 2010-09-25 19:05:54 | Computer Name = MAZU-0590F9D734 | Source = Google Update | ID = 20
Description =

Error - 2010-09-27 17:40:54 | Computer Name = MAZU-0590F9D734 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gothicmod.exe, wersja 1.0.8.11, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x0e8919d8.

Error - 2010-10-01 12:35:04 | Computer Name = MAZU-0590F9D734 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd tibia.exe, wersja 8.5.2.0, moduł powodujący
błąd tibia.exe, wersja 8.5.2.0, adres błędu 0x00001360.

Error - 2010-10-01 12:37:47 | Computer Name = MAZU-0590F9D734 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd tibia.exe, wersja 8.5.2.0, moduł powodujący
błąd tibia.exe, wersja 8.5.2.0, adres błędu 0x00001360.

Error - 2010-10-01 12:41:26 | Computer Name = MAZU-0590F9D734 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd tibia.exe, wersja 8.5.2.0, moduł powodujący
błąd tibia.exe, wersja 8.5.2.0, adres błędu 0x00001360.

Error - 2010-10-11 07:23:44 | Computer Name = MAZU-0590F9D734 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3909, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-10-11 17:20:18 | Computer Name = MAZU-0590F9D734 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gothicmod.exe, wersja 1.0.8.11, moduł powodujący
błąd shw32.dll, wersja 6.0.0.3, adres błędu 0x00002626.

Error - 2010-10-14 13:51:59 | Computer Name = MAZU-0590F9D734 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd ts3client_win32.exe, wersja 1.0.0.0, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x4b435553.

Error - 2010-10-19 13:52:09 | Computer Name = MAZU-0590F9D734 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca ALLPlayer.exe, wersja 4.1.6.5, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

[ System Events ]
Error - 2011-01-11 14:37:20 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7022
Description = Usługa Windows User Mode Driver Framework zawiesiła się podczas uruchamiania.

Error - 2011-01-11 14:37:20 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7031
Description = Usługa Google Software Updater niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1. W przeciągu 900000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2011-01-11 14:37:20 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7034
Description = Usługa Usługa Google Update (gupdate1c9b5289b05cc1c) niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1.

Error - 2011-01-11 14:37:20 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-01-11 14:37:20 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7034
Description = Usługa Cyberlink RichVideo Service(CRVS) niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2011-01-11 14:37:20 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą Usługa COM nagrywania dysków CD IMAPI.

Error - 2011-01-11 14:37:20 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa COM nagrywania dysków CD IMAPI z
powodu następującego błędu: %%1053

Error - 2011-01-11 14:37:20 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7034
Description = Usługa Windows User Mode Driver Framework niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2011-01-11 14:52:19 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7031
Description = Usługa Google Software Updater niespodziewanie zakończyła pracę. Wystąpiło
to razy: 2. W przeciągu 900000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2011-01-11 15:11:53 | Computer Name = MAZU-0590F9D734 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi AMON z powodu następującego błędu: %%2


& lt; End of report & gt;