x-kom hosting

Log z OTL

Suski1991
utworzono
utworzono

Nie moge otworzyc zadnej partycji... przeskanowalem komputer on-line i znalazlo mi konie trojanskie... Zalaczam logi z OTL czy mozecie mi jakos pomoc? Mam cos jeszcze zalaczyc?

OTL Extras logfile created on: 2009-07-19 23:36:49 - Run 1OTL by OldTimer - Version 3.0.9.2	 Folder = C:\Documents and Settings\XXX\PulpitWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd1022,42 Mb Total Physical Memory | 244,13 Mb Available Physical Memory | 23,88% Memory free2,40 Gb Paging File | 1,68 Gb Available in Paging File | 69,84% Paging File freePaging file location(s): C:\pagefile.sys 1536 3072 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program FilesDrive C: | 19,53 Gb Total Space | 3,81 Gb Free Space | 19,52% Space Free | Partition Type: NTFSDrive D: | 48,83 Gb Total Space | 0,18 Gb Free Space | 0,38% Space Free | Partition Type: NTFSDrive E: | 48,83 Gb Total Space | 0,93 Gb Free Space | 1,91% Space Free | Partition Type: NTFSDrive F: | 48,83 Gb Total Space | 11,49 Gb Free Space | 23,53% Space Free | Partition Type: NTFSDrive G: | 66,86 Gb Total Space | 8,15 Gb Free Space | 12,18% Space Free | Partition Type: NTFSH: Drive not present or media not loadedI: Drive not present or media not loadedDrive P: | 465,65 Gb Total Space | 12,25 Gb Free Space | 2,63% Space Free | Partition Type: FAT32Computer Name: LUKICurrent User Name: XXXLogged in as Administrator.Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Extra Registry (SafeList) ==================== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"AntiVirusDisableNotify" = 0"FirewallDisableNotify" = 0"UpdatesDisableNotify" = 0"AntiVirusOverride" = 0"FirewallOverride" = 0[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)"F:\Steam2\SteamApps\suski1991\counter-strike\hl.exe" = F:\Steam2\SteamApps\suski1991\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.)"F:\Steam2\Steam.exe" = F:\Steam2\Steam.exe:*:Enabled:Steam -- (Valve Corporation)"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)"C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application -- (Stripf Software)"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:?Torrent -- (BitTorrent, Inc.)"C:\Program Files\BearShare\BearShare.exe" = C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare -- (Free Peers, Inc.)"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)"F:\Electronic\BurnoutLauncher.exe" = F:\Electronic\BurnoutLauncher.exe:*:Enabled:Burnout Paradise The Ultimate Box -- (Electronic Arts)"F:\Electronic\BurnoutConfigTool.exe" = F:\Electronic\BurnoutConfigTool.exe:*:Enabled:Burnout Paradise The Ultimate Box -- (Electronic Arts)"F:\Electronic\BurnoutParadise.exe" = F:\Electronic\BurnoutParadise.exe:*:Enabled:Burnout Paradise The Ultimate Box -- (Electronic Arts)"C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe" = C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe:*:Enabled:Transformers - Revenge of the Fallen -- (Activision Inc.)========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help"{08F173A8-AB81-4760-AEB0-CE91F3B05AEF}" = Activision®"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer"{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox tp"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent"{4324BC93-C82F-ED16-BA86-5E34B9E05303}" = ccc-core-static"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision"{4cad619d-f246-485b-97d1-b1fc2e0f77dc}" = Nero 9 Trial"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall"{53E2DCBB-E6F7-4C83-B1EF-F78435B9814E}" = Sound Blaster X-Fi Xtreme Audio"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing"{5D309203-37B7-498A-B2CA-838E9FFD562B}" = Ventrilo Mix"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout Paradise The Ultimate Box"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress"{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin"All ATI Software" = ATI - Software Uninstall Utility"Ask Toolbar_is1" = Ask Toolbar"ATI Display Driver" = ATI Display Driver"BearShare" = BearShare"BurnAware Free_is1" = BurnAware Free 2.3.7"Creative Software AutoUpdate" = Creative Software AutoUpdate"DAEMON Tools Toolbar" = DAEMON Tools Toolbar"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!"ENTERPRISE" = Microsoft Office Enterprise 2007"Faktura 2007_is1" = Faktura 2007"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.3"HEXelon MAX_is1" = HEXelon MAX 6.07"HijackThis" = HijackThis 2.0.2"HLSW_is1" = HLSW v1.3.1"InstallShield_{08F173A8-AB81-4760-AEB0-CE91F3B05AEF}" = Transformers - Revenge of the Fallen"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager"KLiteCodecPack_is1" = K-Lite Codec Pack 4.8.0 (Full)"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0"mIRC" = mIRC"My Global Search Uninstall" = My Global Search Bar"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2"Nowe Gadu-Gadu" = Nowe Gadu-Gadu"Photo Resize Magic" = Photo Resize Magic 1.1"RealAlt_is1" = Real Alternative 1.9.0"Samsung ML-1640 Series" = Samsung ML-1640 Series"Shut Down-O-Matic" = Shut Down-O-Matic"SkanerOnline" = Skaner on-line mks_vir"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5"Winamp" = Winamp"Winamp Toolbar" = Winamp Toolbar"WinRAR archiver" = Archiwizator WinRAR========== HKEY_CURRENT_USER Uninstall List ==========[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"uTorrent" = ?Torrent========== Last 10 Event Log Errors ==========[ Application Events ]Error - 2009-07-05 14:59:45 | Computer Name = LUKI | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd transformers2.exe, wersja 1.0.0.0, moduł powodujący błąd transformers2.exe, wersja 1.0.0.0, adres błędu 0x00e4f480.Error - 2009-07-05 15:02:14 | Computer Name = LUKI | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd transformers2.exe, wersja 1.0.0.0, moduł powodujący błąd transformers2.exe, wersja 1.0.0.0, adres błędu 0x00e4f480.Error - 2009-07-05 15:03:26 | Computer Name = LUKI | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd transformers2.exe, wersja 1.0.0.0, moduł powodujący błąd transformers2.exe, wersja 1.0.0.0, adres błędu 0x00e4f480.Error - 2009-07-05 15:05:00 | Computer Name = LUKI | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd transformers2.exe, wersja 1.0.0.0, moduł powodujący błąd transformers2.exe, wersja 1.0.0.0, adres błędu 0x00e4f480.Error - 2009-07-05 15:06:22 | Computer Name = LUKI | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd transformers2.exe, wersja 1.0.0.0, moduł powodujący błąd transformers2.exe, wersja 1.0.0.0, adres błędu 0x00e4f480.Error - 2009-07-05 15:06:40 | Computer Name = LUKI | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd transformers2.exe, wersja 1.0.0.0, moduł powodujący błąd transformers2.exe, wersja 1.0.0.0, adres błędu 0x00e4f480.Error - 2009-07-05 15:07:37 | Computer Name = LUKI | Source = MsiInstaller | ID = 1013Description = Product: Activision® -- This installation cannot be run by directly launching the MSI package. You must run setup.exe.Error - 2009-07-10 03:02:48 | Computer Name = LUKI | Source = Application Hang | ID = 1002Description = Aplikacja zawieszająca explorer.exe, wersja 6.0.2900.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.Error - 2009-07-10 03:02:49 | Computer Name = LUKI | Source = Application Hang | ID = 1002Description = Aplikacja zawieszająca explorer.exe, wersja 6.0.2900.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.Error - 2009-07-18 08:01:17 | Computer Name = LUKI | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd opera.exe, wersja 9.64.10487.0, moduł powodujący błąd opera.dll, wersja 9.64.10487.0, adres błędu 0x000f8308.[ System Events ]Error - 2009-07-12 11:13:36 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2Error - 2009-07-12 22:29:27 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2Error - 2009-07-13 01:22:14 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2Error - 2009-07-14 01:19:24 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2Error - 2009-07-15 00:22:54 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2Error - 2009-07-15 10:45:35 | Computer Name = LUKI | Source = Print | ID = 19Description = Udostępnienie drukarki + 1722 nie powiodło się: drukarka Samsung ML-1640 Series z nazwą udziału Drukarka.Error - 2009-07-15 10:45:35 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2Error - 2009-07-16 00:46:12 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2Error - 2009-07-16 00:50:00 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2Error - 2009-07-17 03:03:19 | Computer Name = LUKI | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2< End of report >
OTL logfile created on: 2009-07-19 23:36:49 - Run 1OTL by OldTimer - Version 3.0.9.2	 Folder = C:\Documents and Settings\XXX\PulpitWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd1022,42 Mb Total Physical Memory | 244,13 Mb Available Physical Memory | 23,88% Memory free2,40 Gb Paging File | 1,68 Gb Available in Paging File | 69,84% Paging File freePaging file location(s): C:\pagefile.sys 1536 3072 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program FilesDrive C: | 19,53 Gb Total Space | 3,81 Gb Free Space | 19,52% Space Free | Partition Type: NTFSDrive D: | 48,83 Gb Total Space | 0,18 Gb Free Space | 0,38% Space Free | Partition Type: NTFSDrive E: | 48,83 Gb Total Space | 0,93 Gb Free Space | 1,91% Space Free | Partition Type: NTFSDrive F: | 48,83 Gb Total Space | 11,49 Gb Free Space | 23,53% Space Free | Partition Type: NTFSDrive G: | 66,86 Gb Total Space | 8,15 Gb Free Space | 12,18% Space Free | Partition Type: NTFSH: Drive not present or media not loadedI: Drive not present or media not loadedDrive P: | 465,65 Gb Total Space | 12,25 Gb Free Space | 2,63% Space Free | Partition Type: FAT32Computer Name: LUKICurrent User Name: XXXLogged in as Administrator.Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2009-02-26 01:57:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\Ati2evxx.exePRC - [2009-02-26 01:57:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\Ati2evxx.exePRC - [2006-10-25 06:32:36 | 00,036,864 | RHS- | M] (Microsoft Corporation) -- C:\windows\System32\EXPLORER.EXEPRC - [2008-04-15 16:30:00 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\windows\Explorer.EXEPRC - [2009-05-28 13:53:12 | 10,486,376 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exePRC - [2009-04-23 18:21:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exePRC - [2009-05-28 13:03:44 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exePRC - [2009-02-19 00:33:08 | 00,809,488 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exePRC - [2009-02-19 00:28:52 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXEPRC - [1999-12-12 21:31:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\windows\System32\CTsvcCDA.exePRC - [2008-12-05 16:11:54 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exePRC - [2008-04-15 16:30:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wscntfy.exePRC - [2008-10-16 14:28:28 | 00,300,296 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\LU\LULnchr.exePRC - [2008-10-16 14:28:42 | 00,801,544 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exePRC - [2009-02-26 10:49:18 | 00,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exePRC - [2008-04-15 16:30:00 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXEPRC - [2008-04-15 16:30:00 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXEPRC - [2009-07-17 18:41:04 | 01,217,784 | ---- | M] (Valve Corporation) -- F:\Steam2\Steam.exePRC - [2008-03-21 10:41:46 | 02,109,952 | ---- | M] () -- C:\Program Files\NAPI-PROJEKT\napisy.exePRC - [2009-07-19 20:48:06 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XXX\Pulpit\OTL.exePRC - [2009-07-13 15:49:01 | 00,288,048 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe========== Win32 Services (SafeList) ==========SRV - [2009-04-02 12:47:04 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade [Auto | Stopped])SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2009-02-26 01:57:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])SRV - [2009-02-25 15:15:00 | 00,593,920 | ---- | M] () -- C:\windows\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [1999-12-12 21:31:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\windows\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])SRV - [2008-04-15 16:30:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])SRV - [2009-02-19 00:30:20 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])SRV - [2008-10-25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])SRV - [2008-12-05 16:11:54 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0 [Auto | Running])SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2006-12-01 15:16:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2005-10-05 21:51:10 | 00,141,312 | R--- | M] (Analog Devices, Inc.) -- C:\windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])DRV - [2005-03-05 01:23:00 | 00,127,872 | R--- | M] (Andrea Electronics Corporation) -- C:\windows\System32\drivers\AEAudio.sys -- (AEAudioService [On_Demand | Running])DRV - [2009-02-26 03:28:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])DRV - [2005-12-08 08:24:44 | 00,142,336 | R--- | M] (Creative Technology Ltd) -- C:\windows\System32\DRIVERS\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])DRV - [2006-08-07 16:00:52 | 00,162,176 | R--- | M] (Creative Technology Ltd.) -- C:\windows\System32\drivers\ctusfsyn.sys -- (CTUSFSYN [On_Demand | Running])DRV - [2008-01-10 06:04:57 | 00,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\windows\System32\Drivers\DgiVecp.sys -- (DgiVecp [Auto | Running])DRV - [2006-05-15 10:48:00 | 00,012,416 | R--- | M] (ASUSTeK Computer Inc.) -- C:\windows\System32\drivers\EIO.sys -- (EIO [Auto | Running])DRV - [2001-08-17 22:43:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc.			  ) -- C:\windows\System32\DRIVERS\fetnd5.sys -- (FETNDIS [On_Demand | Running])DRV - [2008-04-15 16:30:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\windows\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])DRV - [2008-12-18 23:43:06 | 00,020,240 | ---- | M] (Logitech, Inc.) -- C:\windows\System32\DRIVERS\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running])DRV - [2008-12-18 23:43:12 | 00,063,248 | ---- | M] (Logitech, Inc.) -- C:\windows\System32\DRIVERS\L8042mou.Sys -- (L8042mou [On_Demand | Stopped])DRV - [2008-12-18 23:43:18 | 00,010,384 | ---- | M] (Logitech, Inc.) -- C:\windows\System32\Drivers\LBeepKE.sys -- (LBeepKE [Auto | Running])DRV - [2008-12-18 23:43:40 | 00,035,472 | ---- | M] (Logitech, Inc.) -- C:\windows\System32\DRIVERS\LHidFilt.Sys -- (LHidFilt [On_Demand | Running])DRV - [2008-12-18 23:43:48 | 00,037,392 | ---- | M] (Logitech, Inc.) -- C:\windows\System32\DRIVERS\LMouFilt.Sys -- (LMouFilt [On_Demand | Running])DRV - [2008-12-18 23:43:54 | 00,079,248 | ---- | M] (Logitech, Inc.) -- C:\windows\System32\DRIVERS\LMouKE.Sys -- (LMouKE [On_Demand | Stopped])DRV - [2004-08-13 07:26:20 | 00,005,810 | R--- | M] () -- C:\windows\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])DRV - [2005-12-08 08:24:52 | 00,114,688 | R--- | M] (Creative Technology Ltd.) -- C:\windows\System32\DRIVERS\ctoss2k.sys -- (ossrv [On_Demand | Running])DRV - [2006-09-25 14:28:54 | 01,173,504 | R--- | M] (Creative Technology Ltd.) -- C:\windows\System32\drivers\P17xfi.sys -- (P17xfi [On_Demand | Running])DRV - [2007-03-22 21:05:40 | 01,659,008 | R--- | M] (Sensaura) -- C:\windows\System32\drivers\p17xfilt.sys -- (p17xfilt [On_Demand | Running])DRV - [2008-04-15 16:30:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\windows\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2008-08-20 22:28:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2008-04-15 16:30:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\windows\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2005-08-11 18:19:28 | 00,393,088 | R--- | M] (Sensaura) -- C:\windows\System32\drivers\Senfilt.sys -- (SenFiltService [On_Demand | Running])DRV - [2009-07-05 22:24:08 | 00,721,904 | ---- | M] () -- C:\windows\System32\Drivers\sptd.sys -- (sptd [boot | Running])DRV - [2006-02-23 08:08:32 | 00,009,728 | R--- | M] (VIA Technologies, Inc.) -- C:\windows\system32\DRIVERS\videX32.sys -- (videX32 [boot | Running])DRV - [2006-02-23 08:09:06 | 00,011,264 | R--- | M] (VIA Technologies,Inc) -- C:\windows\system32\DRIVERS\xfilt.sys -- (xfilt [boot | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.bearshare.com/ [binary data]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpageIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pl.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = plIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 1D CF 00 D2 EA C9 01  [binary data]IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0O1 HOSTS File: (742 bytes) - C:\windows\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1	   localhostO2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\XXX\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()O3 - HKCU\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\XXX\Ustawienia lokalne\Temp\olhrwef.exe ()O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)O4 - HKCU..\Run: [EXPLORER.EXE] C:\windows\System32\EXPLORER.EXE (Microsoft Corporation)O4 - HKCU..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)O4 - HKCU..\Run: [wsctf.exe]  File not foundO4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not foundO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O13 - gopher Prefix: missingO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\System32\Explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\windows\System32\EXPLORER.EXE (Microsoft Corporation)O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\System32\Ati2evxx.dll (ATI Technologies Inc.)O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O28 - HKLM ShellExecuteHooks: {BB4C402F-882A-4526-8C08-51278EA437C1} - C:\windows\System32\e8main0.dll File not foundO31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - G:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:48 | 00,000,057 | RHS- | M] () - P:\AutoRun.inf -- [ FAT32 ]O33 - MountPoints2\{fbf1c334-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = C:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c334-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = C:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c335-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = D:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c335-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = D:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c336-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = E:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c336-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = E:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c337-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = F:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c337-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = F:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c338-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = G:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c338-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = G:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O34 - HKLM BootExecute: (autocheck) -  File not foundO34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) -  File not found========== Files/Folders - Created Within 30 Days ==========[2009-07-19 21:51:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Pulpit\ESET 4.0.314 PL Business Editions[2009-07-19 21:26:07 | 00,011,265 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\ESET 4.0.314 PL Business Editions.torrent[2009-07-19 21:23:44 | 00,013,311 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Eset NOD32 AntiVirus.torrent[2009-07-19 21:03:25 | 00,107,689 | RHS- | C] () -- C:\w9hw8.exe[2009-07-19 20:55:06 | 00,000,057 | RHS- | C] () -- C:\autorun.inf[2009-07-19 20:49:12 | 00,000,000 | ---D | C] -- C:\_OTL[2009-07-19 20:48:05 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\XXX\Pulpit\OTL.exe[2009-07-19 20:14:52 | 00,001,766 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\HijackThis.lnk[2009-07-19 20:14:52 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro[2009-07-19 20:14:45 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\XXX\Pulpit\HJTInstall.exe[2009-07-19 20:09:38 | 00,000,000 | ---D | C] -- C:\Program Files\SkanerOnline[2009-07-19 20:03:51 | 16,466,201 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Neo~ vs. Turkey de_dust2 - ESL ENC 2009.zip[2009-07-19 19:15:00 | 00,001,083 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Free YouTube to Mp3 Converter.lnk[2009-07-19 19:15:00 | 00,000,924 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Free Studio Manager.lnk[2009-07-19 19:14:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVIDEOSOFT[2009-07-19 19:14:58 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msvcr70.dll[2009-07-19 19:14:57 | 00,000,000 | ---D | C] -- C:\Program Files\DVDVIDEOSOFT[2009-07-19 19:06:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Pulpit\MP3[2009-07-19 18:57:46 | 00,052,162 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\n!.jpeg[2009-07-19 18:48:00 | 00,015,726 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\VA - Eska Hity Na Czasie 2009.torrent[2009-07-19 18:47:56 | 00,018,353 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\VA - Bravo Hits Vol 66-2CD-2009-CSM.torrent[2009-07-18 10:38:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Pulpit\blanes[2009-07-18 10:14:10 | 18,323,2210 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\BLANES.rar[2009-07-16 14:37:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe[2009-07-14 16:34:22 | 00,000,085 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\wietrzne radio.m3u[2009-07-13 15:47:23 | 00,013,631 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\The.Day.After.Tomorrow.2004.PL.BRRip.XviD-BTGIGS.torrent[2009-07-13 12:43:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help[2009-07-12 20:15:14 | 00,108,998 | RHS- | C] () -- C:\f.bat[2009-07-12 00:53:07 | 00,000,147 | ---- | C] () -- C:\Documents and Settings\XXX\Dane aplikacji\burnaware.ini[2009-07-12 00:45:03 | 01,645,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gdiplus.dll[2009-07-12 00:45:01 | 00,000,000 | ---D | C] -- C:\Program Files\BurnAware Free[2009-07-11 20:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite[2009-07-11 12:22:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft[2009-07-11 12:22:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\LogiShrd[2009-07-10 20:05:55 | 00,105,986 | RHS- | C] () -- C:\p.exe[2009-07-10 20:00:27 | 00,001,551 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Konfiguracja.lnk[2009-07-10 20:00:27 | 00,000,000 | ---D | C] -- C:\Program Files\SAGEM[2009-07-10 20:00:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\InstallShield[2009-07-10 19:19:35 | 00,000,428 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Rodzice.lnk[2009-07-10 19:19:35 | 00,000,417 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Kuba.lnk[2009-07-10 12:55:25 | 00,000,784 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Photo Resize Magic.lnk[2009-07-10 12:55:23 | 00,000,000 | ---D | C] -- C:\Program Files\Photo Resize Magic[2009-07-10 12:55:15 | 00,596,689 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\photorm.zip[2009-07-10 11:40:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Pulpit\C-klasa[2009-07-10 11:27:39 | 00,036,864 | RHS- | C] (Microsoft Corporation) -- C:\windows\System32\EXPLORER.EXE[2009-07-07 09:55:10 | 00,000,709 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Faktura 2007.lnk[2009-07-07 09:41:54 | 00,000,000 | ---D | C] -- C:\Program Files\Faktura 2007[2009-07-07 09:27:29 | 00,000,236 | ---- | C] () -- C:\windows\Fakturka.ini[2009-07-07 00:30:19 | 00,107,332 | RHS- | C] () -- C:\q1alx.exe[2009-07-05 23:28:33 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\SecuROM[2009-07-05 23:03:33 | 00,001,995 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Transformers - Revenge of the Fallen.lnk[2009-07-05 22:41:45 | 00,000,000 | ---D | C] -- C:\Program Files\Activision[2009-07-05 22:32:51 | 00,000,000 | -HSD | C] -- C:\windows\ftpcache[2009-07-05 22:32:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\DAEMON Tools Pro[2009-07-05 22:31:13 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar[2009-07-05 22:31:03 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite[2009-07-05 22:29:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero[2009-07-05 22:24:08 | 00,721,904 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys[2009-07-05 22:24:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\DAEMON Tools Lite[2009-06-29 18:34:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\Apple Computer[2009-06-29 12:43:12 | 00,000,180 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Dysk.lnk[2009-06-28 16:24:07 | 00,002,046 | ---- | C] () -- C:\windows\bestplayer.ini[2009-06-28 16:24:07 | 00,001,188 | ---- | C] () -- C:\windows\bestplayer.bbt[2009-06-28 16:24:07 | 00,000,066 | ---- | C] () -- C:\windows\bestplayer.bpp[2009-06-28 14:18:44 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\Napi-projekt.lnk[2009-06-28 14:18:43 | 00,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT[2009-06-28 14:18:01 | 00,299,008 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\bestplayer1.0.exe[2009-06-27 16:11:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Pulpit\radia[2009-06-26 21:23:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Criterion Games[2009-06-26 21:07:10 | 00,001,196 | ---- | C] () -- C:\windows\System32\ealregsnapshot1.reg[2009-06-26 21:07:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Downloaded Installations[2009-06-26 21:06:42 | 00,001,428 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Burnout Paradise The Ultimate Box.lnk[2009-06-26 21:01:26 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_40.dll[2009-06-26 21:01:26 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_40.dll[2009-06-26 21:01:26 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_40.dll[2009-06-26 21:01:25 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_3.dll[2009-06-26 21:01:25 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_3.dll[2009-06-26 21:01:25 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_2.dll[2009-06-26 21:01:25 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_5.dll[2009-06-26 21:01:24 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_2.dll[2009-06-26 21:01:24 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_2.dll[2009-06-26 21:01:24 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_1.dll[2009-06-26 21:01:23 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_39.dll[2009-06-26 21:01:23 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_39.dll[2009-06-26 21:01:23 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_1.dll[2009-06-26 21:01:23 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_39.dll[2009-06-26 21:01:23 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_0.dll[2009-06-26 21:01:22 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_38.dll[2009-06-26 21:01:22 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_38.dll[2009-06-26 21:01:22 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_38.dll[2009-06-26 21:01:22 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_1.dll[2009-06-26 21:01:22 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_4.dll[2009-06-26 21:01:21 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_37.dll[2009-06-26 21:01:21 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_0.dll[2009-06-26 21:01:21 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_37.dll[2009-06-26 21:01:21 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_0.dll[2009-06-26 21:01:21 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_3.dll[2009-06-26 21:01:20 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_37.dll[2009-06-26 21:01:20 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_36.dll[2009-06-26 21:01:20 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_36.dll[2009-06-26 21:01:20 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_10.dll[2009-06-26 21:01:19 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_36.dll[2009-06-26 21:01:19 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_35.dll[2009-06-26 21:01:19 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_35.dll[2009-06-26 21:01:19 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_9.dll[2009-06-26 21:01:18 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_35.dll[2009-06-26 21:01:17 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_34.dll[2009-06-26 21:01:17 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_34.dll[2009-06-26 21:01:17 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_34.dll[2009-06-26 21:01:17 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_8.dll[2009-06-26 21:01:17 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_2.dll[2009-06-26 21:01:16 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_7.dll[2009-06-26 21:01:16 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_3.dll[2009-06-26 21:01:15 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_33.dll[2009-06-26 21:01:15 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_33.dll[2009-06-26 21:01:14 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_33.dll[2009-06-26 21:01:14 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_6.dll[2009-06-26 21:01:14 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_5.dll[2009-06-26 21:01:13 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_32.dll[2009-06-26 21:01:13 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_31.dll[2009-06-26 21:01:13 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_4.dll[2009-06-26 21:01:13 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_3.dll[2009-06-26 21:01:13 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_2.dll[2009-06-26 21:01:13 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\x3daudio1_1.dll[2009-06-26 21:01:12 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_2.dll[2009-06-26 21:01:12 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_1.dll[2009-06-26 21:01:12 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_1.dll[2009-06-26 21:01:07 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_0.dll[2009-06-26 21:01:07 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\x3daudio1_0.dll[2009-06-26 21:01:06 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_29.dll[2009-06-26 21:01:06 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_28.dll[2009-06-26 21:01:06 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput9_1_0.dll[2009-06-26 21:01:05 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_25.dll[2009-06-26 21:01:05 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_27.dll[2009-06-26 21:01:05 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_26.dll[2009-06-26 21:01:04 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_24.dll[2009-06-26 21:00:54 | 00,000,000 | ---D | C] -- C:\windows\Logs[2009-06-21 10:38:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\HEXelon[2009-06-21 10:37:59 | 00,000,680 | ---- | C] () -- C:\Documents and Settings\XXX\Pulpit\HEXelon MAX 6.lnk[2009-06-21 10:37:58 | 00,000,000 | ---D | C] -- C:\Program Files\HEXelon MAX 6[2009-06-21 10:20:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Winamp Toolbar[2009-06-20 20:56:19 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk[2009-06-20 20:56:14 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar[2009-06-20 20:55:56 | 01,858,032 | ---- | C] (Sonic Solutions) -- C:\windows\System32\pxsfs.dll[2009-06-20 20:55:56 | 00,670,192 | ---- | C] (Sonic Solutions) -- C:\windows\System32\px.dll[2009-06-20 20:55:56 | 00,551,408 | ---- | C] (Sonic Solutions) -- C:\windows\System32\pxdrv.dll[2009-06-20 20:55:56 | 00,436,720 | ---- | C] (Sonic Solutions) -- C:\windows\System32\pxwave.dll[2009-06-20 20:55:56 | 00,219,632 | ---- | C] (Sonic Solutions) -- C:\windows\System32\pxmas.dll[2009-06-20 20:55:56 | 00,129,520 | ---- | C] (Sonic Solutions) -- C:\windows\System32\pxafs.dll[2009-06-20 20:55:56 | 00,096,752 | ---- | C] (Sonic Solutions) -- C:\windows\System32\vxblock.dll[2009-06-20 20:55:56 | 00,072,176 | ---- | C] (Sonic Solutions) -- C:\windows\System32\pxhpinst.exe[2009-06-20 20:55:56 | 00,066,544 | ---- | C] (Sonic Solutions) -- C:\windows\System32\pxcpya64.exe[2009-06-20 20:55:56 | 00,066,032 | ---- | C] (Sonic Solutions) -- C:\windows\System32\pxinsa64.exe[2009-06-20 20:55:56 | 00,044,944 | ---- | C] (Sonic Solutions) -- C:\windows\System32\drivers\PxHelp20.sys[2009-06-20 20:55:56 | 00,009,200 | ---- | C] (Sonic Solutions) -- C:\windows\System32\drivers\cdralw2k.sys[2009-06-20 20:55:56 | 00,009,072 | ---- | C] (Sonic Solutions) -- C:\windows\System32\drivers\cdr4_xp.sys[2009-06-20 20:55:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\Winamp[2009-06-20 17:20:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Adobe[2009-06-20 17:19:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe[2009-06-20 17:19:50 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe[2009-06-17 20:42:48 | 00,004,767 | ---- | C] () -- C:\windows\Irremote.ini[2009-06-13 19:36:42 | 00,085,504 | RHS- | C] () -- C:\windows\System32\nmdfgds3.dll[2009-06-13 15:01:24 | 00,022,723 | ---- | C] () -- C:\windows\System32\ssp2ml3.dll[2009-06-12 16:48:22 | 00,021,782 | ---- | C] () -- C:\windows\Ascd_tmp.ini[2009-06-12 16:48:20 | 00,005,810 | R--- | C] () -- C:\windows\System32\drivers\ASACPI.sys[2009-06-12 16:48:17 | 00,005,824 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS[2009-06-12 00:59:10 | 00,168,448 | ---- | C] () -- C:\windows\System32\unrar.dll[2009-06-12 00:59:08 | 03,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll[2009-06-12 00:59:08 | 00,795,648 | ---- | C] () -- C:\windows\System32\xvidcore.dll[2009-06-12 00:59:08 | 00,130,048 | ---- | C] () -- C:\windows\System32\xvidvfw.dll[2009-06-12 00:59:07 | 00,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest[2009-06-12 00:59:06 | 00,084,480 | ---- | C] () -- C:\windows\System32\ff_vfw.dll[2009-06-12 00:23:06 | 00,003,118 | ---- | C] () -- C:\windows\System32\AudioDrv.ini[2009-06-12 00:22:55 | 00,022,478 | R--- | C] () -- C:\windows\System32\Ludap17.ini[2009-06-12 00:22:55 | 00,000,054 | R--- | C] () -- C:\windows\System32\ctzapxx.ini[2009-06-12 00:22:18 | 00,008,251 | R--- | C] () -- C:\windows\sfsyn.ini[2009-06-12 00:22:17 | 00,053,248 | R--- | C] () -- C:\windows\System32\P17CPI.dll[2009-06-12 00:22:16 | 00,137,216 | R--- | C] () -- C:\windows\System32\OemSpi.dll[2008-04-15 16:30:00 | 00,078,848 | ---- | C] () -- C:\windows\System32\e8main1.dll[2008-04-15 16:30:00 | 00,000,582 | ---- | C] () -- C:\windows\win.ini[2008-04-15 16:30:00 | 00,000,231 | ---- | C] () -- C:\windows\system.ini========== Files - Modified Within 30 Days ==========[2009-07-19 23:37:11 | 00,000,057 | RHS- | M] () -- C:\autorun.inf[2009-07-19 23:35:57 | 00,002,046 | ---- | M] () -- C:\windows\bestplayer.ini[2009-07-19 23:35:57 | 00,001,188 | ---- | M] () -- C:\windows\bestplayer.bbt[2009-07-19 23:35:57 | 00,000,066 | ---- | M] () -- C:\windows\bestplayer.bpp[2009-07-19 21:47:28 | 00,081,920 | ---- | M] () -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-07-19 21:26:07 | 00,011,265 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\ESET 4.0.314 PL Business Editions.torrent[2009-07-19 21:23:44 | 00,013,311 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Eset NOD32 AntiVirus.torrent[2009-07-19 21:10:33 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT[2009-07-19 21:10:30 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat[2009-07-19 21:02:58 | 00,107,689 | RHS- | M] () -- C:\w9hw8.exe[2009-07-19 20:48:06 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XXX\Pulpit\OTL.exe[2009-07-19 20:14:52 | 00,001,766 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\HijackThis.lnk[2009-07-19 20:14:46 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\XXX\Pulpit\HJTInstall.exe[2009-07-19 20:05:18 | 16,466,201 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Neo~ vs. Turkey de_dust2 - ESL ENC 2009.zip[2009-07-19 19:15:00 | 00,001,083 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Free YouTube to Mp3 Converter.lnk[2009-07-19 19:15:00 | 00,000,924 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Free Studio Manager.lnk[2009-07-19 18:57:46 | 00,052,162 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\n!.jpeg[2009-07-19 18:48:00 | 00,015,726 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\VA - Eska Hity Na Czasie 2009.torrent[2009-07-19 18:47:56 | 00,018,353 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\VA - Bravo Hits Vol 66-2CD-2009-CSM.torrent[2009-07-19 13:04:31 | 00,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl[2009-07-18 10:38:04 | 18,323,2210 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\BLANES.rar[2009-07-14 16:34:22 | 00,000,085 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\wietrzne radio.m3u[2009-07-13 20:36:00 | 00,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job[2009-07-13 15:47:23 | 00,013,631 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\The.Day.After.Tomorrow.2004.PL.BRRip.XviD-BTGIGS.torrent[2009-07-12 20:14:47 | 00,108,998 | RHS- | M] () -- C:\f.bat[2009-07-12 00:57:26 | 00,000,147 | ---- | M] () -- C:\Documents and Settings\XXX\Dane aplikacji\burnaware.ini[2009-07-11 20:52:26 | 00,105,986 | RHS- | M] () -- C:\p.exe[2009-07-10 20:00:27 | 00,001,551 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Konfiguracja.lnk[2009-07-10 19:20:01 | 00,000,417 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Kuba.lnk[2009-07-10 19:19:45 | 00,000,428 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Rodzice.lnk[2009-07-10 12:55:25 | 00,000,784 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Photo Resize Magic.lnk[2009-07-10 12:55:18 | 00,596,689 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\photorm.zip[2009-07-07 17:49:29 | 00,107,332 | RHS- | M] () -- C:\q1alx.exe[2009-07-07 09:41:54 | 00,000,709 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Faktura 2007.lnk[2009-07-07 09:27:29 | 00,000,236 | ---- | M] () -- C:\windows\Fakturka.ini[2009-07-05 23:03:33 | 00,001,995 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Transformers - Revenge of the Fallen.lnk[2009-07-05 22:24:08 | 00,721,904 | ---- | M] () -- C:\windows\System32\drivers\sptd.sys[2009-06-29 12:43:29 | 00,000,180 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Dysk.lnk[2009-06-28 14:18:44 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\Napi-projekt.lnk[2009-06-26 21:07:10 | 00,001,196 | ---- | M] () -- C:\windows\System32\ealregsnapshot1.reg[2009-06-26 21:06:42 | 00,001,428 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Burnout Paradise The Ultimate Box.lnk[2009-06-21 10:37:59 | 00,000,680 | ---- | M] () -- C:\Documents and Settings\XXX\Pulpit\HEXelon MAX 6.lnk[2009-06-20 20:56:19 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk< End of report >

Extrasss.Txt

OTLll.Txt

Extrasss.Txt

OTLll.Txt

Gość
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:46 | 00,000,057 | RHS- | M] () - G:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-07-19 23:36:48 | 00,000,057 | RHS- | M] () - P:\AutoRun.inf -- [ FAT32 ]O33 - MountPoints2\{fbf1c334-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = C:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c334-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = C:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c335-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = D:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c335-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = D:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c336-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = E:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c336-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = E:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c337-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = F:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c337-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = F:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c338-56cb-11de-a50d-806d6172696f}\Shell\AutoRun\command - "" = G:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O33 - MountPoints2\{fbf1c338-56cb-11de-a50d-806d6172696f}\Shell\open\Command - "" = G:\w9hw8.exe -- [2009-07-19 21:02:58 | 00,107,689 | RHS- | M] ()O28 - HKLM ShellExecuteHooks: {BB4C402F-882A-4526-8C08-51278EA437C1} - C:\windows\System32\e8main0.dll File not foundO4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\XXX\Ustawienia lokalne\Temp\olhrwef.exe ()O4 - HKCU..\Run: [EXPLORER.EXE] C:\windows\System32\EXPLORER.EXE (Microsoft Corporation)O4 - HKCU..\Run: [wsctf.exe]  File not foundO2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)()O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)O3 - HKCU\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search):FilesC:\w9hw8.exeD:\w9hw8.exeE:\w9hw8.exeF:\w9hw8.exeG:\w9hw8.exeH:\w9hw8.exeP:\w9hw8.exeC:\autorun.infD:\autorun.infE:\autorun.infF:\autorun.infG:\autorun.infH:\autorun.infP:\autorun.infC:\f.batD:\f.batE:\f.batF:\f.batG:\f.batH:\f.batP:\f.batC:\p.exeD:\p.exeE:\p.exeF:\p.exeG:\p.exeH:\p.exeP:\p.exeC:\windows\System32\EXPLORER.EXEC:\q1alx.exeD:\q1alx.exeE:\q1alx.exeF:\q1alx.exeG:\q1alx.exeH:\q1alx.exeP:\q1alx.exeC:\windows\System32\nmdfgds0.dllC:\windows\System32\nmdfgds1.dllC:\windows\System32\nmdfgds2.dllC:\windows\System32\nmdfgds3.dllC:\windows\System32\nmdfgds4.dllC:\windows\System32\e8main0.dllC:\windows\System32\e8main1.dllC:\windows\System32\e8main2.dllC:\windows\System32\e8main3.dllC:\windows\System32\e8main4.dllC:\Documents and Settings\XXX\Ustawienia lokalne\Temp\olhrwef.exeC:\Program Files\MyGlobalSearchC:\Program Files\AskBarDis:Reg[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"SuperHidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"Hidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"ShowSuperHidden"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]"CheckedValue"=dword:00000001[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]@="":Commands[emptytemp][start explorer][Reboot]

Kliasz w Run Fix i zatwierdzasz restart komputera.

Po restarcie - pokazujesz nam log z czyszczenia.

.

Suski1991
komentarz
komentarz

Wyskoczyly mi bledy podczas naprawiania zalaczam plik ktory mi wyskoczyl po restarcie i nowy log

OTL1.Txt

07202009_094614.txt

OTL1.Txt

07202009_094614.txt

Gość
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)O4 - HKCU..\Run: [EXPLORER.EXE] C:\windows\System32\EXPLORER.EXE (Microsoft Corporation)O4 - HKCU..\Run: [wsctf.exe]  File not found:FilesC:\windows\System32\EXPLORER.EXE:Commands[start explorer][Reboot]

Klikasz w Run Fix i zatwierdzasz restart komputera.

Po restarcie - pokazujesz nam log z czyszczenia.

.

Suski1991
komentarz
komentarz

Sory nie bylo mnie przez dwa dni... moj nowy log jest taki

OTL22.Txt

OTL22.Txt

Gość
komentarz
komentarz

Te klucze wogóle nie chcą iść do usuwania.

Inaczej to zrobimy

Log jest ogólnie OK. ;)

************************************************************************************

1. Do Notatnika wklej:

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"wsctf.exe"=-"EXPLORER.EXE"=-[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

Z menu Notatnika >>> Plik >>> Zapisz jako >>> Ustaw rozszerzenie na: "Wszystkie pliki" >>> Zapisz jako FIX.REG>>>

plik uruchom (dwuklik i OK- zgódź się na dodanie do Rejestru).

Zrestartuj komputer.

2. Odpal OTL i wywołaj go z opcji CleanUp, zgódź się na czyszczenie + restart komputera.

3. Do poczytania i wykonania: Usuwanie infekcji z dysków przenośnych.

4. Użyj programu Malwarebytes.

Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok.

Wrzuć wygenerowany raport po usuwaniu MBAMem.

.

Gość
komentarz
komentarz

Widzę, że MBAM też poosuwał szczątki infekcji, tej którą miałeś.

Z folderu "System Volume Information" usuniesz kopie "wirusów" poprzez chwilowe wyłączenie "Przywracania Systemu":

>Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.

Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka).

I to na tyle.

.

Suski1991
komentarz
komentarz

wylaczylem przywracanie systemu... ale nie moge otworzyc tego folderu "odmowa dostepu" i tak na kazdej partycji :/

Gość
komentarz
komentarz

Przeczytaj dokładnie, nie otworzysz folderu "System Volume Information", jeżeli wyłączyłeś to dobrze, zostaw (po restarcie komputera możesz włączyć), i nic więcej. ;)

.

Suski1991
komentarz
komentarz

mysalem ze to nic nie da :) no dobra to wielkie dzieki :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.