Zainstalował się wirus XP Antispyware 2012. Nie można wejść na strony przez Explorera jedynie przez Firefoxa. Nie działa tez “msconfig”. Odinstalowałem Power ISO ale z “dodaj usuń programy” natomiast tego SPTDinst nie mogę już uruchomić. Jest źle i jeszcze do tej pory tak źle nie miałem :(. Wklejam logi z OTL i proszę o pomoc. Co mam zrobić w sytuacji gdy wiele programów przez ten Wirus nie chce się uruchamiać np Hijacthis. Jeszcze niczym go nie skanowałem ale słyszałem że restartuje kompa przy próbie wykrycia.
OTL logfile created on: 2012-01-14 12:51:27 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Art\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1,50 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 60,09% Memory free
3,35 Gb Paging File | 2,93 Gb Available in Paging File | 87,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 198,80 Gb Free Space | 85,37% Space Free | Partition Type: NTFS
Computer Name: ART-E4E8E5E42D7 | User Name: Art | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012-01-14 12:50:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Art\Moje dokumenty\Pobieranie\OTL.com
PRC - [2012-01-14 12:36:31 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-01-12 16:22:48 | 000,275,456 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\miw.exe
PRC - [2011-04-27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010-07-20 10:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010-06-22 13:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010-06-14 14:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009-11-09 04:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-11-30 10:47:52 | 000,013,888 | ---- | M] (ewido networks) -- C:\Program Files\ewido anti-malware\ewidoctrl.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012-01-14 12:36:31 | 000,849,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2010-12-17 16:19:38 | 005,971,408 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2009-11-03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2007-05-08 01:59:08 | 000,137,216 | ---- | M] () -- C:\WINDOWS\system32\OemSpi.dll
MOD - [2001-10-28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011-04-27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011-02-11 17:42:57 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-06-14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005-11-30 10:47:52 | 000,013,888 | ---- | M] (ewido networks) [Auto | Running] -- C:\Program Files\ewido anti-malware\ewidoctrl.exe -- (ewido security suite control)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2012-01-14 12:24:38 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\{B90E4536-89EE-455E-9C73-B9C0831DCAB1}\MpKsl268fe7e4.sys -- (MpKsl268fe7e4)
DRV - [2010-02-26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-11-09 04:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-11-03 12:39:04 | 005,940,736 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-11-21 17:06:26 | 001,174,528 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi)
DRV - [2007-10-10 19:31:08 | 001,664,384 | ---- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt)
DRV - [2006-08-07 12:30:52 | 000,162,176 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005-12-08 04:54:52 | 000,114,688 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005-12-08 04:54:44 | 000,142,336 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005-03-04 04:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-776561741-706699826-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-776561741-706699826-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-776561741-706699826-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: codiprog@fbplus.plugin:1.8
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-09-01 11:18:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-14 12:36:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-14 12:36:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-09-01 11:18:21 | 000,000,000 | ---D | M]
[2011-03-02 09:36:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Art\Dane aplikacji\Mozilla\Extensions
[2012-01-14 12:46:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Art\Dane aplikacji\Mozilla\Firefox\Profiles\9mqwi7h4.default\extensions
[2010-04-28 10:34:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Art\Dane aplikacji\Mozilla\Firefox\Profiles\9mqwi7h4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-08-08 18:42:53 | 000,000,000 | ---D | M] ("Face Cool Smileys (FB Plus)") -- C:\Documents and Settings\Art\Dane aplikacji\Mozilla\Firefox\Profiles\9mqwi7h4.default\extensions\codiprog@fbplus.plugin
[2011-03-09 14:31:13 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Art\Dane aplikacji\Mozilla\Firefox\Profiles\9mqwi7h4.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2011-03-01 19:59:00 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\Art\Dane aplikacji\Mozilla\Firefox\Profiles\9mqwi7h4.default\extensions\firefox@tvunetworks.com
[2012-01-14 12:46:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-12-28 11:43:54 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-09-01 11:18:19 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010-01-16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\SPIRun.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-776561741-706699826-725345543-1004..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-776561741-706699826-725345543-1004..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-776561741-706699826-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C409D791-30C1-4BE6-9ABE-88D1194F069D}: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {54D9498B-CF93-414F-8984-8CE7FDE0D391} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-12-22 12:58:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-776561741-706699826-725345543-1004\...exe [@ = kD] -- "C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\miw.exe" -a "%1" %* (?????????? ??????????)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012-01-12 16:22:48 | 000,275,456 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\miw.exe
[2012-01-07 13:13:06 | 000,000,000 | ---D | C] -- C:\6ab991cf6e042dada3dede
[2012-01-03 13:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\PITy
[2012-01-03 13:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PITy
[2012-01-03 13:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PITy
[2012-01-03 13:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\Infonetax
[2012-01-03 13:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Infonetax
[2012-01-03 13:26:20 | 000,000,000 | ---D | C] -- C:\Infonetax
[2011-12-23 09:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Art\Menu Start\Programy\ING Sidoma 8
[2009-12-30 14:47:55 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012-01-14 12:29:29 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012-01-14 12:27:45 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{92FBEB16-4D65-4D3F-9D9A-255368609878}.job
[2012-01-14 12:24:45 | 000,010,964 | -HS- | M] () -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\of4fh85sio42715cd0i54o0x377l1m862626w4k4n5uoy
[2012-01-14 12:24:45 | 000,010,964 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\of4fh85sio42715cd0i54o0x377l1m862626w4k4n5uoy
[2012-01-14 12:24:42 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-01-14 12:24:41 | 000,007,883 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-01-14 12:24:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-01-12 16:22:48 | 000,275,456 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\miw.exe
[2012-01-12 16:11:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-01-12 12:01:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-01-08 10:55:03 | 000,491,072 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-01-08 10:55:03 | 000,433,144 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-01-08 10:55:03 | 000,084,268 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-01-08 10:55:03 | 000,067,920 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-01-03 13:39:38 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Art\Pulpit\PITy roczne.lnk
[2012-01-03 13:33:14 | 000,003,845 | ---- | M] () -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\unins000.dat
[2012-01-03 13:32:14 | 000,723,981 | ---- | M] () -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\unins000.exe
[2012-01-03 13:26:24 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PIT-OPP 2011.lnk
[2011-12-30 20:54:54 | 000,002,389 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-12-23 09:50:21 | 000,001,822 | ---- | M] () -- C:\Documents and Settings\Art\Pulpit\ING SidomaOnLine 8.lnk
[2011-12-23 00:30:21 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012-01-12 16:22:48 | 000,010,964 | -HS- | C] () -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\of4fh85sio42715cd0i54o0x377l1m862626w4k4n5uoy
[2012-01-12 16:22:48 | 000,010,964 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\of4fh85sio42715cd0i54o0x377l1m862626w4k4n5uoy
[2012-01-03 13:39:38 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Art\Pulpit\PITy roczne.lnk
[2012-01-03 13:31:40 | 000,723,981 | ---- | C] () -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\unins000.exe
[2012-01-03 13:31:40 | 000,003,845 | ---- | C] () -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\unins000.dat
[2012-01-03 13:26:24 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PIT-OPP 2011.lnk
[2011-12-30 20:54:54 | 000,002,389 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-12-19 16:13:19 | 000,000,458 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{92FBEB16-4D65-4D3F-9D9A-255368609878}.job
[2011-03-14 10:59:04 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2010-03-10 13:54:26 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010-01-15 18:51:46 | 000,240,640 | ---- | C] () -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-11 21:44:29 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-01-08 10:55:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-12-31 13:32:22 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-12-30 14:51:19 | 000,003,118 | ---- | C] () -- C:\WINDOWS\System32\AudioDrv.ini
[2009-12-30 14:47:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2009-12-30 14:47:54 | 000,137,216 | ---- | C] () -- C:\WINDOWS\System32\OemSpi.dll
[2009-12-22 13:45:53 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-12-22 13:44:50 | 001,489,896 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-12-22 12:59:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-12-22 12:55:52 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006-12-22 02:55:46 | 000,023,273 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2006-08-23 11:47:00 | 000,008,251 | R--- | C] () -- C:\WINDOWS\sfsyn.ini
[2005-03-08 07:17:08 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004-08-04 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004-08-04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004-08-04 13:00:00 | 000,491,072 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2004-08-04 13:00:00 | 000,433,144 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004-08-04 13:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2004-08-04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004-08-04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004-08-04 13:00:00 | 000,084,268 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2004-08-04 13:00:00 | 000,067,920 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004-08-04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004-08-04 13:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2004-08-04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004-08-04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-08-04 13:00:00 | 000,004,486 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004-08-04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
< End of report >
OTL Extras logfile created on: 2012-01-14 12:51:27 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Art\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1,50 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 60,09% Memory free
3,35 Gb Paging File | 2,93 Gb Available in Paging File | 87,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 198,80 Gb Free Space | 85,37% Space Free | Partition Type: NTFS
Computer Name: ART-E4E8E5E42D7 | User Name: Art | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-776561741-706699826-725345543-1004\SOFTWARE\Classes\]
.exe [@ = Awo] -- C:\Documents and Settings\Art\Ustawienia lokalne\Dane aplikacji\miw.exe (?????????? ??????????)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- (sms-express.com)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia)
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\Sti\SterlingTraderPro\Base.exe" = C:\Program Files\Sti\SterlingTraderPro\Base.exe:*:Enabled:Base -- ()
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1" = AML Free Registry Cleaner 4.20
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43592B2E-C393-433F-8D0E-5A4B15A8C786}" = Microsoft Antimalware Service PL-PL Language Pack
"{494367EC-82A9-4C0D-A788-74A967998E8C}" = FOREX DoAkcji - Platforma Transakcyjna
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client PL-PL Language Pack
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53E2DCBB-E6F7-4C83-B1EF-F78435B9814E}" = Sound Blaster X-Fi Xtreme Audio
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{670A2206-F20A-490C-8C13-25EA88BF8E53}_is1" = e-pity 2010
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86)
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1" = Wtyczka e-Deklaracje
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C9DDCAA-91E1-4DAA-BC65-68BD80546B98}}_is1" = PIT-OPP 2011
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9590C850-8A55-43DB-A413-DFF6E5636570}" = PC Connectivity Solution
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.7
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E7EBCC-6F38-4534-AC3E-183EFDA135F0}" = Nokia Ovi Suite
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F9EBCE70-48D4-4176-9358-52FF05DBF4CB}" = Sterling Trader Pro
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"ALLPlayer_is1" = ALLPlayer V4.X
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Pakiet sterowników systemu Windows - Nokia Modem (03/05/2008 3.7)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Pakiet sterowników systemu Windows - Nokia Modem (03/13/2008 6.86.0.1)
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"ewidoantimalware" = ewido anti-malware
"FOREX DoAkcji - Platforma Transakcyjna" = FOREX DoAkcji - Platforma Transakcyjna
"Gadu-Gadu" = Gadu-Gadu 6.1
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Nokia Maps Updater_is1" = Nokia Maps Updater 1.0.12
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PITy 2008_is1" = PITy 2008 dla Windows kompilacja:1.0.2.0
"PITy 2009_is1" = PITy 2009 dla Windows kompilacja:1.1.2.0
"PITy 2011_is1" = PITy 2011
"Pity Format 2010_is1" = Pity Format 2010
"PokerStars" = PokerStars
"PowerISO" = PowerISO
"RealAlt_is1" = Real Alternative 2.0.2
"Revo Uninstaller" = Revo Uninstaller 1.91
"Rozliczenie Roczne Rzeczpospolitej 2009" = Rozliczenie Roczne Rzeczpospolitej 2009
"Soulseek2" = SoulSeek 157 NS 13e
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-776561741-706699826-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ING SidomaOnLine 8" = ING SidomaOnLine 8
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[Application Events]
Error - 2011-12-13 06:07:18 | Computer Name = ART-E4E8E5E42D7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-12-14 15:42:57 | Computer Name = ART-E4E8E5E42D7 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł
powodujący błąd mshtml.dll, wersja 8.0.6001.19154, adres błędu 0x00067a38.
Error - 2011-12-15 04:52:42 | Computer Name = ART-E4E8E5E42D7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-12-15 04:52:53 | Computer Name = ART-E4E8E5E42D7 | Source = Application Hang | ID = 1001
Description = Pakiet błędów 1180947459.
Error - 2011-12-21 09:20:24 | Computer Name = ART-E4E8E5E42D7 | Source = SecurityCenter | ID = 1802
Description = Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend
zdarzeń z WMI, aby monitorować zaporę i program antywirusowy innej firmy.
Error - 2011-12-23 19:13:25 | Computer Name = ART-E4E8E5E42D7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2011-12-30 08:10:43 | Computer Name = ART-E4E8E5E42D7 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł
powodujący błąd mshtml.dll, wersja 8.0.6001.19170, adres błędu 0x00067978.
Error - 2012-01-07 16:31:01 | Computer Name = ART-E4E8E5E42D7 | Source = MsiInstaller | ID = 11704
Description = Produkt: Microsoft .NET Framework 3.5 SP1 -- Error 1704.Instalacja
Microsoft .NET Framework 2.0 Service Pack 2 jest w tej chwili wstrzymana. Przed
kontynuacją musisz cofnąć zmiany dokonane przez tę instalację. Chcesz cofnąć zmiany?
Error - 2012-01-10 06:28:56 | Computer Name = ART-E4E8E5E42D7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2012-01-14 07:34:30 | Computer Name = ART-E4E8E5E42D7 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.
[System Events]
Error - 2011-12-21 09:20:24 | Computer Name = ART-E4E8E5E42D7 | Source = DCOM | ID = 10010
Description = Serwer {8BC3F05E-D86B-11D0-A075-00C04FB68820} nie zarejestrował się
w modelu DCOM w wymaganym czasie.
Error - 2012-01-14 07:34:30 | Computer Name = ART-E4E8E5E42D7 | Source = Microsoft Antimalware | ID = 2001
Description = Program %%860 napotkał błąd podczas próby aktualizacji podpisów. Nowa
wersja podpisu: Poprzednia wersja podpisu: 1.117.2670.0 Źródło aktualizacji: %%859
Etap
aktualizacji %%852 Ścieżka źródła: Default URL Typ podpisu: %%800 Typ aktualizacji:
%%803 Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja
aparatu: 1.1.7903.0 Kod błędu: 0x80070424 Opis błędu: Określona usługa nie istnieje
jako usługa zainstalowana.
< End of report >
Dzięki za pomoc i pozdrawiam