ewelina1718 utworzono 18 września 2009 utworzono 18 września 2009 (edytowane) Przy korzystaniu z internetu strony włączają mi się same np.reklamy gier itp. Nie wiem co z tym zrobić. Bardzo proszę o pomoc. Edytowane 18 września 2009 przez Andziorka Przenoszę
Psycholandia komentarz 18 września 2009 komentarz 18 września 2009 Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338
ewelina1718 komentarz 18 września 2009 Autor komentarz 18 września 2009 (edytowane) Log do sprawdzenia OTL logfile created on: 2009-09-18 15:38:08 - Run 1OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\maxdata\Moje dokumenty\PobieranieWindows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.2180)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd503,42 Mb Total Physical Memory | 68,36 Mb Available Physical Memory | 13,58% Memory free1,20 Gb Paging File | 0,74 Gb Available in Paging File | 61,69% Paging File freePaging file location(s): C:\pagefile.sys 756 1512 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 14,97 Gb Total Space | 5,57 Gb Free Space | 37,21% Space Free | Partition Type: NTFSDrive D: | 59,55 Gb Total Space | 58,57 Gb Free Space | 98,35% Space Free | Partition Type: NTFSE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: MMM-6B538378593Current User Name: maxdataLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exePRC - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exePRC - [2004-08-04 02:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXEPRC - [2005-07-08 20:05:26 | 00,729,178 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exePRC - [2005-02-08 19:36:20 | 00,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxtray.exePRC - [2005-02-08 19:32:36 | 00,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hkcmd.exePRC - [2005-08-10 00:17:28 | 14,743,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXEPRC - [2009-08-17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exePRC - [2009-01-28 19:31:58 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exePRC - [2006-02-19 02:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exePRC - [2008-08-14 12:26:02 | 09,929,312 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exePRC - [2009-09-01 10:51:42 | 04,726,168 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exePRC - [2006-02-19 04:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exePRC - [2006-03-04 17:40:30 | 00,882,176 | ---- | M] () -- C:\Program Files\Kalendarz XP\Kalendarz.exePRC - [2006-03-23 11:27:34 | 00,602,112 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exePRC - [2006-02-19 05:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exePRC - [2009-09-02 21:20:36 | 00,054,760 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Sukoku\sukoku117.exePRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exePRC - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exePRC - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exePRC - [2009-09-02 21:20:36 | 00,054,760 | ---- | M] () -- C:\Program Files\Sukoku\sukoku.exePRC - [2004-08-04 02:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exePRC - [2009-09-13 13:00:06 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2009-09-18 15:36:14 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\maxdata\Moje dokumenty\Pobieranie\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2009-09-11 19:12:48 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])SRV - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])SRV - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])SRV - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])SRV - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])SRV - [2004-08-04 02:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [unknown | Stopped])SRV - [2009-09-02 21:20:36 | 00,054,760 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Sukoku\sukoku117.exe -- (Sukoku Service [Auto | Running])SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])========== Driver Services (SafeList) ==========DRV - [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [system | Running])DRV - [2009-07-21 22:51:47 | 00,020,747 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])DRV - [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])DRV - [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])DRV - [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [system | Running])DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [system | Running])DRV - [2005-01-07 17:07:16 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])DRV - [2006-04-12 12:04:39 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])DRV - [2006-04-12 12:04:39 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])DRV - [2006-04-12 12:04:39 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])DRV - [2005-03-17 02:50:36 | 00,165,504 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])DRV - [2005-03-17 02:51:16 | 01,033,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])DRV - [2005-02-08 20:00:12 | 00,804,572 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])DRV - [2005-08-10 01:43:46 | 03,855,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])DRV - [2004-03-17 05:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2006-01-19 22:10:50 | 00,363,008 | ---- | M] (Ralink Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\RT61.sys -- (RT61 [On_Demand | Running])DRV - [2005-03-04 20:10:26 | 00,074,496 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])DRV - [2004-08-04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])DRV - [2004-07-17 13:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2005-07-08 19:52:12 | 00,190,560 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])DRV - [2004-06-10 01:42:38 | 00,015,429 | R--- | M] ( ) -- C:\WINDOWS\System32\DRIVERS\Sacm2A.sys -- (USBCM [On_Demand | Running])DRV - [2005-03-17 02:50:32 | 00,705,280 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=homeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.gamingharbor.com/IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)IE - HKU\S-1-5-21-448539723-1614895754-682003330-1003\S-1-5-21-448539723-1614895754-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: "Winamp Search"FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="FF - prefs.js..browser.search.selectedEngine: "search"FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..browser.startup.homepage: "http://www.google.pl/"FF - prefs.js..extensions.enabledItems: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}:2.0.0.1050FF - prefs.js..extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.8.1.4690FF - prefs.js..extensions.enabledItems: {7AB6D133-2A14-4C11-B3AD-35B1548D38F9}:1.0FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF [2009-09-15 19:58:01 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\2.0.0.1050\FF [2009-09-15 19:58:16 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-14 23:02:16 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-13 18:12:43 | 00,000,000 | ---D | M][2009-08-20 19:57:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\mozilla\Extensions[2009-08-20 19:57:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-09-17 19:11:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\mozilla\Firefox\Profiles\zfbulp14.default\extensions[2009-08-17 12:25:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\mozilla\Firefox\Profiles\zfbulp14.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}[2009-08-17 12:25:52 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\maxdata\Dane aplikacji\Mozilla\FireFox\Profiles\zfbulp14.default\searchplugins\winamp-search.xml[2009-09-17 19:11:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-09-15 21:30:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{7AB6D133-2A14-4C11-B3AD-35B1548D38F9}[2009-09-13 13:00:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2009-09-13 13:00:03 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-09-13 13:00:03 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009-09-13 13:00:09 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2009-09-05 19:26:55 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-09-05 19:26:55 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-09-05 19:26:55 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-09-05 19:26:55 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-09-05 19:26:55 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-09-09 17:34:13 | 00,001,210 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml[2009-09-15 21:30:14 | 00,002,381 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\sukoku117.xml[2009-09-05 19:26:55 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-09-05 19:26:55 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (7311 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: 74.125.45.100 4-open-davinci.comO1 - Hosts: 74.125.45.100 securitysoftwarepayments.comO1 - Hosts: 74.125.45.100 privatesecuredpayments.comO1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.comO1 - Hosts: 74.125.45.100 getantivirusplusnow.comO1 - Hosts: 74.125.45.100 secure-plus-payments.comO1 - Hosts: 74.125.45.100 www.getantivirusplusnow.comO1 - Hosts: 74.125.45.100 www.secure-plus-payments.comO1 - Hosts: 74.125.45.100 www.getavplusnow.comO1 - Hosts: 74.125.45.100 www.securesoftwarebill.comO1 - Hosts: 74.125.45.100 secure.paysecuresystem.comO1 - Hosts: 74.125.45.100 paysoftbillsolution.comO1 - Hosts: 89.149.227.223 google.aeO1 - Hosts: 89.149.227.223 google.asO1 - Hosts: 89.149.227.223 google.atO1 - Hosts: 89.149.227.223 google.azO1 - Hosts: 89.149.227.223 google.baO1 - Hosts: 89.149.227.223 google.beO1 - Hosts: 89.149.227.223 google.bgO1 - Hosts: 89.149.227.223 google.bsO1 - Hosts: 89.149.227.223 google.caO1 - Hosts: 89.149.227.223 google.cdO1 - Hosts: 89.149.227.223 google.com.ghO1 - Hosts: 89.149.227.223 google.com.hkO1 - Hosts: 194 more lines...O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll ()O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll ()O2 - BHO: (System Search Dispatcher) - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.3.1040\ssd.dll ()O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\maxdata\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O3 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.O3 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HDAShCut.exe (Windows ® Server 2003 DDK provider)O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)O4 - HKLM..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()O4 - HKU\S-1-5-21-448539723-1614895754-682003330-1003..\Run: [iPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)O4 - HKU\S-1-5-21-448539723-1614895754-682003330-1003..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe ()O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)O4 - Startup: C:\Documents and Settings\maxdata\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1O7 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.O15 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..Trusted Domains: macromedia.com ([fpdownload] https in Zaufane witryny)O15 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..Trusted Domains: macromedia.com ([www] https in Zaufane witryny)O15 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..Trusted Domains: shockwave.com ([sdc] https in Zaufane witryny)O15 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.139.8.7 88.156.63.9O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-07-21 22:37:58 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found========== Files/Folders - Created Within 30 Days ==========[3 C:\WINDOWS\*.tmp files][2009-09-18 11:09:46 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro[2009-09-18 11:06:37 | 00,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe[2009-09-18 11:06:37 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2009-09-18 11:06:37 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2009-09-18 11:06:37 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2009-09-18 11:06:37 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2009-09-18 11:06:37 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2009-09-18 11:06:37 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2009-09-18 11:06:37 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2009-09-18 11:06:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2009-09-18 11:06:28 | 00,000,000 | --SD | C] -- C:\ComboFix[2009-09-18 11:06:27 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF680.exe[2009-09-18 11:05:18 | 00,000,000 | ---D | C] -- C:\Qoobox[2009-09-17 13:34:22 | 00,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll[2009-09-17 13:34:21 | 00,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\WINDOWS\System32\imagr5.dll[2009-09-17 13:34:21 | 00,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\imagx5.dll[2009-09-17 13:34:21 | 00,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\ImagXpr5.dll[2009-09-17 13:34:20 | 00,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe[2009-09-17 13:34:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead[2009-09-17 13:34:17 | 00,000,000 | ---D | C] -- C:\Program Files\Ahead[2009-09-17 13:33:22 | 00,372,736 | ---- | C] () -- C:\Documents and Settings\maxdata\Moje dokumenty\Dok1.doc[2009-09-17 13:31:00 | 00,000,000 | ---D | C] -- C:\Program Files\UnderCoverXP[2009-09-17 13:18:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\Ahead[2009-09-17 12:02:20 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache[2009-09-15 19:59:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Internet Saving Optimizer[2009-09-15 19:58:35 | 00,000,000 | ---D | C] -- C:\Program Files\Sukoku[2009-09-15 19:58:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sukoku[2009-09-15 19:58:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Media Access Startup[2009-09-15 19:58:15 | 00,000,000 | ---D | C] -- C:\Program Files\Media Access Startup[2009-09-15 19:58:00 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Saving Optimizer[2009-09-15 19:57:47 | 00,000,000 | ---D | C] -- C:\Program Files\System Search Dispatcher[2009-09-15 19:57:08 | 00,000,000 | ---D | C] -- C:\Program Files\DoubleD[2009-09-15 19:56:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\DoubleD[2009-09-15 17:10:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\Tematy maturalne[2009-09-13 17:19:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\ipla[2009-09-13 17:19:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla[2009-09-13 17:19:16 | 00,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk[2009-09-13 17:19:12 | 00,000,000 | ---D | C] -- C:\Program Files\ipla[2009-09-11 19:51:57 | 00,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre[2009-09-11 19:18:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Moje dokumenty\Updater[2009-09-11 19:18:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe Systems[2009-09-11 19:13:41 | 00,000,988 | ---- | C] () -- C:\Documents and Settings\maxdata\Menu Start\Programy\Autostart\Adobe Gamma.lnk[2009-09-11 19:13:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Adobe PDF[2009-09-11 19:12:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared[2009-09-11 17:40:35 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\maxdata\Moje dokumenty\prezentacja maturalna.doc[2009-09-11 12:41:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\Image Zone Express[2009-09-09 17:51:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\Malwarebytes[2009-09-09 17:51:08 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk[2009-09-09 17:51:05 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys[2009-09-09 17:51:04 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2009-09-09 17:51:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2009-09-09 17:51:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes[2009-09-09 17:32:52 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\e570506[2009-09-09 09:26:58 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk[2009-09-09 09:26:27 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu[2009-09-06 20:30:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Moje dokumenty\Pobieranie[2009-09-06 16:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Winamp Toolbar[2009-09-03 22:07:55 | 00,068,096 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\Przepisy.doc[2009-09-01 21:48:52 | 03,425,261 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\mike and the mechanics - over my shoulder.mp3[2009-09-01 18:44:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\Ewelina[2009-09-01 17:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZipSE[2009-09-01 17:36:46 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip Self-Extractor[2009-09-01 16:25:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\motorola[2009-09-01 16:09:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\muzyka kasia[2009-09-01 15:54:32 | 02,333,970 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\Instrukcja_obslugi_do-Motoroli-MOTO-U9.pdf[2009-08-31 21:20:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm[2009-08-31 21:19:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Last.fm[2009-08-31 21:19:09 | 00,000,000 | ---D | C] -- C:\Program Files\Last.fm[2009-08-29 19:01:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Moje dokumenty\przepisy[2009-08-27 23:29:13 | 03,367,583 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\todd hunter band - i dont want to go home .mp3[2009-08-27 16:33:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\Myslovitz[2009-08-27 15:17:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\telefon[2009-08-27 15:00:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll[2009-08-27 15:00:52 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll[2009-08-26 12:39:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\HP[2009-08-26 12:38:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP[2009-08-26 12:38:21 | 00,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\HP Photosmart Essential.lnk[2009-08-26 12:37:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP[2009-08-26 12:37:41 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk[2009-08-26 12:37:16 | 00,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Centrum obsługi HP.lnk[2009-08-26 12:36:25 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard[2009-08-26 12:36:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard[2009-08-26 12:34:39 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll[2009-08-26 12:34:18 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys[2009-08-26 12:34:18 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys[2009-08-26 12:32:48 | 00,000,000 | ---D | C] -- C:\Program Files\HP[2009-08-26 12:32:19 | 00,000,000 | -H-D | C] -- C:\Config.Msi[2009-08-26 12:31:35 | 00,120,279 | ---- | C] () -- C:\WINDOWS\hpoins11.dat[2009-08-26 12:31:35 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys[2009-08-26 12:31:35 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys[2009-08-26 12:31:23 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys[2009-08-26 12:31:23 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys[2009-08-26 12:30:25 | 00,012,328 | ---- | C] () -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT[2009-08-25 17:06:47 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_wrzesień.xls[2009-08-25 17:02:53 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_sierpień.xls[2009-08-25 16:55:53 | 00,036,352 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_maj.xls[2009-08-22 15:04:29 | 00,135,168 | R--- | C] () -- C:\WINDOWS\UNDPX2A.exe[2009-08-22 15:04:29 | 00,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys[2009-08-22 15:04:29 | 00,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys[2009-08-21 18:04:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Identities[2009-08-21 18:04:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\WinRAR[2009-08-21 11:31:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\Nieużywane skróty pulpitu[2009-07-21 22:51:55 | 00,295,016 | ---- | C] () -- C:\WINDOWS\System32\Install6x.dll[2004-08-04 02:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll[2004-07-17 13:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys[2001-07-22 02:16:20 | 00,000,642 | ---- | C] () -- C:\WINDOWS\win.ini[2001-07-22 02:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini[2001-07-07 03:00:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI========== Files - Modified Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][3 C:\WINDOWS\*.tmp files][2009-09-18 15:32:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-09-18 15:31:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-09-18 11:05:15 | 00,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF680.exe[2009-09-17 21:43:45 | 00,068,096 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\Przepisy.doc[2009-09-17 13:33:23 | 00,372,736 | ---- | M] () -- C:\Documents and Settings\maxdata\Moje dokumenty\Dok1.doc[2009-09-15 22:35:20 | 00,000,642 | ---- | M] () -- C:\WINDOWS\win.ini[2009-09-14 02:12:36 | 00,229,888 | ---- | M] () -- C:\WINDOWS\PEV.exe[2009-09-13 17:19:27 | 00,012,328 | ---- | M] () -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT[2009-09-13 17:19:16 | 00,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk[2009-09-11 20:59:35 | 00,094,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2009-09-11 19:13:41 | 00,000,988 | ---- | M] () -- C:\Documents and Settings\maxdata\Menu Start\Programy\Autostart\Adobe Gamma.lnk[2009-09-11 17:40:36 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\maxdata\Moje dokumenty\prezentacja maturalna.doc[2009-09-09 17:51:08 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk[2009-09-09 17:42:54 | 00,007,311 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts[2009-09-09 09:26:58 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk[2009-09-04 21:15:48 | 03,425,261 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\mike and the mechanics - over my shoulder.mp3[2009-09-04 21:15:16 | 03,367,583 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\todd hunter band - i dont want to go home .mp3[2009-09-01 16:22:24 | 02,333,970 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\Instrukcja_obslugi_do-Motoroli-MOTO-U9.pdf[2009-08-26 12:41:38 | 06,413,670 | -H-- | M] () -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\IconCache.db[2009-08-26 12:39:28 | 00,120,279 | ---- | M] () -- C:\WINDOWS\hpoins11.dat[2009-08-26 12:38:21 | 00,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\HP Photosmart Essential.lnk[2009-08-26 12:37:41 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk[2009-08-26 12:37:16 | 00,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Centrum obsługi HP.lnk[2009-08-25 17:07:45 | 00,044,544 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_sierpień.xls[2009-08-25 17:06:49 | 00,044,544 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_wrzesień.xls[2009-08-23 17:06:30 | 00,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT========== LOP Check ==========[2009-09-15 23:56:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2009-09-09 18:10:11 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\e570506[2009-09-13 17:19:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla[2009-08-31 21:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm[2009-09-15 20:01:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sukoku[2009-08-17 11:58:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2009-09-01 17:36:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZipSE[2009-07-22 00:27:22 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2009-09-15 21:30:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2009-09-17 13:18:41 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji[2009-09-17 13:18:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\Ahead[2009-09-11 12:41:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\Image Zone Express[2009-09-18 15:32:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\ipla[2009-09-03 10:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\Nowe Gadu-Gadu[2009-07-21 22:41:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2001-07-22 02:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2009-09-18 15:32:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7E95B6FD< End of report > Edytowane 18 września 2009 przez Andziorka Wklejam logi w [log]
Psycholandia komentarz 18 września 2009 komentarz 18 września 2009 Wejdź w: C:\WINDOWS\system32\drivers\etc otwórz plik: Hosts notatnikiem i usuń poniższe: O1 - Hosts: 74.125.45.100 4-open-davinci.comO1 - Hosts: 74.125.45.100 securitysoftwarepayments.comO1 - Hosts: 74.125.45.100 privatesecuredpayments.comO1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.comO1 - Hosts: 74.125.45.100 getantivirusplusnow.comO1 - Hosts: 74.125.45.100 secure-plus-payments.comO1 - Hosts: 74.125.45.100 www.getantivirusplusnow.comO1 - Hosts: 74.125.45.100 www.secure-plus-payments.comO1 - Hosts: 74.125.45.100 www.getavplusnow.comO1 - Hosts: 74.125.45.100 www.securesoftwarebill.comO1 - Hosts: 74.125.45.100 secure.paysecuresystem.comO1 - Hosts: 74.125.45.100 paysoftbillsolution.comO1 - Hosts: 89.149.227.223 google.aeO1 - Hosts: 89.149.227.223 google.asO1 - Hosts: 89.149.227.223 google.atO1 - Hosts: 89.149.227.223 google.azO1 - Hosts: 89.149.227.223 google.baO1 - Hosts: 89.149.227.223 google.beO1 - Hosts: 89.149.227.223 google.bgO1 - Hosts: 89.149.227.223 google.bsO1 - Hosts: 89.149.227.223 google.caO1 - Hosts: 89.149.227.223 google.cdO1 - Hosts: 89.149.227.223 google.com.ghO1 - Hosts: 89.149.227.223 google.com.hkO1 - Hosts: 194 more lines... ma zostać tylko: O1 - Hosts: 127.0.0.1 localhost W okienko OTL wklej poniższy skrypt i klik na Run Fix: :Processesexplorer.exe:OTLO2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O3 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.O3 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.):FilesC:\Documents and Settings\All Users\Dane aplikacji\SukokuC:\Program Files\SukokuC:\WINDOWS\PEV.exeC:\WINDOWS\SWXCACLS.exeC:\WINDOWS\SWREG.exeC:\WINDOWS\SWSC.exeC:\WINDOWS\sed.exeC:\WINDOWS\grep.exeC:\WINDOWS\zip.exeC:\WINDOWS\ERDNTC:\WINDOWS\NIRCMD.exeC:\ComboFixC:\WINDOWS\System32\CF680.exeC:\Qoobox:Commands[emptytemp][start explorer][Reboot] Daj nowego loga + tego który powstanie.
ewelina1718 komentarz 18 września 2009 Autor komentarz 18 września 2009 (edytowane) Nowy log: Log do sprawdzenia OTL logfile created on: 2009-09-18 20:34:17 - Run 4OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\maxdata\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 503,42 Mb Total Physical Memory | 107,68 Mb Available Physical Memory | 21,39% Memory free 1,20 Gb Paging File | 0,82 Gb Available in Paging File | 67,95% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,97 Gb Total Space | 5,63 Gb Free Space | 37,60% Space Free | Partition Type: NTFS Drive D: | 59,55 Gb Total Space | 58,57 Gb Free Space | 98,35% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MMM-6B538378593 Current User Name: maxdata Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2004-08-04 02:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe PRC - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2004-08-04 02:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2005-07-08 20:05:26 | 00,729,178 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2005-02-08 19:36:20 | 00,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxtray.exe PRC - [2005-02-08 19:32:36 | 00,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hkcmd.exe PRC - [2005-08-10 00:17:28 | 14,743,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009-08-17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-01-28 19:31:58 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2009-02-27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe PRC - [2006-02-19 02:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe PRC - [2006-02-19 04:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2006-03-04 17:40:30 | 00,882,176 | ---- | M] () -- C:\Program Files\Kalendarz XP\Kalendarz.exe PRC - [2006-03-23 11:27:34 | 00,602,112 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe PRC - [2006-02-19 05:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe PRC - [2009-09-13 13:00:06 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-09-18 15:36:14 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\maxdata\Moje dokumenty\Pobieranie\OTL.exe ========== Win32 Services (SafeList) ========== SRV - [2009-09-11 19:12:48 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped]) SRV - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running]) SRV - [2004-08-04 02:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [unknown | Stopped]) SRV - File not found -- -- (Sukoku Service [Auto | Stopped]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) ========== Driver Services (SafeList) ========== DRV - [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [system | Running]) DRV - [2009-07-21 22:51:47 | 00,020,747 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running]) DRV - [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [system | Running]) DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [system | Running]) DRV - [2005-01-07 17:07:16 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped]) DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2006-04-12 12:04:39 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped]) DRV - [2006-04-12 12:04:39 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped]) DRV - [2006-04-12 12:04:39 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped]) DRV - [2005-03-17 02:50:36 | 00,165,504 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running]) DRV - [2005-03-17 02:51:16 | 01,033,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running]) DRV - [2005-02-08 20:00:12 | 00,804,572 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running]) DRV - [2005-08-10 01:43:46 | 03,855,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2004-03-17 05:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running]) DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running]) DRV - [2006-01-19 22:10:50 | 00,363,008 | ---- | M] (Ralink Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\RT61.sys -- (RT61 [On_Demand | Running]) DRV - [2005-03-04 20:10:26 | 00,074,496 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running]) DRV - [2004-08-04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped]) DRV - [2004-07-17 13:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2005-07-08 19:52:12 | 00,190,560 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running]) DRV - [2004-06-10 01:42:38 | 00,015,429 | R--- | M] ( ) -- C:\WINDOWS\System32\DRIVERS\Sacm2A.sys -- (USBCM [On_Demand | Running]) DRV - [2005-03-17 02:50:32 | 00,705,280 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.gamingharbor.com/ IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found IE - HKU\S-1-5-21-448539723-1614895754-682003330-1003\S-1-5-21-448539723-1614895754-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..browser.search.selectedEngine: "search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}:2.0.0.1050 FF - prefs.js..extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.8.1.4690 FF - prefs.js..extensions.enabledItems: {7AB6D133-2A14-4C11-B3AD-35B1548D38F9}:1.0 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF [2009-09-15 19:58:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\2.0.0.1050\FF [2009-09-15 19:58:16 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-14 23:02:16 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-13 18:12:43 | 00,000,000 | ---D | M] [2009-08-20 19:57:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\mozilla\Extensions [2009-08-20 19:57:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-09-18 19:39:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\mozilla\Firefox\Profiles\zfbulp14.default\extensions [2009-08-17 12:25:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\mozilla\Firefox\Profiles\zfbulp14.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-08-17 12:25:52 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\maxdata\Dane aplikacji\Mozilla\FireFox\Profiles\zfbulp14.default\searchplugins\winamp-search.xml [2009-09-18 19:39:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-09-15 21:30:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{7AB6D133-2A14-4C11-B3AD-35B1548D38F9} [2009-09-13 13:00:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-09-13 13:00:03 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-13 13:00:03 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-09-13 13:00:09 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-09-05 19:26:55 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-09-05 19:26:55 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-09-05 19:26:55 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-09-05 19:26:55 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-09-05 19:26:55 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-09-09 17:34:13 | 00,001,210 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml [2009-09-15 21:30:14 | 00,002,381 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\sukoku117.xml [2009-09-05 19:26:55 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-09-05 19:26:55 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (7311 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 74.125.45.100 4-open-davinci.com O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com O1 - Hosts: 74.125.45.100 privatesecuredpayments.com O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com O1 - Hosts: 74.125.45.100 getantivirusplusnow.com O1 - Hosts: 74.125.45.100 secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getavplusnow.com O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com O1 - Hosts: 74.125.45.100 paysoftbillsolution.com O1 - Hosts: 89.149.227.223 google.ae O1 - Hosts: 89.149.227.223 google.as O1 - Hosts: 89.149.227.223 google.at O1 - Hosts: 89.149.227.223 google.az O1 - Hosts: 89.149.227.223 google.ba O1 - Hosts: 89.149.227.223 google.be O1 - Hosts: 89.149.227.223 google.bg O1 - Hosts: 89.149.227.223 google.bs O1 - Hosts: 89.149.227.223 google.ca O1 - Hosts: 89.149.227.223 google.cd O1 - Hosts: 89.149.227.223 google.com.gh O1 - Hosts: 89.149.227.223 google.com.hk O1 - Hosts: 194 more lines... O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll () O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll () O2 - BHO: (System Search Dispatcher) - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.3.1040\ssd.dll () O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\maxdata\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HDAShCut.exe (Windows ® Server 2003 DDK provider) O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-448539723-1614895754-682003330-1003..\Run: [iPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-448539723-1614895754-682003330-1003..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.) O4 - Startup: C:\Documents and Settings\maxdata\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..Trusted Domains: macromedia.com ([fpdownload] https in Zaufane witryny) O15 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..Trusted Domains: macromedia.com ([www] https in Zaufane witryny) O15 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..Trusted Domains: shockwave.com ([sdc] https in Zaufane witryny) O15 - HKU\S-1-5-21-448539723-1614895754-682003330-1003\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.139.8.7 88.156.63.9 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-21 22:37:58 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found ========== Files/Folders - Created Within 30 Days ========== [2009-09-18 19:26:31 | 00,000,000 | ---D | C] -- C:\_OTL [2009-09-18 11:09:46 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2009-09-17 13:34:34 | 00,089,184 | ---- | C] (Ahead Software AG and its licensors) -- C:\WINDOWS\System32\drivers\imagedrv.sys [2009-09-17 13:34:34 | 00,057,344 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\ImageDrive.cpl [2009-09-17 13:34:22 | 00,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll [2009-09-17 13:34:21 | 00,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\WINDOWS\System32\imagr5.dll [2009-09-17 13:34:21 | 00,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\imagx5.dll [2009-09-17 13:34:21 | 00,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\ImagXpr5.dll [2009-09-17 13:34:20 | 00,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe [2009-09-17 13:34:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead [2009-09-17 13:34:17 | 00,000,000 | ---D | C] -- C:\Program Files\Ahead [2009-09-17 13:33:22 | 00,372,736 | ---- | C] () -- C:\Documents and Settings\maxdata\Moje dokumenty\Dok1.doc [2009-09-17 13:31:00 | 00,000,000 | ---D | C] -- C:\Program Files\UnderCoverXP [2009-09-17 13:18:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\Ahead [2009-09-17 12:02:20 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2009-09-15 19:59:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Internet Saving Optimizer [2009-09-15 19:58:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Media Access Startup [2009-09-15 19:58:15 | 00,000,000 | ---D | C] -- C:\Program Files\Media Access Startup [2009-09-15 19:58:00 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Saving Optimizer [2009-09-15 19:57:47 | 00,000,000 | ---D | C] -- C:\Program Files\System Search Dispatcher [2009-09-15 19:57:08 | 00,000,000 | ---D | C] -- C:\Program Files\DoubleD [2009-09-15 19:56:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\DoubleD [2009-09-15 17:10:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\Tematy maturalne [2009-09-13 17:19:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\ipla [2009-09-13 17:19:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-09-13 17:19:12 | 00,000,000 | ---D | C] -- C:\Program Files\ipla [2009-09-11 19:51:57 | 00,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre [2009-09-11 19:18:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Moje dokumenty\Updater [2009-09-11 19:18:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe Systems [2009-09-11 19:13:41 | 00,000,988 | ---- | C] () -- C:\Documents and Settings\maxdata\Menu Start\Programy\Autostart\Adobe Gamma.lnk [2009-09-11 19:13:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Adobe PDF [2009-09-11 19:12:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared [2009-09-11 17:40:35 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\maxdata\Moje dokumenty\prezentacja maturalna.doc [2009-09-11 12:41:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\Image Zone Express [2009-09-09 17:51:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\Malwarebytes [2009-09-09 17:51:05 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-09-09 17:51:04 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009-09-09 17:51:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009-09-09 17:51:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2009-09-09 17:32:52 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\e570506 [2009-09-09 09:26:27 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu [2009-09-06 20:30:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Moje dokumenty\Pobieranie [2009-09-06 16:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Winamp Toolbar [2009-09-03 22:07:55 | 00,068,096 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\Przepisy.doc [2009-09-01 18:44:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\Ewelina [2009-09-01 17:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZipSE [2009-09-01 17:36:46 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip Self-Extractor [2009-09-01 16:25:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\motorola [2009-09-01 16:09:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\muzyka kasia [2009-09-01 15:54:32 | 02,333,970 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\Instrukcja_obslugi_do-Motoroli-MOTO-U9.pdf [2009-08-31 21:20:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2009-08-31 21:19:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Last.fm [2009-08-31 21:19:09 | 00,000,000 | ---D | C] -- C:\Program Files\Last.fm [2009-08-29 19:01:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Moje dokumenty\przepisy [2009-08-27 16:33:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\Myslovitz [2009-08-27 15:17:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\telefon [2009-08-27 15:00:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2009-08-27 15:00:52 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2009-08-26 12:39:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\HP [2009-08-26 12:38:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP [2009-08-26 12:37:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2009-08-26 12:37:41 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk [2009-08-26 12:36:25 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard [2009-08-26 12:36:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard [2009-08-26 12:34:57 | 00,016,496 | R--- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZipr12.sys [2009-08-26 12:34:56 | 00,049,664 | R--- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZid412.sys [2009-08-26 12:34:39 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2009-08-26 12:34:36 | 00,048,128 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll054.dll [2009-08-26 12:34:18 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys [2009-08-26 12:34:18 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys [2009-08-26 12:33:50 | 00,204,800 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipr12.dll [2009-08-26 12:33:50 | 00,094,208 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipt12.dll [2009-08-26 12:33:50 | 00,057,344 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZisn12.dll [2009-08-26 12:33:49 | 00,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe [2009-08-26 12:33:49 | 00,282,680 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZidr12.dll [2009-08-26 12:33:49 | 00,069,632 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipm12.exe [2009-08-26 12:33:49 | 00,065,536 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZinw12.exe [2009-08-26 12:32:48 | 00,000,000 | ---D | C] -- C:\Program Files\HP [2009-08-26 12:32:19 | 00,000,000 | -H-D | C] -- C:\Config.Msi [2009-08-26 12:31:35 | 00,120,279 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2009-08-26 12:31:35 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys [2009-08-26 12:31:35 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2009-08-26 12:31:23 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys [2009-08-26 12:31:23 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys [2009-08-26 12:30:25 | 00,012,328 | ---- | C] () -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-08-25 17:06:47 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_wrzesień.xls [2009-08-25 17:02:53 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_sierpień.xls [2009-08-25 16:55:53 | 00,036,352 | ---- | C] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_maj.xls [2009-08-22 15:04:29 | 00,135,168 | R--- | C] () -- C:\WINDOWS\UNDPX2A.exe [2009-08-22 15:04:29 | 00,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys [2009-08-22 15:04:29 | 00,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys [2009-08-21 18:04:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\Identities [2009-08-21 18:04:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Dane aplikacji\WinRAR [2009-08-21 11:31:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\maxdata\Pulpit\Nieużywane skróty pulpitu [2009-07-21 22:51:55 | 00,295,016 | ---- | C] () -- C:\WINDOWS\System32\Install6x.dll [2004-08-04 02:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-07-17 13:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-07-22 02:16:20 | 00,000,642 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-22 02:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [2001-07-07 03:00:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI ========== Files - Modified Within 30 Days ========== [2009-09-18 20:29:33 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-09-18 20:29:27 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-09-18 19:24:21 | 00,000,031 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts.sam [2009-09-17 21:43:45 | 00,068,096 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\Przepisy.doc [2009-09-17 13:33:23 | 00,372,736 | ---- | M] () -- C:\Documents and Settings\maxdata\Moje dokumenty\Dok1.doc [2009-09-15 22:35:20 | 00,000,642 | ---- | M] () -- C:\WINDOWS\win.ini [2009-09-13 17:19:27 | 00,012,328 | ---- | M] () -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-09-11 20:59:35 | 00,094,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-09-11 19:13:41 | 00,000,988 | ---- | M] () -- C:\Documents and Settings\maxdata\Menu Start\Programy\Autostart\Adobe Gamma.lnk [2009-09-11 17:40:36 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\maxdata\Moje dokumenty\prezentacja maturalna.doc [2009-09-09 17:42:54 | 00,007,311 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009-09-01 16:22:24 | 02,333,970 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\Instrukcja_obslugi_do-Motoroli-MOTO-U9.pdf [2009-08-26 12:41:38 | 06,413,670 | -H-- | M] () -- C:\Documents and Settings\maxdata\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-08-26 12:39:28 | 00,120,279 | ---- | M] () -- C:\WINDOWS\hpoins11.dat [2009-08-26 12:37:41 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk [2009-08-25 17:07:45 | 00,044,544 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_sierpień.xls [2009-08-25 17:06:49 | 00,044,544 | ---- | M] () -- C:\Documents and Settings\maxdata\Pulpit\ewidencja_wrzesień.xls [2009-08-23 17:06:30 | 00,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT ========== LOP Check ========== [2009-09-18 19:26:45 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-09-09 18:10:11 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\e570506 [2009-09-13 17:19:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-08-31 21:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2009-08-17 11:58:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-09-01 17:36:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZipSE [2009-07-22 00:27:22 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-09-15 21:30:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-09-17 13:18:41 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji [2009-09-17 13:18:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\Ahead [2009-09-11 12:41:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\Image Zone Express [2009-09-18 20:30:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\ipla [2009-09-03 10:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\maxdata\Dane aplikacji\Nowe Gadu-Gadu [2009-07-21 22:41:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2001-07-22 02:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-09-18 20:29:33 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7E95B6FD < End of report > I to co powstało: Log do sprawdzenia All processes killed========== PROCESSES ========== No active process named explorer.exe was found! ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ not found. File C:\Program Files\Winamp Toolbar\winamptb.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ not found. File C:\Program Files\Winamp Toolbar\winamptb.dll not found. Registry value HKEY_USERS\S-1-5-21-448539723-1614895754-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ not found. Registry value HKEY_USERS\S-1-5-21-448539723-1614895754-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found. File C:\Program Files\Winamp Toolbar\winamptb.dll not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. ========== FILES ========== File\Folder C:\Documents and Settings\All Users\Dane aplikacji\Sukoku not found. File\Folder C:\Program Files\Sukoku not found. File\Folder C:\WINDOWS\PEV.exe not found. File\Folder C:\WINDOWS\SWXCACLS.exe not found. File\Folder C:\WINDOWS\SWREG.exe not found. File\Folder C:\WINDOWS\SWSC.exe not found. File\Folder C:\WINDOWS\sed.exe not found. File\Folder C:\WINDOWS\grep.exe not found. File\Folder C:\WINDOWS\zip.exe not found. File\Folder C:\WINDOWS\ERDNT not found. File\Folder C:\WINDOWS\NIRCMD.exe not found. File\Folder C:\ComboFix not found. File\Folder C:\WINDOWS\System32\CF680.exe not found. File\Folder C:\Qoobox not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp\Historia\History.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp\Cookies\index.dat scheduled to be deleted on reboot. ->Temp folder emptied: 65984 bytes File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 33170 bytes User: maxdata ->Temp folder emptied: 5589 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 27403423 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5dc.dat scheduled to be deleted on reboot. Windows Temp folder emptied: 16384 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 26,28 mb OTL by OldTimer - Version 3.0.14.0 log created on 09182009_202814 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. C:\WINDOWS\temp\Perflib_Perfdata_5dc.dat moved successfully. Registry entries deleted on Reboot... //Daje tagi //MarekM25 Edytowane 18 września 2009 przez MarekM25
Psycholandia komentarz 18 września 2009 komentarz 18 września 2009 Wejdź w: C:\WINDOWS\system32\drivers\etc otwórz plik: Hosts notatnikiem i usuń poniższe: O1 - Hosts: 74.125.45.100 4-open-davinci.comO1 - Hosts: 74.125.45.100 securitysoftwarepayments.comO1 - Hosts: 74.125.45.100 privatesecuredpayments.comO1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.comO1 - Hosts: 74.125.45.100 getantivirusplusnow.comO1 - Hosts: 74.125.45.100 secure-plus-payments.comO1 - Hosts: 74.125.45.100 www.getantivirusplusnow.comO1 - Hosts: 74.125.45.100 www.secure-plus-payments.comO1 - Hosts: 74.125.45.100 www.getavplusnow.comO1 - Hosts: 74.125.45.100 www.securesoftwarebill.comO1 - Hosts: 74.125.45.100 secure.paysecuresystem.comO1 - Hosts: 74.125.45.100 paysoftbillsolution.comO1 - Hosts: 89.149.227.223 google.aeO1 - Hosts: 89.149.227.223 google.asO1 - Hosts: 89.149.227.223 google.atO1 - Hosts: 89.149.227.223 google.azO1 - Hosts: 89.149.227.223 google.baO1 - Hosts: 89.149.227.223 google.beO1 - Hosts: 89.149.227.223 google.bgO1 - Hosts: 89.149.227.223 google.bsO1 - Hosts: 89.149.227.223 google.caO1 - Hosts: 89.149.227.223 google.cdO1 - Hosts: 89.149.227.223 google.com.ghO1 - Hosts: 89.149.227.223 google.com.hkO1 - Hosts: 194 more lines... i zapisz plik ma zostać tylko: O1 - Hosts: 127.0.0.1 localhost
ewelina1718 komentarz 18 września 2009 Autor komentarz 18 września 2009 Niestety to nic nie dało. Strony dalej się włączają.
pr0oli komentarz 22 stycznia 2010 komentarz 22 stycznia 2010 Mam ten sam problem od miesiąca nie wiem co robic pomóżcie PS. Doadałem załacznik z Log bo nie wiem jak dodać innaczej.
Mateusz J. komentarz 23 stycznia 2010 komentarz 23 stycznia 2010 [b]pr0oli[/b] Uruchom OTL i w oknie Custom Scans/Fixes wklej[code] :OTL SRV - [2009-12-09 14:06:42 | 00,046,456 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\QuestService\questservice111.exe -- (QuestService Service) FF - HKLM\software\mozilla\Firefox\Extensions\\{40f1eb95-4de4-4f36-a826-054ee36bb905}: C:\Program Files (x86)\Gameztar Toolbar\2.1.3.6670\FFToolbar [2009-12-18 20:36:04 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files (x86)\Web Search Operator\4.1.0.2080\FF [2009-12-18 20:36:18 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5290\FF [2009-12-18 20:36:27 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files (x86)\Customized Platform Advancer\4.1.0.1960\FF [2009-12-18 20:36:41 | 00,000,000 | ---D | M] O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5290\ACEIEAddOn.dll () O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files (x86)\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll () O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files (x86)\Content Management Wizard\1.1.0.1990\CMWIE.dll () O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files (x86)\Textual Content Provider\1.1.0.1810\TCPIE.dll () O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files (x86)\Web Search Operator\4.1.0.2080\WSO.dll () O3 - HKLM\..\Toolbar: (Gameztar Toolbar) - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files (x86)\Gameztar Toolbar\2.1.3.6670\mvb0.dll () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O13 - gopher Prefix: missing O13 - gopher Prefix: missing :Files C:\ProgramData\QuestService C:\Program Files (x86)\Gameztar Toolbar C:\Program Files (x86)\Web Search Operator C:\Program Files (x86)\Automated Content Enhancer C:\Program Files (x86)\Customized Platform Advancer :Commands [emptytemp] [Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera. Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.