A.S.O.S. utworzono 3 lipca 2009 utworzono 3 lipca 2009 Mam 2 dyski. Pierwszy jako dysk C i jako Master. Drugi jako dyski D i E. Podczas pracy komputera (od przedwczoraj, a na całego od wczoraj - wcześniej zdarzało się to rzadko) już po uruchomieniu sytemu komputer zawiesza się na trochę - góra kilka minut i potem po "odwieszeniu" wyskakuje informacja, że HDD - dysk D i E zostały odłączone i faktycznie nie ma do nich dostępu, a przynajmniej nie ma ich w oknie "Mój Komputer". Przy czym praca na kompie przebiega poprawnie. Przedwczoraj po uruchomieniu komputera wyskoczyła informacja tego typu, że jest problem z dyskiem i oprócz naciśnięcia F1 jak i klawisza Del nic więcej nie dało się włączyć/uruchomić. Po którymś wyłączeniu i ponownym włączeniu komputera zaskoczyło i system poprawnie się załadował. Wczoraj ta sama sytuacja, ale juz kilkukrotne off/on komputera nic nie dalo - próbowałem w opcjach zmienić/pozmieniać ustawienia HDD na różne sposoby, ale nic - po czym ustawiłem opcje do wersji którą zastałem. Kilka godzin później ponownie włączam komputer, ale bez nadziei - a tu po trzecim uruchomieniu zaskoczył, przy czym przy dwóch włączeniach był czarny ekran. Bodajże przedwczoraj zainstalowałem aplikacje CWK (Czasowy Wyłącznik Komputera) i to bodajże od wtedy są problemy przy uruchamianiu komputera. Może przypadek, a może ma to wpływ. Z innych problemów, to zdarzy sie, że komputer się sam ponownie uruchomi. Ogólnie wolno chodzi, np. stworzenie nowego folderu, nazwanie i zapisanie trochę czasami trwa. Komputer juz dawno formata nie miał, cudem techniki nie jest, ale mógłby chodzić szybciej. Podczas oglądania niektórych filmów nie ma płynności w odtwarzaniu - SubEdit-Player zajmuje całe CPU i to mu za mało jeszcze. Przy oglądaniu video np. na YouTube, gdzie włączona mam tylko tą kartę, a wszystko co możliwe powyłączane, także nie ma płynności wideo - audio ok ale obraz przycina. net ok. HijackThis Logfile of Trend Micro HijackThis v2.0.2Scan saved at 04:20:58, on 2009-07-03Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeC:\WINNT\system32\bgsvcgen.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\hidserv.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\PC Tools Firewall Plus\FWService.exeC:\WINNT\system32\MSTask.exeC:\WINNT\system32\stisvc.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\system32\mspmspsv.exeC:\WINNT\system32\svchost.exeC:\WINNT\Explorer.EXEC:\Program Files\PC Tools Firewall Plus\FirewallGUI.exeC:\WINNT\system32\NOTEPAD.EXEC:\WINNT\system32\NOTEPAD.EXEC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\WINNT\system32\taskmgr.exeC:\WINNT\System32\calc.exeC:\Documents and Settings\Sławek\Pulpit\z dysku E\Gadu-Gadu\gg.exeC:\WINNT\system32\mshta.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logonO4 - HKLM\..\Run: [instantAccess] C:\Program Files\ScannerP\TBRIDGE\BIN\InstantAccess.exe /hO4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUNO4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -sO4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /minO4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')O4 - Startup: danwe do burlit.txtO4 - Startup: m ja.txtO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeO23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeO23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINNT\system32\bgsvcgen.exeO23 - Service: Usługa administracyjna Menedżera dysków logicznych (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe--End of file - 3558 bytes . Silent Runners "Silent Runners.vbs", revision 59, http://www.silentrunners.org/Operating System: Windows 2000Output limited to non-default values, except where indicated by "{++}"Startup items buried in registry:---------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}"Synchronization Manager" = "mobsync.exe /logon" [MS]"InstantAccess" = "C:\Program Files\ScannerP\TBRIDGE\BIN\InstantAccess.exe /h" [null data]"REGSHAVE" = "C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN" ["FUJI PHOTO FILM CO., LTD."]"00PCTFW" = ""C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s" ["PC Tools"]"avgnt" = ""C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min" ["Avira GmbH"]HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\(Default) = "Microsoft Windows Media Player" \StubPath = "rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserRemove" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found]"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINNT\System32\hticons.dll" ["Hilgraeve, Inc."]"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player" -> {HKLM...CLSID} = "RealOne Player Context Menu Class" \InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]"{D0FAC080-AE1A-11ce-8016-CE90976DC901}" = "Picture Publisher File Viewer" -> {HKLM...CLSID} = "Picture Publisher File Viewer" \InProcServer32\(Default) = "ppiv30.dll" [null data]"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" = "Shell Extension for Malware scanning" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]Default executables:--------------------<<!>> HKLM\SOFTWARE\Classes\.com\(Default) = "ComFile"Group Policies {GPedit.msc branch and setting}:-----------------------------------------------Note: detected settings may not have any effect.HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoDrives" = (REG_DWORD) dword:0x00000000{unrecognized setting}"CDRAutoRun" = (REG_DWORD) dword:0x00000000{unrecognized setting}HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoDrives" = (REG_DWORD) dword:0x00000000{unrecognized setting}HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|Shutdown: Allow system to be shut down without having to log on}"DisableRegistryTools" = (REG_DWORD) dword:0x00000000{unrecognized setting}Active Desktop and Wallpaper:-----------------------------Active Desktop may be enabled at this entry:HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellStateDisplayed if Active Desktop enabled and wallpaper not set by Group Policy:HKCU\Software\Microsoft\Internet Explorer\Desktop\General\"Wallpaper" = "%APPDATA%\Mozilla\Firefox\Tapeta pulpitu.bmp"Displayed if Active Desktop disabled and wallpaper not set by Group Policy:HKCU\Control Panel\Desktop\"Wallpaper" = "C:\Documents and Settings\Sławek\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp"Enabled Screen Saver:---------------------HKCU\Control Panel\Desktop\"SCRNSAVE.EXE" = "C:\WINNT\system32\scrnsave.scr" [MS]Startup items in "Sławek" & "All Users" startup folders:--------------------------------------------------------C:\Documents and Settings\Sławek\Menu Start\Programy\Autostart<<!>> "danwe do burlit.txt" [null data]<<!>> "m ja.txt" [null data]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l" [MS]Winsock2 Service Provider DLLs:-------------------------------Namespace Service ProvidersHKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}000000000001\LibraryPath = "%SystemRoot%\System32\rnr20.dll" [MS]000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]Transport Service ProvidersHKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:%SystemRoot%\system32\msafd.dll [MS], 01 - 03, 06 - 17%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05Toolbars, Explorer Bars, Extensions:------------------------------------Explorer BarsHKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie"Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]Extensions (Tools menu items, main toolbar menu buttons)HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\"MenuText" = "Sun Java Console""CLSIDExtension" = "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in 1.6.0_03" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.6.0_03" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll" ["Sun Microsystems, Inc."]{3AD14F0C-ED16-4E43-B6D8-661B03F6A1EF}\"ButtonText" = "PokerStars""Exec" = "C:\Program Files\PokerStars\PokerStarsUpdate.exe" [file not found]{92780B25-18CC-41C8-B9BE-3C9C571A8263}\"ButtonText" = "Badanie"Running Services (Display Name, Service Name, Path {Service DLL}):------------------------------------------------------------------Avira AntiVir Personal - Free Antivirus Guard, AntiVirService, ""C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"" ["Avira GmbH"]Avira AntiVir Personal - Free Antivirus Scheduler, AntiVirScheduler, ""C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"" ["Avira GmbH"]B's Recorder GOLD Library General Service, bgsvcgen, "C:\WINNT\system32\bgsvcgen.exe" ["B.H.A Corporation"]HID Input Service, HidServ, "C:\WINNT\system32\hidserv.exe" [MS]Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]PC Tools Firewall Plus, PCToolsFirewallPlus, "C:\Program Files\PC Tools Firewall Plus\FWService.exe" ["PC Tools"]System zdarzeń COM+, EventSystem, "C:\WINNT\System32\svchost.exe -k netsvcs" {"C:\WINNT\System32\es.dll" [null data]}Accessibility Tools:--------------------HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Narrator\"Application Path" = (empty string) [file not found]"Display Name" = "Narrator""Start with Utility Manager" = dword:0x00000001Print Monitors:---------------HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\hpzlnt04\Driver = "hpzlnt04.dll" ["HP"]Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]---------- (launch time: 2009-07-03 05:13:27)<<!>>: Suspicious data at a malware launch point.+ This report excludes default entries except where indicated.+ To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter.+ The search for DESKTOP.INI DLL launch points on all local fixed drives took 769 seconds.---------- (total run time: 1750 seconds)
Gość komentarz 3 lipca 2009 komentarz 3 lipca 2009 O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) Fix w HJT. Ogólnie w logach nic nie ma tych. Daj log z >>> DDS + OTL + RSIT'a. .
A.S.O.S. komentarz 4 lipca 2009 Autor komentarz 4 lipca 2009 (edytowane) DDS DDS DDS (Ver_09-06-26.01) - FAT32x86 Run by Sławek at 2:18:34,99 on So 2009-07-04Internet Explorer: 6.0.2800.1106 BrowserJavaVersion: 1.6.0_03============== Pseudo HJT Report ===============BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dllTB: {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - No FileEB: Pasek multimediów: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\system32\browseui.dllmRun: [synchronization Manager] mobsync.exe /logonmRun: [instantAccess] c:\program files\scannerp\tbridge\bin\InstantAccess.exe /hmRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUNmRun: [00PCTFW] "c:\program files\pc tools firewall plus\FirewallGUI.exe" -smRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /mindRun: [internat.exe] internat.exeuPolicies-disallowrun: 1 = avnotify.exeIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dllDPF: DirectAnimation Java Classes - file://c:\winnt\java\classes\dajava.cabDPF: Microsoft XML Parser for Java - file://c:\winnt\java\classes\xmldso.cabDPF: {0000000A-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CABDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab================= FIREFOX ===================FF - ProfilePath - FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}============= SERVICES / DRIVERS ============================== Created Last 30 ================2009-07-03 16:31 <DIR> --d----- C:\FOUND.0022009-07-01 05:59 <DIR> --d----- c:\program files\Damian Pasternak==================== Find3M ====================2009-05-07 08:41 264,976 a------- c:\winnt\system32\LOCALSPL.DLL2009-05-07 08:41 264,976 -------- c:\winnt\system32\dllcache\localspl.dll2009-05-01 15:18 463,360 a------- c:\winnt\system32\dllcache\URLMON.DLL2009-04-27 02:38 520,757 ---sh--- c:\winnt\svchost.pif2009-04-24 11:55 96,016 a------- c:\winnt\system32\WIN32SPL.DLL2009-04-24 11:55 96,016 -------- c:\winnt\system32\dllcache\win32spl.dll2009-04-24 11:51 580,608 a------- c:\winnt\system32\WININET.DLL2009-04-24 11:51 580,608 a------- c:\winnt\system32\dllcache\WININET.DLL2009-04-24 11:51 1,340,416 a------- c:\winnt\system32\dllcache\SHDOCVW.DLL2009-04-24 11:51 403,456 a------- c:\winnt\system32\dllcache\SHLWAPI.DLL2009-04-24 11:50 2,707,456 a------- c:\winnt\system32\dllcache\MSHTML.DLL2009-04-24 11:50 498,176 a------- c:\winnt\system32\dllcache\MSTIME.DLL2009-04-24 11:50 132,096 a------- c:\winnt\system32\dllcache\MSRATING.DLL2009-04-24 11:50 236,032 a------- c:\winnt\system32\dllcache\IEPEERS.DLL2009-04-24 11:50 70,144 a------- c:\winnt\system32\dllcache\INSENG.DLL2009-04-24 11:50 1,018,880 a------- c:\winnt\system32\dllcache\BROWSEUI.DLL2009-04-24 11:50 143,872 a------- c:\winnt\system32\dllcache\CDFVIEW.DLL2009-04-22 15:39 437,008 a------- c:\winnt\system32\rpcrt4.dll2009-04-22 15:39 437,008 -------- c:\winnt\system32\dllcache\rpcrt4.dll2009-04-22 01:30 5,058 a------- c:\winnt\help\hhcolreg.dat2009-04-21 15:15 12,288 a------- c:\winnt\system32\dllcache\JSPROXY.DLL2009-04-21 15:14 34,816 a------- c:\winnt\system32\dllcache\PNGFILT.DLL2009-04-21 15:14 351,744 a------- c:\winnt\system32\dllcache\DXTMSFT.DLL2009-04-21 15:14 192,512 a------- c:\winnt\system32\dllcache\DXTRANS.DLL2009-04-20 22:49 2,560 a------- c:\winnt\_MSRSTRT.EXE2009-04-19 21:25 1,645,264 a------- c:\winnt\system32\WIN32K.SYS2009-04-19 21:25 1,645,264 -------- c:\winnt\system32\dllcache\win32k.sys2009-04-19 03:16 57,344 a------- c:\winnt\uneng.exe2009-04-08 04:42 16,384 a------- c:\winnt\system32\Perflib_Perfdata_5cc.dat2007-09-25 03:34 22,039 ----h--- c:\program files\folder.htt2007-09-25 03:34 271 ----h--- c:\program files\desktop.ini2000-03-21 00:00 32,528 a------- c:\winnt\inf\wbfirdma.sys============= FINISH: 2:20:18,14 =============== Attach ==== Installed Programs ======================Adobe Flash Player 10 PluginAdobe Reader 8 - PolishAktualizacja zabezpieczeń dla Windows 2000 (KB904706)Ant Movie CatalogAvira AntiVir Personal - Free AntivirusBudzik 1.04CCleaner (remove only)CWK (Czasowy Wyłącznik Komputera)EVEREST Home Edition v2.20Free YouTube to Mp3 Converter version 3.1FUJIFILM USB DriverGameDesire-PokerHijackThis 2.0.2Hotfix for MDAC 2.80 (KB927779)hp deskjet 840c seriesIrfanView (remove only)Java 6 Update 3KLE&PLE and UtilitiesMicrosoft Office 2000 PremiumMicrosoft Office Professional Edition 2003Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Mozilla Firefox (3.0.11)Pakiet zbiorczy aktualizacji 1 dla systemu Windows 2000 SP4PC Tools Firewall Plus 5.0Plustek EPP ScannerPoprawka programu Windows Media Player [Aby uzyskać więcej informacji, należy zapoznać się z artykułem Q828026]RealPlayerREALTEK GbE & FE Ethernet PCI NIC DriverSkype? 3.8SubEdit-PlayerUninstall 1.0.0.1WinampWinRAR archiver==== End Of File =========================== OTL (loga Extras nie otrzymałem) OTL logfile created on: 2009-07-04 03:56:00 - Run 1OTL by OldTimer - Version 3.0.6.4 Folder = C:\Documents and Settings\Sławek\Pulpit\otllWindows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstationInternet Explorer (Version = 6.0.2800.1106)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd247,53 Mb Total Physical Memory | 18,48 Mb Available Physical Memory | 7,47% Memory free597,71 Mb Paging File | 170,21 Mb Available in Paging File | 28,48% Paging File freePaging file location(s): C:\pagefile.sys 372 744 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program FilesDrive C: | 13,93 Gb Total Space | 1,81 Gb Free Space | 12,96% Space Free | Partition Type: FAT32Drive D: | 2,93 Gb Total Space | 0,30 Gb Free Space | 10,31% Space Free | Partition Type: NTFSDrive E: | 5,08 Gb Total Space | 1,04 Gb Free Space | 20,49% Space Free | Partition Type: FAT32F: Drive not present or media not loadedDrive G: | 367,11 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFSH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: S-FRQF563C9OOQHCurrent User Name: SławekLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2008-10-15 13:31:54 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exePRC - [2008-10-15 13:30:04 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exePRC - [2005-04-30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINNT\System32\bgsvcgen.exePRC - [2003-06-19 21:05:04 | 00,019,728 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\hidserv.exePRC - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEPRC - [2008-12-11 16:58:44 | 00,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exePRC - [2005-06-03 15:25:36 | 00,122,640 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\MSTask.exePRC - [2003-06-19 21:05:04 | 00,062,224 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\stisvc.exePRC - [2003-06-19 21:05:04 | 00,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\WBEM\WinMgmt.exePRC - [2001-05-01 17:06:22 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\mspmspsv.exePRC - [2003-06-19 21:05:04 | 00,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\Explorer.EXEPRC - [2009-02-23 10:49:16 | 02,652,056 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exePRC - [2008-06-12 13:28:46 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exePRC - [2009-06-12 04:00:56 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2005-11-16 12:57:56 | 02,207,744 | ---- | M] (Gadu-Gadu Sp. z oo) -- C:\Documents and Settings\Sławek\Pulpit\z dysku E\Gadu-Gadu\gg.exePRC - [2000-03-21 01:00:00 | 00,091,920 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\calc.exePRC - [2000-03-21 01:00:00 | 00,091,920 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\calc.exePRC - [2000-03-21 01:00:00 | 00,091,920 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\calc.exePRC - [2000-03-21 01:00:00 | 00,091,920 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\calc.exePRC - [2000-03-21 01:00:00 | 00,091,920 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\calc.exePRC - [2009-07-04 01:06:14 | 00,359,929 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\dds.pifPRC - [2009-07-04 02:32:38 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sławek\Pulpit\otll\OTL.exePRC - [2000-03-21 01:00:00 | 00,091,920 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\calc.exePRC - [2000-03-21 01:00:00 | 00,051,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\notepad.exe========== Win32 Services (SafeList) ==========SRV - [2008-10-15 13:31:54 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])SRV - [2008-10-15 13:30:04 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])SRV - [2005-04-30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINNT\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])SRV - [2003-06-19 21:05:04 | 00,147,728 | ---- | M] (VERITAS Software Corp.) -- C:\WINNT\System32\dmadmin.exe -- (dmadmin [On_Demand | Stopped])SRV - [2003-06-19 21:05:04 | 00,095,504 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\faxsvc.exe -- (Fax [On_Demand | Stopped])SRV - [2003-06-19 21:05:04 | 00,019,728 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\hidserv.exe -- (HidServ [Auto | Running])SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])SRV - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2008-12-11 16:58:44 | 00,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus [Auto | Running])SRV - [2003-06-19 21:05:04 | 00,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\regsvc.exe -- (RemoteRegistry [Auto | Stopped])SRV - [2005-06-03 15:25:36 | 00,122,640 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\MSTask.exe -- (Schedule [Auto | Running])SRV - [2003-06-19 21:05:04 | 00,062,224 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\stisvc.exe -- (StiSvc [Auto | Running])SRV - [2003-06-19 21:05:04 | 00,022,800 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\UtilMan.exe -- (UtilMan [On_Demand | Stopped])SRV - [2003-06-19 21:05:04 | 00,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\WBEM\WinMgmt.exe -- (WinMgmt [Auto | Running])SRV - [2001-05-01 17:06:22 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\mspmspsv.exe -- (WMDM PMSP Service [Auto | Running])========== Driver Services (SafeList) ==========DRV - [1999-09-25 03:16:54 | 00,036,368 | ---- | M] (Adaptec, Inc ) -- C:\WINNT\System32\DRIVERS\adptsf50.sys -- (ADPTSF [On_Demand | Stopped])DRV - [2009-05-31 13:42:40 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [system | Running])DRV - [2009-05-31 13:42:38 | 00,062,040 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])DRV - [2009-05-31 13:43:04 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINNT\System32\DRIVERS\avipbb.sys -- (avipbb [system | Running])DRV - [1999-10-17 20:18:04 | 00,064,880 | ---- | M] (Intel Corporation.) -- C:\WINNT\System32\DRIVERS\dc21x4.sys -- (DC21x4 [On_Demand | Stopped])DRV - [2003-06-19 21:05:04 | 00,007,728 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\drivers\diskperf.sys -- (Diskperf [boot | Running])DRV - [2003-06-19 21:05:04 | 00,369,104 | ---- | M] (VERITAS Software Corp.) -- C:\WINNT\System32\drivers\dmboot.sys -- (dmboot [Disabled | Stopped])DRV - [2003-06-19 21:05:04 | 00,137,936 | ---- | M] (VERITAS Software Corp.) -- C:\WINNT\System32\drivers\dmio.sys -- (dmio [boot | Running])DRV - [2003-06-19 21:05:04 | 00,007,312 | ---- | M] (VERITAS Software Corp.) -- C:\WINNT\System32\drivers\dmload.sys -- (dmload [boot | Running])DRV - [2003-06-19 21:05:04 | 00,027,440 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\drivers\efs.sys -- (EFS [Disabled | Running])DRV - [2003-06-19 21:05:04 | 00,009,808 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])DRV - [2000-03-08 23:07:30 | 00,027,408 | ---- | M] (Rodzajowe) -- C:\WINNT\System32\DRIVERS\genan5.sys -- (gena [On_Demand | Stopped])DRV - [2003-02-17 10:14:32 | 00,015,104 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])DRV - [1999-09-30 23:25:32 | 00,016,016 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\ne2000.sys -- (ne2000 [On_Demand | Stopped])DRV - [2000-03-21 00:00:00 | 00,009,680 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect [On_Demand | Stopped])DRV - [2003-06-19 21:05:04 | 00,060,272 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\parallel.sys -- (Parallel [On_Demand | Running])DRV - [2008-12-18 12:16:56 | 00,073,840 | ---- | M] (PC Tools) -- C:\WINNT\System32\drivers\PCTAppEvent.sys -- (PCTAppEvent [Auto | Running])DRV - [2008-12-11 08:38:22 | 00,159,600 | ---- | M] (PC Tools) -- C:\WINNT\System32\drivers\pctgntdi.sys -- (pctgntdi [system | Running])DRV - [2009-01-21 10:38:32 | 00,095,640 | ---- | M] (PC Tools) -- C:\WINNT\System32\drivers\pctplfw.sys -- (pctplfw [On_Demand | Running])DRV - [2003-06-19 21:05:04 | 00,017,680 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINNT\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINNT\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2000-03-21 00:00:00 | 00,021,712 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\drivers\RCA.sys -- (RCA [On_Demand | Stopped])DRV - [2006-06-16 19:56:14 | 00,083,456 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINNT\System32\DRIVERS\Rtnic.sys -- (RTL8023 [On_Demand | Stopped])DRV - [1999-09-25 03:17:16 | 00,018,704 | ---- | M] (REALTEK Semiconductor Corp.) -- C:\WINNT\System32\DRIVERS\RTL8029.SYS -- (rtl8029 [On_Demand | Stopped])DRV - [2000-12-04 15:39:36 | 00,023,654 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINNT\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])DRV - [2000-11-13 17:43:26 | 00,194,784 | ---- | M] ( ) -- C:\WINNT\System32\drivers\SCNDRVP.SYS -- (SCNDRVP [Auto | Running])DRV - [2007-10-29 00:42:28 | 00,012,464 | ---- | M] (Macrovision Europe Ltd) -- C:\WINNT\System32\drivers\SECDRV.SYS -- (SecDrv [Auto | Running])DRV - [2008-09-22 12:29:18 | 00,097,408 | ---- | M] (PC Tools) -- C:\WINNT\System32\DRIVERS\pctfw.sys -- (SFilter [On_Demand | Running])DRV - [2007-03-01 09:34:22 | 00,028,352 | ---- | M] (Avira GmbH) -- C:\WINNT\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [system | Running])DRV - [2001-07-31 17:31:32 | 00,131,772 | R--- | M] (VIA Technologies, Inc.) -- C:\WINNT\System32\DRIVERS\trid3dm.sys -- (trid3d [On_Demand | Running])DRV - [2003-06-19 21:05:04 | 00,032,848 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\uhcd.sys -- (uhcd [On_Demand | Running])DRV - [2003-02-25 21:58:00 | 00,011,136 | R--- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\usb8023k.sys -- (USB_RNDIS [On_Demand | Running])DRV - [2001-08-31 02:10:00 | 00,037,248 | R--- | M] (VIA Technologies, Inc.) -- C:\WINNT\System32\drivers\viaudio.sys -- (VIAudio [On_Demand | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\SYSTEM32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=homeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\SYSTEM32\blank.htmIE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1IE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhomeIE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\S-1-5-21-1757981266-436374069-1957994488-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: "Ask"FF - prefs.js..browser.search.order.1: "Ask"FF - prefs.js..browser.search.selectedEngine: "Google"FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.1.1BFF - prefs.js..extensions.enabledItems: {b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.5.1FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q="FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007-09-25 12:11:02 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007-09-25 12:11:02 | 00,000,000 | ---D | M][2008-06-22 17:32:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Extensions[2008-06-22 17:32:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2007-09-25 12:16:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Firefox\Profiles\8vhb7oj8.default\extensions[2008-07-25 20:08:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Firefox\Profiles\8vhb7oj8.default\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051}[2009-05-25 02:10:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Firefox\Profiles\8vhb7oj8.default\extensions\amin.eft_Shutdown@gmail.com[2009-04-14 02:57:44 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Sławek\Dane aplikacji\Mozilla\FireFox\Profiles\8vhb7oj8.default\searchplugins\ask.xml[2007-09-25 12:11:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2007-09-25 12:11:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2007-10-11 22:00:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[2009-06-12 04:00:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-06-12 04:00:56 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009-02-19 17:44:32 | 00,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll[2008-06-24 18:07:02 | 00,599,544 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPPOKER.dll[2008-06-24 18:06:28 | 00,550,392 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPSLOTS70.dll[2009-06-12 04:00:58 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2007-09-27 12:11:34 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll[2007-09-27 12:11:42 | 00,144,720 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll[2008-06-24 18:07:26 | 00,873,976 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPCARDS.dll[2007-09-27 12:12:02 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll[2008-06-24 18:06:34 | 00,550,392 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPSLOTS80.dll[2008-06-24 18:06:38 | 00,546,296 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPSLOTS90.dll[2008-06-24 18:06:22 | 00,591,352 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPROULETTE.dll[2007-03-22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL[2007-05-10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2009-02-05 11:37:16 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-02-05 11:37:16 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-02-05 11:37:16 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-02-05 11:37:16 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-02-05 11:37:18 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-02-05 11:37:18 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-02-05 11:37:18 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (734 bytes) - C:\WINNT\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)O3 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\..\Toolbar\WebBrowser: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - No CLSID value found.O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)O4 - HKLM..\Run: [instantAccess] C:\Program Files\ScannerP\TBRIDGE\BIN\InstantAccess.exe ()O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)O4 - HKLM..\Run: [synchronization Manager] C:\WINNT\System32\mobsync.exe (Microsoft Corporation)O4 - HKU\.DEFAULT..\Run: [internat.exe] C:\WINNT\System32\internat.exe (Microsoft Corporation)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)O4 - Startup: C:\Documents and Settings\Sławek\Menu Start\Programy\Autostart\danwe do burlit.txt ()O4 - Startup: C:\Documents and Settings\Sławek\Menu Start\Programy\Autostart\m ja.txt ()O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = avnotify.exeO7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\System32\rnr20.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB (Reg Error: Key error.)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O16 - DPF: DirectAnimation Java Classes file://C:\WINNT\Java\classes\dajava.cab (Reg Error: Key error.)O16 - DPF: Microsoft XML Parser for Java file://C:\WINNT\Java\classes\xmldso.cab (Reg Error: Key error.)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\System32\msdxm.ocx (Microsoft Corporation)O18 - Protocol\Filter: - Class Install Handler - No CLSID value foundO18 - Protocol\Filter: - deflate - No CLSID value foundO18 - Protocol\Filter: - gzip - No CLSID value foundO18 - Protocol\Filter: - lzdhtml - No CLSID value foundO18 - Protocol\Filter: - text/webviewhtml - No CLSID value foundO18 - Protocol\Filter: - text/xml - No CLSID value foundO20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\Explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)O21 - SSODL: Network.ConnectionTray - {7007ACCF-3202-11D1-AAD2-00805FC1270E} - C:\WINNT\System32\NETSHELL.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2007-09-25 03:36:20 | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]O32 - AutoRun File - [2000-03-21 02:00:00 | 00,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]O34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINNT\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found========== Files/Folders - Created Within 30 Days ==========[1 C:\*.tmp files][26 C:\Documents and Settings\Sławek\Pulpit\*.tmp files][2009-07-04 02:32:43 | 00,000,261 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\Skrót do Nowy folder (2).lnk[2009-07-04 02:32:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\otll[2009-07-04 02:30:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Nowy folder[2009-07-04 01:06:21 | 00,359,929 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\dds.pif[2009-07-03 22:42:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Zarżnięci żywcem The Cottage (2008)[2009-07-03 22:15:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Rezerwat (2007)[2009-07-03 19:34:40 | 10,043,1872 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\Skinhead.part1.rar[2009-07-03 19:34:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\skinhead[2009-07-03 19:28:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Opus Dei - Utajniona Krucjata[2009-07-03 16:31:04 | 00,000,000 | ---D | C] -- C:\FOUND.002[2009-07-03 05:11:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Silent Runners[2009-07-03 05:07:02 | 00,098,326 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\Silent Runners.zip[2009-07-03 04:19:54 | 00,001,494 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\HijackThis.lnk[2009-07-03 04:16:04 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Sławek\Pulpit\HJTInstall.exe[2009-07-03 04:12:48 | 00,125,620 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\komp.htm[2009-07-03 04:09:36 | 00,070,810 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\viewtopic.php.htm[2009-07-03 04:08:00 | 03,045,641 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\ComboFix.exe[2009-07-03 04:02:20 | 00,077,270 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\do kompa.htm[2009-07-03 01:33:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\na d lub e wrzucic[2009-07-01 06:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\z dysku E[2009-07-01 05:59:48 | 00,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CWK.lnk[2009-07-01 05:59:44 | 00,000,000 | ---D | C] -- C:\Program Files\Damian Pasternak[2009-06-22 18:06:28 | 00,000,000 | -HSD | C] -- C:\Config.Msi[2009-04-07 21:20:01 | 00,000,058 | ---- | C] () -- C:\WINNT\wininit.ini[2009-02-16 16:57:15 | 00,000,037 | ---- | C] () -- C:\WINNT\Qtw.ini[2008-01-17 01:27:47 | 00,000,052 | ---- | C] () -- C:\WINNT\mafosav.INI[2007-12-18 18:04:48 | 00,000,018 | ---- | C] () -- C:\WINNT\gfact.ini[2007-12-04 20:57:58 | 00,010,752 | ---- | C] () -- C:\WINNT\System32\BASSMOD.dll[2007-11-22 15:15:24 | 00,000,805 | ---- | C] () -- C:\WINNT\cdplayer.ini[2007-10-21 23:45:20 | 01,122,304 | ---- | C] () -- C:\WINNT\System32\wmpui.dll[2007-10-20 14:25:43 | 00,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll[2007-10-13 19:23:06 | 00,021,840 | ---- | C] () -- C:\WINNT\System32\SIntfNT.dll[2007-10-13 19:23:06 | 00,017,212 | ---- | C] () -- C:\WINNT\System32\SIntf32.dll[2007-10-13 19:23:05 | 00,012,067 | ---- | C] () -- C:\WINNT\System32\SIntf16.dll[2007-10-03 20:35:22 | 00,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini[2007-09-29 18:05:46 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\vorbisenc.dll[2007-09-29 18:05:46 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\vorbis.dll[2007-09-29 18:05:46 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\OggDS.dll[2007-09-29 18:05:45 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\WMV9VCM.dll[2007-09-29 18:05:45 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\ogg.dll[2007-09-29 18:05:43 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mplvpx.dll[2007-09-29 18:05:43 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\i263_32.drv[2007-09-29 18:05:43 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\cpuinf32.dll[2007-09-29 18:05:42 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\xvidcore.dll[2007-09-29 18:05:42 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\ts.dll[2007-09-29 18:05:42 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\DivX.dll[2007-09-29 18:05:41 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mp4.dll[2007-09-29 18:05:41 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mkzlib.dll[2007-09-29 18:05:41 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mkx.dll[2007-09-29 18:05:41 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mkunicode.dll[2007-09-29 02:56:17 | 00,000,370 | ---- | C] () -- C:\WINNT\SCNDRVP.INI[2007-09-29 02:56:10 | 00,012,126 | ---- | C] () -- C:\WINNT\System32\PIXPCZ.DLL[2007-09-29 02:56:10 | 00,011,934 | ---- | C] () -- C:\WINNT\System32\PIXPNR.DLL[2007-09-29 02:56:09 | 00,046,512 | ---- | C] () -- C:\WINNT\System32\EPSN.DLL[2007-09-29 02:56:09 | 00,009,136 | ---- | C] () -- C:\WINNT\System32\INETWH16.DLL[2007-09-29 02:56:09 | 00,000,086 | ---- | C] () -- C:\WINNT\Tb98.ini[2007-09-29 02:55:34 | 00,063,488 | ---- | C] () -- C:\WINNT\System32\Ppiv30.dll[2007-09-29 02:55:32 | 01,513,984 | ---- | C] () -- C:\WINNT\System32\Mgxrdr80.dll[2007-09-29 02:55:30 | 00,118,784 | ---- | C] () -- C:\WINNT\System32\LFKODAK.DLL[2007-09-29 02:55:29 | 00,338,944 | ---- | C] () -- C:\WINNT\System32\LFFPX7.DLL[2007-09-29 02:54:43 | 00,194,784 | ---- | C] ( ) -- C:\WINNT\System32\drivers\SCNDRVP.SYS[2007-09-27 18:43:34 | 00,001,383 | ---- | C] () -- C:\WINNT\ODBC.INI[2007-09-25 15:19:19 | 00,000,025 | ---- | C] () -- C:\WINNT\mixerdef.ini[2007-09-25 15:11:06 | 00,000,026 | ---- | C] () -- C:\WINNT\CMCDPLAY.INI[2007-09-25 03:22:32 | 00,303,354 | ---- | C] () -- C:\WINNT\System32\PerfStringBackup_001.INI[2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINNT\System32\OUTLPERF.INI[2003-02-04 17:43:52 | 00,006,144 | ---- | C] () -- C:\WINNT\System32\msvas.dll[2001-11-15 18:17:07 | 00,094,304 | ---- | C] () -- C:\WINNT\System32\hpz9xd04.drv[2000-03-21 00:00:00 | 00,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll[2000-03-21 00:00:00 | 00,034,064 | ---- | C] () -- C:\WINNT\System32\efsadu.dll[2000-03-21 00:00:00 | 00,013,419 | ---- | C] () -- C:\WINNT\System32\iasperf.ini[2000-03-21 00:00:00 | 00,003,182 | ---- | C] () -- C:\WINNT\System32\faxperf.ini[2000-03-21 00:00:00 | 00,000,596 | ---- | C] () -- C:\WINNT\win.ini[2000-03-21 00:00:00 | 00,000,227 | ---- | C] () -- C:\WINNT\system.ini[2000-03-21 00:00:00 | 00,000,023 | ---- | C] () -- C:\WINNT\welcome.ini[1999-09-25 18:36:24 | 00,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys[1999-09-25 18:36:22 | 00,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys[1999-01-22 19:46:58 | 00,065,536 | ---- | C] () -- C:\WINNT\System32\MSRTEDIT.DLL========== Files - Modified Within 30 Days ==========[1 C:\*.tmp files][26 C:\Documents and Settings\Sławek\Pulpit\*.tmp files][2009-07-04 02:32:44 | 00,000,261 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\Skrót do Nowy folder (2).lnk[2009-07-04 01:06:14 | 00,359,929 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\dds.pif[2009-07-03 21:08:46 | 00,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT[2009-07-03 21:06:16 | 01,198,022 | -H-- | M] () -- C:\WINNT\ShellIconCache[2009-07-03 20:23:56 | 10,043,1872 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\Skinhead.part1.rar[2009-07-03 05:06:56 | 00,098,326 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\Silent Runners.zip[2009-07-03 04:19:56 | 00,001,494 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\HijackThis.lnk[2009-07-03 04:16:04 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Sławek\Pulpit\HJTInstall.exe[2009-07-03 04:12:50 | 00,125,620 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\komp.htm[2009-07-03 04:09:38 | 00,070,810 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\viewtopic.php.htm[2009-07-03 04:08:30 | 03,045,641 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\ComboFix.exe[2009-07-03 04:02:26 | 00,077,270 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\do kompa.htm[2009-07-01 05:59:50 | 00,000,606 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CWK.lnk[2009-06-29 18:43:58 | 00,238,352 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT[2009-06-29 18:28:52 | 00,000,596 | ---- | M] () -- C:\WINNT\win.ini========== LOP Check ==========[2007-09-25 03:22:08 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2007-09-25 03:22:08 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2009-04-21 01:16:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2007-09-25 03:22:08 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji[2008-02-08 16:40:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\ACD Systems[2007-10-05 13:23:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\cald2[2007-10-10 21:33:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\cepd17[2007-11-20 20:46:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\DeskSoft[2007-09-25 23:13:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\eSkiMoS R2[2007-10-20 14:07:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\FUJIFILM[2009-03-24 21:19:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\GanymedeNet[2008-12-02 18:42:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\gtk-2.0[2008-08-25 19:50:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\Mobipocket[2009-04-21 01:40:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\PCToolsFirewallPlus[2007-10-05 13:22:44 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\SecuROM[2007-11-04 16:18:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\Workrave[2007-09-28 15:32:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\XnView[2000-03-21 02:00:00 | 00,000,065 | RH-- | M] () -- C:\WINNT\Tasks\desktop.ini[2009-07-03 21:08:46 | 00,000,006 | -H-- | M] () -- C:\WINNT\Tasks\SA.DAT========== Purity Check ==========< End of report > RSIT (1 log, bo drugiego nie otrzymałem); btw. za pierwszym razem zaciął się lub bardzo długo pracował (z 30 min) - może dlatego, że był włączony OTL, a w procesach był tez DDS. Oby dwa wyłączyłem i log jest. Logfile of random's system information tool 1.06 (written by random/random)Run by Sławek at 2009-07-04 04:44:38Microsoft Windows 2000 Professional Service Pack 4System drive C: has 2 GB (13%) free of 14 GBTotal RAM: 248 MB (9% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 04:45:30, on 2009-07-04Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeC:\WINNT\system32\bgsvcgen.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\hidserv.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\PC Tools Firewall Plus\FWService.exeC:\WINNT\system32\MSTask.exeC:\WINNT\system32\stisvc.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\system32\mspmspsv.exeC:\WINNT\system32\svchost.exeC:\WINNT\Explorer.EXEC:\Program Files\PC Tools Firewall Plus\FirewallGUI.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\WINNT\system32\NOTEPAD.EXEC:\WINNT\system32\NOTEPAD.EXEC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Sławek\Pulpit\z dysku E\Gadu-Gadu\gg.exeC:\WINNT\System32\calc.exeC:\WINNT\System32\calc.exeC:\WINNT\System32\calc.exeC:\WINNT\System32\calc.exeC:\WINNT\System32\calc.exeC:\WINNT\System32\calc.exeC:\WINNT\system32\taskmgr.exeC:\Documents and Settings\Sławek\Pulpit\RSIT\RSIT.exeC:\Program Files\Trend Micro\HijackThis\Sławek.exeO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logonO4 - HKLM\..\Run: [instantAccess] C:\Program Files\ScannerP\TBRIDGE\BIN\InstantAccess.exe /hO4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUNO4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -sO4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /minO4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')O4 - Startup: danwe do burlit.txtO4 - Startup: m ja.txtO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeO23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeO23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINNT\system32\bgsvcgen.exeO23 - Service: Usługa administracyjna Menedżera dysków logicznych (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe--End of file - 3468 bytes======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"Synchronization Manager"=mobsync.exe /logon []"InstantAccess"=C:\Program Files\ScannerP\TBRIDGE\BIN\InstantAccess.exe [1998-07-08 37376]"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]"00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2009-02-23 2652056]"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]C:\Documents and Settings\All Users\Menu Start\Programy\AutostartMicrosoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXEC:\Documents and Settings\Sławek\Menu Start\Programy\Autostartdanwe do burlit.txtm ja.txt[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=323"NoDriveAutoRun"=67108863"NoDrives"=0[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveAutoRun"="NoDriveTypeAutoRun"="NoDrives"=[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent""C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2""C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate""C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]======List of files/folders created in the last 1 months======2009-07-04 04:11:56 ----D---- C:\rsit2009-07-03 16:31:04 ----D---- C:\FOUND.0022009-07-01 05:59:44 ----D---- C:\Program Files\Damian Pasternak2009-06-22 18:06:28 ----SHD---- C:\Config.Msi======List of files/folders modified in the last 1 months======2009-07-03 21:06:54 ----A---- C:\WINNT\SchedLgU.Txt2009-06-29 18:28:52 ----A---- C:\WINNT\win.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []R1 avipbb;avipbb; C:\WINNT\system32\DRIVERS\avipbb.sys [2009-05-31 75096]R1 pctgntdi;pctgntdi; \??\C:\WINNT\system32\drivers\pctgntdi.sys []R1 ssmdrv;ssmdrv; C:\WINNT\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINNT\system32\drivers\PCTAppEvent.sys []R2 SCNDRVP;Plustek EPP Scanner; C:\WINNT\system32\drivers\SCNDRVP.sys [2000-11-13 194784]R2 SecDrv;SecDrv; \??\C:\WINNT\system32\drivers\SECDRV.SYS []R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []R3 pctplfw;pctplfw; \??\C:\WINNT\system32\drivers\pctplfw.sys []R3 SFilter;PCTools Driver; C:\WINNT\system32\DRIVERS\pctfw.sys [2008-09-22 97408]R3 trid3d;trid3d; C:\WINNT\System32\DRIVERS\trid3dm.sys [2001-07-31 131772]R3 uhcd;Sterownik uniwersalnego kontrolera hosta USB Microsoft; C:\WINNT\System32\DRIVERS\uhcd.sys [2003-06-19 32848]R3 USB_RNDIS;Arris Remote NDIS Network Device Driver; C:\WINNT\system32\DRIVERS\usb8023k.sys [2003-02-25 11136]R3 usbhub;Standardowy sterownik koncentratora USB Microsoft; C:\WINNT\System32\DRIVERS\usbhub.sys [2003-06-19 40176]R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINNT\system32\drivers\viaudio.sys [2001-08-31 37248]S1 kbdhid;Sterownik klawiatury HID; C:\WINNT\system32\DRIVERS\kbdhid.sys [2000-03-08 13776]S2 HidUsb;Sterownik Microsoft klasy HID; C:\WINNT\system32\DRIVERS\hidusb.sys [1999-10-04 13904]S3 ADPTSF;Sterownik karty Adaptec DuraLAN PCI Ethernet/Fast Ethernet dla systemu Windows NT; C:\WINNT\system32\DRIVERS\adptsf50.sys [1999-09-25 36368]S3 CCDECODE;Closed Caption Decoder; C:\WINNT\system32\DRIVERS\CCDECODE.sys [2003-02-17 16384]S3 gena;Karta PC Ethernet 10/100; C:\WINNT\system32\DRIVERS\genan5.sys [2000-03-08 27408]S3 mouhid;Sterownik myszy HID; C:\WINNT\system32\DRIVERS\mouhid.sys [2003-06-19 11696]S3 MPE;BDA MPE Filter; C:\WINNT\system32\DRIVERS\MPE.sys [2003-02-17 15104]S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINNT\system32\drivers\MSTEE.sys [2002-12-12 5504]S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINNT\system32\DRIVERS\NABTSFEC.sys [2003-02-17 83968]S3 ne2000;Sterownik karty Novell/Eagle NE2000 Adapter; C:\WINNT\system32\DRIVERS\ne2000.sys [1999-09-30 16016]S3 RTL8023;Realtek 10/100/1000 PCI NIC Family NDIS NT Driver; C:\WINNT\system32\DRIVERS\Rtnic.sys [2006-06-16 83456]S3 rtl8029;Sterownik NT karty Realtek RTL8029(AS)-based PCI Ethernet; C:\WINNT\system32\DRIVERS\RTL8029.SYS [1999-09-25 18704]S3 rtl8139;Realtek RTL8139(A/B/C/8130) PCI Fast Ethernet NIC NT Driver; C:\WINNT\System32\DRIVERS\RTL8139.SYS [2000-12-04 23654]S3 SLIP;BDA Slip De-Framer; C:\WINNT\system32\DRIVERS\SLIP.sys [2003-02-17 10880]S3 streamip;BDA IPSink; C:\WINNT\system32\DRIVERS\StreamIP.sys [2003-02-17 14976]S3 usbscan;Sterownik skanera USB; C:\WINNT\System32\DRIVERS\usbscan.sys [2003-06-19 12592]S3 USBSTOR;Sterownik pamięci masowej USB; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [2003-06-19 21552]S3 WSTCODEC;World Standard Teletext Codec; C:\WINNT\system32\DRIVERS\WSTCODEC.SYS [2003-02-17 18688]S4 IntelIde;IntelIde; C:\WINNT\system32\drivers\IntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINNT\system32\bgsvcgen.exe [2005-04-30 86016]R2 HidServ;HID Input Service; C:\WINNT\system32\hidserv.exe [2003-06-19 19728]R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2008-12-11 146800]R2 StiSvc;Still Image Service; C:\WINNT\system32\stisvc.exe [2003-06-19 62224]R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINNT\system32\mspmspsv.exe [2001-05-01 53248]S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]S3 WmdmPmSN;Usługa numeru seryjnego multimediów przenośnych; C:\WINNT\System32\svchost.exe [2000-03-21 7952]-----------------EOF----------------- Przeczyściłem komputer CCleaner i RegCleaner i sprawdziłem dysk w poszukiwaniu błędów, i problemy z włączaniem komputera jak i odłączaniem dysku w trakcie jego pracy póki co ustąpiły.
asmodeuszz komentarz 4 lipca 2009 komentarz 4 lipca 2009 Pokaż zakładkę Health dla każdego z fizycznych HDD z programu HDDTune
Gość komentarz 4 lipca 2009 komentarz 4 lipca 2009 Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt: :OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)O32 - AutoRun File - [2000-03-21 02:00:00 | 00,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]O18 - Protocol\Filter: - Class Install Handler - No CLSID value foundO18 - Protocol\Filter: - deflate - No CLSID value foundO18 - Protocol\Filter: - gzip - No CLSID value foundO18 - Protocol\Filter: - lzdhtml - No CLSID value foundO18 - Protocol\Filter: - text/webviewhtml - No CLSID value foundO18 - Protocol\Filter: - text/xml - No CLSID value foundO18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\msdaipp - No CLSID value foundO16 - DPF: DirectAnimation Java Classes file://C:\WINNT\Java\classes\dajava.cab (Reg Error: Key error.)O16 - DPF: Microsoft XML Parser for Java file://C:\WINNT\Java\classes\xmldso.cab (Reg Error: Key error.)O3 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\..\Toolbar\WebBrowser: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - No CLSID value found:FilesC:\FOUND.002C:\Documents and Settings\Sławek\Pulpit\ComboFix.exe:Reg[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"SuperHidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"Hidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"ShowSuperHidden"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]"CheckedValue"=dword:00000001[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]@="":Commands[emptytemp][start explorer][Reboot] Kliknij w Run Fix. Zatwierdź restart komputera. Po restarcie pokazujesz log z czyszczenia. .
A.S.O.S. komentarz 5 lipca 2009 Autor komentarz 5 lipca 2009 Kliknij w Run Fix. Zatwierdź restart komputera.Po restarcie pokazujesz log z czyszczenia. smile.gif All processes killed========== OTL ==========Process explorer.exe killed successfully!File move failed. G:\AUTORUN.INF scheduled to be moved on reboot.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\l\Filter:\ not found.File Protocol\Filter: - Class Install Handler - No CLSID value found not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.File Protocol\Handler\ipp - No CLSID value found not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.File Protocol\Handler\msdaipp - No CLSID value found not found.File Animation Java Classes file://C:\WINNT\Java\classes\dajava.cab not found.Starting removal of ActiveX control DirectAnimation Java ClassesRegistry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.File oft XML Parser for Java file://C:\WINNT\Java\classes\xmldso.cab not found.Starting removal of ActiveX control Microsoft XML Parser for JavaRegistry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.Registry value HKEY_USERS\S-1-5-21-1757981266-436374069-1957994488-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7}\ not found.========== FILES ==========C:\FOUND.002 moved successfully.C:\Documents and Settings\Sławek\Pulpit\ComboFix.exe moved successfully.========== REGISTRY ==========HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!========== COMMANDS ==========[EMPTYTEMP]User: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 33170 bytesUser: All UsersUser: Sławek->Temp folder emptied: 16384 bytes->Temporary Internet Files folder emptied: 1403303 bytes->Java cache emptied: 167435 bytes->FireFox cache emptied: 60144638 bytesC:\~QTWTMP.TMP folder deleted successfully.%systemdrive% .tmp files removed: 14648 bytesC:\WINNT\msdownld.tmp folder deleted successfully.C:\WINNT\msiinst.tmp folder deleted successfully.%systemroot% .tmp files removed: 79024 bytes%systemroot%\System32 .tmp files removed: 2596 bytesWindows Temp folder emptied: 0 bytesRecycleBin emptied: 0 bytesTotal Files Cleaned = 59,00 mbOTL by OldTimer - Version 3.0.6.4 log created on 07042009_145529Files\Folders moved on Reboot...File move failed. G:\AUTORUN.INF scheduled to be moved on reboot.Registry entries deleted on Reboot... OTL logfile created on: 2009-07-05 11:20:12 - Run 2OTL by OldTimer - Version 3.0.6.4 Folder = C:\Documents and Settings\Sławek\Pulpit\otllWindows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstationInternet Explorer (Version = 6.0.2800.1106)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd247,53 Mb Total Physical Memory | 159,48 Mb Available Physical Memory | 64,43% Memory free597,71 Mb Paging File | 370,91 Mb Available in Paging File | 62,06% Paging File freePaging file location(s): C:\pagefile.sys 372 744 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program FilesDrive C: | 13,93 Gb Total Space | 0,71 Gb Free Space | 5,12% Space Free | Partition Type: FAT32D: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: S-FRQF563C9OOQHCurrent User Name: SławekLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2008-10-15 13:31:54 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exePRC - [2008-10-15 13:30:04 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exePRC - [2005-04-30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINNT\System32\bgsvcgen.exePRC - [2003-06-19 21:05:04 | 00,019,728 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\hidserv.exePRC - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEPRC - [2008-12-11 16:58:44 | 00,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exePRC - [2005-06-03 15:25:36 | 00,122,640 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\MSTask.exePRC - [2003-06-19 21:05:04 | 00,062,224 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\stisvc.exePRC - [2003-06-19 21:05:04 | 00,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\WBEM\WinMgmt.exePRC - [2001-05-01 17:06:22 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\mspmspsv.exePRC - [2003-06-19 21:05:04 | 00,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\Explorer.EXEPRC - [2009-02-23 10:49:16 | 02,652,056 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exePRC - [2008-06-12 13:28:46 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exePRC - [2003-06-19 21:05:04 | 00,089,872 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\taskmgr.exePRC - [2009-07-04 02:32:38 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sławek\Pulpit\otll\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2008-10-15 13:31:54 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])SRV - [2008-10-15 13:30:04 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])SRV - [2005-04-30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINNT\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])SRV - [2003-06-19 21:05:04 | 00,147,728 | ---- | M] (VERITAS Software Corp.) -- C:\WINNT\System32\dmadmin.exe -- (dmadmin [On_Demand | Stopped])SRV - [2003-06-19 21:05:04 | 00,095,504 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\faxsvc.exe -- (Fax [On_Demand | Stopped])SRV - [2003-06-19 21:05:04 | 00,019,728 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\hidserv.exe -- (HidServ [Auto | Running])SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])SRV - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2008-12-11 16:58:44 | 00,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus [Auto | Running])SRV - [2003-06-19 21:05:04 | 00,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\regsvc.exe -- (RemoteRegistry [Auto | Stopped])SRV - [2005-06-03 15:25:36 | 00,122,640 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\MSTask.exe -- (Schedule [Auto | Running])SRV - [2003-06-19 21:05:04 | 00,062,224 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\stisvc.exe -- (StiSvc [Auto | Running])SRV - [2003-06-19 21:05:04 | 00,022,800 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\UtilMan.exe -- (UtilMan [On_Demand | Stopped])SRV - [2003-06-19 21:05:04 | 00,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\WBEM\WinMgmt.exe -- (WinMgmt [Auto | Running])SRV - [2001-05-01 17:06:22 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\mspmspsv.exe -- (WMDM PMSP Service [Auto | Running])========== Driver Services (SafeList) ==========DRV - [1999-09-25 03:16:54 | 00,036,368 | ---- | M] (Adaptec, Inc ) -- C:\WINNT\System32\DRIVERS\adptsf50.sys -- (ADPTSF [On_Demand | Stopped])DRV - [2009-05-31 13:42:40 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [system | Running])DRV - [2009-05-31 13:42:38 | 00,062,040 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])DRV - [2009-05-31 13:43:04 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINNT\System32\DRIVERS\avipbb.sys -- (avipbb [system | Running])DRV - [1999-10-17 20:18:04 | 00,064,880 | ---- | M] (Intel Corporation.) -- C:\WINNT\System32\DRIVERS\dc21x4.sys -- (DC21x4 [On_Demand | Stopped])DRV - [2003-06-19 21:05:04 | 00,007,728 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\drivers\diskperf.sys -- (Diskperf [boot | Running])DRV - [2003-06-19 21:05:04 | 00,369,104 | ---- | M] (VERITAS Software Corp.) -- C:\WINNT\System32\drivers\dmboot.sys -- (dmboot [Disabled | Stopped])DRV - [2003-06-19 21:05:04 | 00,137,936 | ---- | M] (VERITAS Software Corp.) -- C:\WINNT\System32\drivers\dmio.sys -- (dmio [boot | Running])DRV - [2003-06-19 21:05:04 | 00,007,312 | ---- | M] (VERITAS Software Corp.) -- C:\WINNT\System32\drivers\dmload.sys -- (dmload [boot | Running])DRV - [2003-06-19 21:05:04 | 00,027,440 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\drivers\efs.sys -- (EFS [Disabled | Stopped])DRV - [2003-06-19 21:05:04 | 00,009,808 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])DRV - [2000-03-08 23:07:30 | 00,027,408 | ---- | M] (Rodzajowe) -- C:\WINNT\System32\DRIVERS\genan5.sys -- (gena [On_Demand | Stopped])DRV - [2003-02-17 10:14:32 | 00,015,104 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])DRV - [1999-09-30 23:25:32 | 00,016,016 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\ne2000.sys -- (ne2000 [On_Demand | Stopped])DRV - [2000-03-21 00:00:00 | 00,009,680 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect [On_Demand | Stopped])DRV - [2003-06-19 21:05:04 | 00,060,272 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\parallel.sys -- (Parallel [On_Demand | Running])DRV - [2008-12-18 12:16:56 | 00,073,840 | ---- | M] (PC Tools) -- C:\WINNT\System32\drivers\PCTAppEvent.sys -- (PCTAppEvent [Auto | Running])DRV - [2008-12-11 08:38:22 | 00,159,600 | ---- | M] (PC Tools) -- C:\WINNT\System32\drivers\pctgntdi.sys -- (pctgntdi [system | Running])DRV - [2009-01-21 10:38:32 | 00,095,640 | ---- | M] (PC Tools) -- C:\WINNT\System32\drivers\pctplfw.sys -- (pctplfw [On_Demand | Running])DRV - [2003-06-19 21:05:04 | 00,017,680 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINNT\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINNT\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2000-03-21 00:00:00 | 00,021,712 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\drivers\RCA.sys -- (RCA [On_Demand | Stopped])DRV - [2006-06-16 19:56:14 | 00,083,456 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINNT\System32\DRIVERS\Rtnic.sys -- (RTL8023 [On_Demand | Stopped])DRV - [1999-09-25 03:17:16 | 00,018,704 | ---- | M] (REALTEK Semiconductor Corp.) -- C:\WINNT\System32\DRIVERS\RTL8029.SYS -- (rtl8029 [On_Demand | Stopped])DRV - [2000-12-04 15:39:36 | 00,023,654 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINNT\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])DRV - [2000-11-13 17:43:26 | 00,194,784 | ---- | M] ( ) -- C:\WINNT\System32\drivers\SCNDRVP.SYS -- (SCNDRVP [Auto | Running])DRV - [2007-10-29 00:42:28 | 00,012,464 | ---- | M] (Macrovision Europe Ltd) -- C:\WINNT\System32\drivers\SECDRV.SYS -- (SecDrv [Auto | Running])DRV - [2008-09-22 12:29:18 | 00,097,408 | ---- | M] (PC Tools) -- C:\WINNT\System32\DRIVERS\pctfw.sys -- (SFilter [On_Demand | Running])DRV - [2007-03-01 09:34:22 | 00,028,352 | ---- | M] (Avira GmbH) -- C:\WINNT\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [system | Running])DRV - [2001-07-31 17:31:32 | 00,131,772 | R--- | M] (VIA Technologies, Inc.) -- C:\WINNT\System32\DRIVERS\trid3dm.sys -- (trid3d [On_Demand | Running])DRV - [2003-06-19 21:05:04 | 00,032,848 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\uhcd.sys -- (uhcd [On_Demand | Running])DRV - [2003-02-25 21:58:00 | 00,011,136 | R--- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\usb8023k.sys -- (USB_RNDIS [On_Demand | Running])DRV - [2001-08-31 02:10:00 | 00,037,248 | R--- | M] (VIA Technologies, Inc.) -- C:\WINNT\System32\drivers\viaudio.sys -- (VIAudio [On_Demand | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\SYSTEM32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=homeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\SYSTEM32\blank.htmIE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1IE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhomeIE - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\S-1-5-21-1757981266-436374069-1957994488-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: "Ask"FF - prefs.js..browser.search.order.1: "Ask"FF - prefs.js..browser.search.selectedEngine: "Google"FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.1.1BFF - prefs.js..extensions.enabledItems: {b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.5.1FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q="FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007-09-25 12:11:02 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007-09-25 12:11:02 | 00,000,000 | ---D | M][2008-06-22 17:32:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Extensions[2008-06-22 17:32:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2007-09-25 12:16:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Firefox\Profiles\8vhb7oj8.default\extensions[2008-07-25 20:08:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Firefox\Profiles\8vhb7oj8.default\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051}[2009-05-25 02:10:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\mozilla\Firefox\Profiles\8vhb7oj8.default\extensions\amin.eft_Shutdown@gmail.com[2009-04-14 02:57:44 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Sławek\Dane aplikacji\Mozilla\FireFox\Profiles\8vhb7oj8.default\searchplugins\ask.xml[2007-09-25 12:11:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2007-09-25 12:11:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2007-10-11 22:00:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[2009-06-12 04:00:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-06-12 04:00:56 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009-02-19 17:44:32 | 00,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll[2008-06-24 18:07:02 | 00,599,544 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPPOKER.dll[2008-06-24 18:06:28 | 00,550,392 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPSLOTS70.dll[2009-06-12 04:00:58 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2007-09-27 12:11:34 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll[2007-09-27 12:11:42 | 00,144,720 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll[2008-06-24 18:07:26 | 00,873,976 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPCARDS.dll[2007-09-27 12:12:02 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll[2008-06-24 18:06:34 | 00,550,392 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPSLOTS80.dll[2008-06-24 18:06:38 | 00,546,296 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPSLOTS90.dll[2008-06-24 18:06:22 | 00,591,352 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPROULETTE.dll[2007-03-22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL[2007-05-10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2009-02-05 11:37:16 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-02-05 11:37:16 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-02-05 11:37:16 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-02-05 11:37:16 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-02-05 11:37:18 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-02-05 11:37:18 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-02-05 11:37:18 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (734 bytes) - C:\WINNT\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)O4 - HKLM..\Run: [instantAccess] C:\Program Files\ScannerP\TBRIDGE\BIN\InstantAccess.exe ()O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)O4 - HKLM..\Run: [synchronization Manager] C:\WINNT\System32\mobsync.exe (Microsoft Corporation)O4 - HKU\.DEFAULT..\Run: [internat.exe] C:\WINNT\System32\internat.exe (Microsoft Corporation)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)O4 - Startup: C:\Documents and Settings\Sławek\Menu Start\Programy\Autostart\danwe do burlit.txt ()O4 - Startup: C:\Documents and Settings\Sławek\Menu Start\Programy\Autostart\m ja.txt ()O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0O7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = avnotify.exeO7 - HKU\S-1-5-21-1757981266-436374069-1957994488-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\System32\rnr20.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\System32\msafd.dll (Microsoft Corporation)O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB (Reg Error: Key error.)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\System32\msdxm.ocx (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\Explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)O21 - SSODL: Network.ConnectionTray - {7007ACCF-3202-11D1-AAD2-00805FC1270E} - C:\WINNT\System32\NETSHELL.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2007-09-25 03:36:20 | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]O34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINNT\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found========== Files/Folders - Created Within 30 Days ==========[26 C:\Documents and Settings\Sławek\Pulpit\*.tmp files][2009-07-04 22:03:06 | 00,000,000 | ---D | C] -- C:\FOUND.002[2009-07-04 14:55:07 | 00,000,000 | ---D | C] -- C:\_OTL[2009-07-04 04:11:56 | 00,000,000 | ---D | C] -- C:\rsit[2009-07-04 04:10:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\RSIT[2009-07-04 02:32:43 | 00,000,261 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\Skrót do Nowy folder (2).lnk[2009-07-04 02:32:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\otll[2009-07-04 02:30:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\dds[2009-07-03 22:42:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Zarżnięci żywcem The Cottage (2008)[2009-07-03 22:15:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Rezerwat (2007)[2009-07-03 19:34:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\skinhead[2009-07-03 19:28:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Opus Dei - Utajniona Krucjata[2009-07-03 05:11:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\Silent Runners[2009-07-03 05:07:02 | 00,098,326 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\Silent Runners.zip[2009-07-03 04:19:54 | 00,001,494 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\HijackThis.lnk[2009-07-03 04:16:04 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Sławek\Pulpit\HJTInstall.exe[2009-07-03 04:12:48 | 00,125,620 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\komp.htm[2009-07-03 04:09:36 | 00,070,810 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\viewtopic.php.htm[2009-07-03 04:02:20 | 00,077,270 | ---- | C] () -- C:\Documents and Settings\Sławek\Pulpit\do kompa.htm[2009-07-03 01:33:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\na d lub e wrzucic[2009-07-01 06:43:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sławek\Pulpit\z dysku E[2009-07-01 05:59:48 | 00,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CWK.lnk[2009-07-01 05:59:44 | 00,000,000 | ---D | C] -- C:\Program Files\Damian Pasternak[2009-06-22 18:06:28 | 00,000,000 | -HSD | C] -- C:\Config.Msi[2009-04-07 21:20:01 | 00,000,058 | ---- | C] () -- C:\WINNT\wininit.ini[2009-02-16 16:57:15 | 00,000,037 | ---- | C] () -- C:\WINNT\Qtw.ini[2008-01-17 01:27:47 | 00,000,052 | ---- | C] () -- C:\WINNT\mafosav.INI[2007-12-18 18:04:48 | 00,000,018 | ---- | C] () -- C:\WINNT\gfact.ini[2007-12-04 20:57:58 | 00,010,752 | ---- | C] () -- C:\WINNT\System32\BASSMOD.dll[2007-11-22 15:15:24 | 00,000,805 | ---- | C] () -- C:\WINNT\cdplayer.ini[2007-10-21 23:45:20 | 01,122,304 | ---- | C] () -- C:\WINNT\System32\wmpui.dll[2007-10-20 14:25:43 | 00,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll[2007-10-13 19:23:06 | 00,021,840 | ---- | C] () -- C:\WINNT\System32\SIntfNT.dll[2007-10-13 19:23:06 | 00,017,212 | ---- | C] () -- C:\WINNT\System32\SIntf32.dll[2007-10-13 19:23:05 | 00,012,067 | ---- | C] () -- C:\WINNT\System32\SIntf16.dll[2007-10-03 20:35:22 | 00,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini[2007-09-29 18:05:46 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\vorbisenc.dll[2007-09-29 18:05:46 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\vorbis.dll[2007-09-29 18:05:46 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\OggDS.dll[2007-09-29 18:05:45 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\WMV9VCM.dll[2007-09-29 18:05:45 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\ogg.dll[2007-09-29 18:05:43 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mplvpx.dll[2007-09-29 18:05:43 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\i263_32.drv[2007-09-29 18:05:43 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\cpuinf32.dll[2007-09-29 18:05:42 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\xvidcore.dll[2007-09-29 18:05:42 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\ts.dll[2007-09-29 18:05:42 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\DivX.dll[2007-09-29 18:05:41 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mp4.dll[2007-09-29 18:05:41 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mkzlib.dll[2007-09-29 18:05:41 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mkx.dll[2007-09-29 18:05:41 | 00,000,234 | ---- | C] () -- C:\WINNT\System32\mkunicode.dll[2007-09-29 02:56:17 | 00,000,370 | ---- | C] () -- C:\WINNT\SCNDRVP.INI[2007-09-29 02:56:10 | 00,012,126 | ---- | C] () -- C:\WINNT\System32\PIXPCZ.DLL[2007-09-29 02:56:10 | 00,011,934 | ---- | C] () -- C:\WINNT\System32\PIXPNR.DLL[2007-09-29 02:56:09 | 00,046,512 | ---- | C] () -- C:\WINNT\System32\EPSN.DLL[2007-09-29 02:56:09 | 00,009,136 | ---- | C] () -- C:\WINNT\System32\INETWH16.DLL[2007-09-29 02:56:09 | 00,000,086 | ---- | C] () -- C:\WINNT\Tb98.ini[2007-09-29 02:55:34 | 00,063,488 | ---- | C] () -- C:\WINNT\System32\Ppiv30.dll[2007-09-29 02:55:32 | 01,513,984 | ---- | C] () -- C:\WINNT\System32\Mgxrdr80.dll[2007-09-29 02:55:30 | 00,118,784 | ---- | C] () -- C:\WINNT\System32\LFKODAK.DLL[2007-09-29 02:55:29 | 00,338,944 | ---- | C] () -- C:\WINNT\System32\LFFPX7.DLL[2007-09-29 02:54:43 | 00,194,784 | ---- | C] ( ) -- C:\WINNT\System32\drivers\SCNDRVP.SYS[2007-09-27 18:43:34 | 00,001,383 | ---- | C] () -- C:\WINNT\ODBC.INI[2007-09-25 15:19:19 | 00,000,025 | ---- | C] () -- C:\WINNT\mixerdef.ini[2007-09-25 15:11:06 | 00,000,026 | ---- | C] () -- C:\WINNT\CMCDPLAY.INI[2007-09-25 03:22:32 | 00,303,354 | ---- | C] () -- C:\WINNT\System32\PerfStringBackup_001.INI[2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINNT\System32\OUTLPERF.INI[2003-02-04 17:43:52 | 00,006,144 | ---- | C] () -- C:\WINNT\System32\msvas.dll[2001-11-15 18:17:07 | 00,094,304 | ---- | C] () -- C:\WINNT\System32\hpz9xd04.drv[2000-03-21 00:00:00 | 00,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll[2000-03-21 00:00:00 | 00,034,064 | ---- | C] () -- C:\WINNT\System32\efsadu.dll[2000-03-21 00:00:00 | 00,013,419 | ---- | C] () -- C:\WINNT\System32\iasperf.ini[2000-03-21 00:00:00 | 00,003,182 | ---- | C] () -- C:\WINNT\System32\faxperf.ini[2000-03-21 00:00:00 | 00,000,596 | ---- | C] () -- C:\WINNT\win.ini[2000-03-21 00:00:00 | 00,000,227 | ---- | C] () -- C:\WINNT\system.ini[2000-03-21 00:00:00 | 00,000,023 | ---- | C] () -- C:\WINNT\welcome.ini[1999-09-25 18:36:24 | 00,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys[1999-09-25 18:36:22 | 00,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys[1999-01-22 19:46:58 | 00,065,536 | ---- | C] () -- C:\WINNT\System32\MSRTEDIT.DLL========== Files - Modified Within 30 Days ==========[26 C:\Documents and Settings\Sławek\Pulpit\*.tmp files][2009-07-04 22:03:56 | 00,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT[2009-07-04 08:39:34 | 01,198,252 | -H-- | M] () -- C:\WINNT\ShellIconCache[2009-07-04 02:32:44 | 00,000,261 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\Skrót do Nowy folder (2).lnk[2009-07-03 05:06:56 | 00,098,326 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\Silent Runners.zip[2009-07-03 04:19:56 | 00,001,494 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\HijackThis.lnk[2009-07-03 04:16:04 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Sławek\Pulpit\HJTInstall.exe[2009-07-03 04:12:50 | 00,125,620 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\komp.htm[2009-07-03 04:09:38 | 00,070,810 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\viewtopic.php.htm[2009-07-03 04:02:26 | 00,077,270 | ---- | M] () -- C:\Documents and Settings\Sławek\Pulpit\do kompa.htm[2009-07-01 05:59:50 | 00,000,606 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CWK.lnk[2009-06-29 18:43:58 | 00,238,352 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT[2009-06-29 18:28:52 | 00,000,596 | ---- | M] () -- C:\WINNT\win.ini========== LOP Check ==========[2007-09-25 03:22:08 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2007-09-25 03:22:08 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2009-04-21 01:16:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2007-09-25 03:22:08 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji[2008-02-08 16:40:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\ACD Systems[2007-10-05 13:23:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\cald2[2007-10-10 21:33:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\cepd17[2007-11-20 20:46:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\DeskSoft[2007-09-25 23:13:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\eSkiMoS R2[2007-10-20 14:07:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\FUJIFILM[2009-03-24 21:19:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\GanymedeNet[2008-12-02 18:42:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\gtk-2.0[2008-08-25 19:50:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\Mobipocket[2009-04-21 01:40:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\PCToolsFirewallPlus[2007-10-05 13:22:44 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\SecuROM[2007-11-04 16:18:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\Workrave[2007-09-28 15:32:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sławek\Dane aplikacji\XnView[2000-03-21 02:00:00 | 00,000,065 | RH-- | M] () -- C:\WINNT\Tasks\desktop.ini[2009-07-04 22:03:56 | 00,000,006 | -H-- | M] () -- C:\WINNT\Tasks\SA.DAT========== Purity Check ==========< End of report >
Gość komentarz 5 lipca 2009 komentarz 5 lipca 2009 Jest OK. [2009-07-04 22:03:06 | 00,000,000 | ---D | C] -- C:\FOUND.002 Ten Folder usuń ręcznie, jest ukryty, więc najpierw przywróć Atrybuty. ********************************************************************* 1. Odpal OTL i wywołaj go z opcji CleanUp, zgódź się na czyszczenie + restart komputera. 2. Użyj programu Malwarebytes. Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok. Wrzuć wygenerowany raport po usuwaniu MBAMem .
A.S.O.S. komentarz 5 lipca 2009 Autor komentarz 5 lipca 2009 Z kompem to teraz lipa na maksa. W czasie pracy odłączył się drugi dysk, czyli D i E. Po ponownym uruchomieniu już była kaszana i jest nadal. Komputer włącza się do momentu w którym na moment pojawia się pusty jeszcze pulpit, po czym uruchamianie komputera zaczyna się samoistnie od początku - i tak w kółko. Uruchamianie w trybie awaryjnym, awaryjnym z siecią, czy też przywracanie stanu w którym było ostatnio ok - postępuje do tego samego momentu jak uruchamianie w trybie normalnym. Nie wiem, czy w tym przypadku idzie zrobić format, a jeśli tak to jak?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.