x-kom hosting

Windows zjadł prawie wszystkie ikony na pulpicie, bardzo dziwny przypadek!

dissemblance
utworzono
utworzono (edytowane)

Na początku pragnę zaznaczyć, że mój Windows dąży do autodestrukcji wraz z komputerem, jestem bliska uśmiercenia Gatesa i moja cierpliwość została już nazbyt naruszona. Pragnę zaznaczyć również, że moje umiejętności posługiwania się tą złowieszczą machiną są poniżej zera, więc proszę pisać najprościej jak się da i nie pomijać możliwie oczywistych dla wielu rzeczy. Otóż po uruchomieniu komputera (2 dni temu) okazało się, że na pulpicie znajduje się jedynie mój komputer, kosz, skrót do gg, skrót do przeglądarki i drukarki. Było tam kilka folderów ze zdjęciami (70 % moich zdjęć, kilka na wystawę), oprócz nich kilka dokumentów Worda i może jakiś plik muzyczny. Jednakże najważniejsze są zdjęcia. Najbardziej przeraza mnie jednak fakt, iż po wejściu w mój komputer > dysk C >Documents and setings > użytkownik >pulpit w folderze pulpit nic nie ma, zaiste ciekawy to przypadek. Włączyłam pokazywanie ukrywanych ikon na pulpicie, resetowałam, przywracałam system, sprawdzałam, czy może wdarli się jacyś użytkownicy, zmieniałam ustawienia w panelu sterowania, ściągnęłam program 'PC Inspector File Recovery'-mimo iż nawet znalazł się tam jeden jedyny folder to po zapisaniu podgląd był niedostępny, więc to też nieudane rozwiązanie. Podobnież klasyczny przypadek to taki, że nie ma żadnych ikon i są kłopoty z paskiem z menu Start, u mnie to wygląda inaczej i groźniej, Windows w akcie nienawiści usunął prawie cały pulpit i się droczy ze mną od dwóch dni, ja jako bezradna istota zjawiam się więc u waszego progu licząc na pomoc, także proszę niezmiernie o odpowiedzi, pomysły, inwencję techniczną(nigdy więcej Windowsa.

Z poważaniem,

P.

Psycholandia
komentarz
komentarz

Nic prócz wirusa nie przychodzi mi na myśl..

Daj logi z OTL: http://www.forumpc.pl/index.php?showtopic=104338

Sprawdzimy czy to jakiś szkodnik. :)

Vasir
komentarz
komentarz

Mi jeszcze przyszło do głowy takie narzędzie które usuwa nieużywane rzeczy z pulpitu. Ale to raczej nie to, choć kto wie..

dissemblance
komentarz
komentarz (edytowane)
Log do sprawdzenia
OTL logfile created on: 2009-08-15 18:24:53 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\XXX\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

255,48 Mb Total Physical Memory | 91,36 Mb Available Physical Memory | 35,76% Memory free
706,27 Mb Paging File | 157,80 Mb Available in Paging File | 22,34% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,42 Gb Total Space | 0,76 Gb Free Space | 3,13% Space Free | Partition Type: NTFS
Drive D: | 12,83 Gb Total Space | 12,71 Gb Free Space | 99,00% Space Free | Partition Type: FAT32
Drive E: | 144,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XXX-3B3502B536C
Current User Name: XXX
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2007-01-11 16:01:56 | 00,200,704 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe
PRC - [2007-02-26 16:04:48 | 00,167,936 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe
PRC - [2004-08-23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe
PRC - [2009-06-27 01:23:38 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2007-10-09 12:10:21 | 00,150,024 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\FileMonSV.exe
PRC - [2008-09-06 00:30:06 | 00,952,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WgaTray.exe
PRC - [2007-06-13 15:23:49 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007-06-28 17:23:20 | 00,094,208 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe
PRC - [2007-01-12 16:42:18 | 00,270,336 | ---- | M] (ArcaBit sp. z o.o.) -- C:\Program Files\ArcaBit\Common\TaskScheduler.exe
PRC - [2007-07-12 10:40:31 | 00,303,104 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe
PRC - [2007-12-05 11:24:54 | 00,477,704 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
PRC - [2009-06-27 01:23:39 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2006-02-19 03:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2009-04-26 17:12:05 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2004-04-13 06:07:08 | 00,151,552 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\WINDOWS\System32\MSTMON_N.EXE
PRC - [2004-10-05 17:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\TaskBarIcon.exe
PRC - [2005-06-06 23:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2008-08-19 09:47:38 | 01,795,656 | ---- | M] (FLASHGET) -- C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe
PRC - [2008-03-04 03:06:00 | 01,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
PRC - [2008-04-09 16:34:59 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-02-22 16:14:00 | 00,287,040 | ---- | M] () -- C:\Program Files\DNA\btdna.exe
PRC - [2004-10-13 18:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2009-07-27 17:42:10 | 10,719,848 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2006-02-19 05:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009-07-27 16:39:44 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2006-02-19 06:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2005-12-06 14:53:30 | 00,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\neostradatp.exe
PRC - [2005-11-22 12:54:18 | 00,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\ComComp.exe
PRC - [2004-11-02 15:31:20 | 00,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\neostrada tp\Toaster.exe
PRC - [2004-10-27 11:30:44 | 00,032,768 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.exe
PRC - [2004-10-27 11:07:06 | 00,069,632 | ---- | M] () -- C:\Program Files\neostrada tp\PollingModule.exe
PRC - [2004-10-21 08:50:52 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\AlertModule\AlertModule.exe
PRC - [2004-08-23 14:49:56 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\Watch.exe
PRC - [2009-07-30 00:14:32 | 00,849,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2009-07-30 00:14:32 | 00,849,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2009-07-30 00:14:32 | 00,849,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2009-07-30 00:14:32 | 00,849,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2009-08-15 18:22:26 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XXX\Moje dokumenty\Downloads\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2007-10-09 12:10:21 | 00,150,024 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\FileMonSV.exe -- (ABFileMon [Auto | Running])
SRV - [2007-06-28 17:23:20 | 00,094,208 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe -- (ABNetMon [Auto | Running])
SRV - [2007-01-11 16:01:56 | 00,200,704 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe -- (ArcaBit.Core.Configurator [On_Demand | Running])
SRV - [2007-01-11 16:03:58 | 00,237,568 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.LoggingService.exe -- (ArcaBit.Core.LoggingService [On_Demand | Stopped])
SRV - [2007-01-12 16:42:18 | 00,270,336 | ---- | M] (ArcaBit sp. z o.o.) -- C:\Program Files\ArcaBit\Common\TaskScheduler.exe -- (ArcaBit.TaskScheduler [Auto | Running])
SRV - File not found -- -- (AresChatServer [On_Demand | Stopped])
SRV - [2007-02-26 16:04:48 | 00,167,936 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe -- (AVUpdate [Auto | Running])
SRV - [2004-08-23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2009-05-01 21:12:35 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009-06-27 01:23:38 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006-03-03 22:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [unknown | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2007-09-12 14:37:47 | 00,030,208 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\abflt.sys -- (ABFLT [On_Demand | Running])
DRV - [2007-05-08 14:45:01 | 00,044,032 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\ABTDI.sys -- (ABTDI [system | Running])
DRV - [2004-08-04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2006-04-12 12:04:39 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2006-04-12 12:04:39 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2006-04-12 12:04:39 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2004-08-04 02:38:40 | 00,607,068 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Stopped])
DRV - [2003-07-18 02:44:24 | 00,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\WINDOWS\System32\MLPTDR_N.SYS -- (MLPTDR_N [Auto | Running])
DRV - [2001-08-17 23:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Stopped])
DRV - [2007-02-13 01:12:04 | 00,021,376 | ---- | M] (Motorola) -- C:\WINDOWS\System32\DRIVERS\motmodem.sys -- (motmodem [On_Demand | Stopped])
DRV - [2001-08-18 00:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2003-08-04 13:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
DRV - [2007-10-18 16:27:17 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2006-05-15 15:35:36 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped])
DRV - [2007-11-13 12:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004-11-03 14:14:26 | 00,267,136 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sis7012.sys -- (SiS7012 [On_Demand | Running])
DRV - [2003-07-18 09:58:20 | 00,036,992 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp [boot | Running])
DRV - [2004-08-04 00:31:36 | 00,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\System32\DRIVERS\sisnic.sys -- (SISNIC [On_Demand | Running])
DRV - [2003-08-12 16:51:00 | 00,060,255 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\System32\DRIVERS\stmatm.sys -- (Stmatm [On_Demand | Running])
DRV - [2006-05-25 17:28:44 | 00,684,265 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\torususb.sys -- (TaurusUsb [On_Demand | Running])
DRV - File not found -- Service key not found. -- (zsderhgfdqo [unknown | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\S-1-5-21-1078081533-1580818891-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.1.9.6
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20090119W
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-27 01:23:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-08-10 12:21:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-08-09 22:50:11 | 00,000,000 | ---D | M]

[2009-04-14 18:36:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Extensions
[2009-04-14 18:36:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-08-10 12:11:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Firefox\Profiles\vcg4yhpt.default\extensions
[2009-07-05 22:48:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Firefox\Profiles\vcg4yhpt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009-04-15 19:00:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Firefox\Profiles\vcg4yhpt.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009-08-10 12:23:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Firefox\Profiles\yphrldjj.PAT\extensions
[2009-08-09 22:50:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-08-09 22:50:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-07-31 01:45:28 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-07-31 01:45:28 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-07-31 01:45:28 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009-07-31 00:44:16 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-07-31 00:44:16 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-07-31 01:45:26 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-07-31 00:44:16 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-07-31 00:44:16 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-07-31 00:44:16 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-07-31 00:44:16 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\XXX\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\ShellBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O4 - HKLM..\Run: [ABRegmon] C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe (ArcaBit)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.DLL (STMicroelectronics )
O4 - HKLM..\Run: [ArcaCheck] C:\Program Files\ArcaBit\ArcaVir\ArcaCheck.exe (ArcaBit)
O4 - HKLM..\Run: [AvMenu] C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (ArcaBit)
O4 - HKLM..\Run: [bearShare] C:\Program Files\BearShare\BearShare.exe File not found
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [FlashGet] C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe (FLASHGET)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\WINDOWS\System32\MSTMON_N.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [amva] C:\WINDOWS\System32\amvo.exe ()
O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found
O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [bitTorrent DNA] C:\Program Files\DNA\btdna.exe ()
O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [GoD] C:\Documents and Settings\XXX\Moje dokumenty\GoD\GoD.exe File not found
O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33DFB28A-9792-4AFC-B594-D589365DF67D} http://www.bahu.com/BahuPhotoUploader.cab (Bahu Photo Uploader)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\TS_LogonListener: DllName - TS_LogonListener.dll - C:\WINDOWS\System32\TS_LogonListener.dll (ArcaBit sp. z o.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-10-18 14:03:31 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-08-15 18:26:56 | 00,000,501 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-08-15 18:26:58 | 00,000,501 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\AutoRun\command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()
O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\explore\Command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()
O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\open\Command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()
O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\AutoRun\command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()
O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\explore\Command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()
O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\open\Command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()
O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found
O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-08-15 18:07:34 | 00,000,009 | ---- | C] () -- C:\WINDOWS\System32\zić
[2009-08-15 15:07:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009-08-15 00:03:56 | 00,006,200 | ---- | C] () -- C:\WINDOWS\System32\INT13EXT.VXD
[2009-08-15 00:03:49 | 00,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Inspector File Recovery.lnk
[2009-08-14 23:47:51 | 00,081,060 | ---- | C] () -- C:\Documents and Settings\XXX\Moje dokumenty\index.htm
[2009-08-14 18:41:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009-08-14 18:05:35 | 00,071,680 | RHS- | C] () -- C:\WINDOWS\System32\amvo0.dll
[2009-08-11 00:40:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-08-11 00:39:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\OpenFM
[2009-08-10 23:05:27 | 00,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2009-08-10 23:05:27 | 00,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-08-10 23:03:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-10 23:02:31 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu
[2009-08-09 22:50:53 | 00,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-08-09 22:49:34 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009-08-09 21:11:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\AdobeAUM
[2009-08-09 21:10:12 | 00,000,000 | R--D | C] -- C:\Documents and Settings\XXX\Moje dokumenty\Moja muzyka
[2009-07-29 13:51:18 | 00,000,009 | ---- | C] () -- C:\WINDOWS\System32\ica
[2009-07-27 22:54:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Canon Easy-PhotoPrint EX
[2009-07-27 22:46:26 | 00,001,951 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iP1900 series Podręcznik ekranowy.lnk
[2009-07-27 22:36:34 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2009-07-27 22:35:45 | 00,230,912 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM9M.DLL
[2009-07-27 22:35:03 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2009-07-27 22:34:09 | 00,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2009-07-26 21:31:27 | 00,109,413 | RHS- | C] () -- C:\oufddh.exe
[2009-07-19 15:16:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\Ashampoo
[2009-07-19 01:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2009-07-17 03:32:41 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-03-08 21:51:58 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008-06-12 23:43:42 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008-03-27 15:49:42 | 00,071,680 | RHS- | C] () -- C:\WINDOWS\System32\amvo1.dll
[2007-11-27 22:12:44 | 00,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2007-11-27 22:12:41 | 00,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2007-11-27 22:12:29 | 00,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2007-10-26 22:26:43 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007-10-23 19:15:58 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007-10-18 20:38:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007-10-18 20:24:45 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2007-10-18 18:46:10 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2007-10-18 16:01:58 | 00,002,176 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2003-11-25 05:01:20 | 00,015,200 | ---- | C] () -- C:\WINDOWS\MSTMON_N.INI
[2003-07-15 04:57:48 | 01,490,944 | ---- | C] () -- C:\WINDOWS\System32\MSTMON_N.DLL
[2003-06-30 14:13:24 | 00,011,521 | ---- | C] () -- C:\WINDOWS\MSUMLT_N.INI
[2002-03-21 15:39:02 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001-07-22 00:16:20 | 00,000,608 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-07 04:00:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-08-15 18:31:33 | 00,000,501 | RHS- | M] () -- C:\autorun.inf
[2009-08-15 18:07:40 | 00,000,009 | ---- | M] () -- C:\WINDOWS\System32\zić
[2009-08-15 14:58:08 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-08-15 14:58:02 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009-08-15 14:57:56 | 00,071,680 | RHS- | M] () -- C:\WINDOWS\System32\amvo0.dll
[2009-08-15 14:56:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-08-15 14:56:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-08-15 00:03:49 | 00,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Inspector File Recovery.lnk
[2009-08-14 23:47:52 | 00,081,060 | ---- | M] () -- C:\Documents and Settings\XXX\Moje dokumenty\index.htm
[2009-08-14 18:52:28 | 02,658,914 | -H-- | M] () -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-08-12 18:00:01 | 00,000,404 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for XXX.job
[2009-08-10 23:05:27 | 00,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2009-08-10 23:05:27 | 00,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-08-10 14:20:32 | 00,071,680 | RHS- | M] () -- C:\WINDOWS\System32\amvo1.dll
[2009-08-09 22:50:53 | 00,001,608 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-08-05 11:08:09 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009-08-05 11:08:09 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009-07-29 13:51:22 | 00,000,009 | ---- | M] () -- C:\WINDOWS\System32\ica
[2009-07-29 00:30:53 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-07-28 00:43:24 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009-07-27 22:46:26 | 00,001,951 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iP1900 series Podręcznik ekranowy.lnk
[2009-07-22 09:20:07 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-07-19 15:31:12 | 03,597,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009-07-19 15:31:12 | 03,597,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009-07-19 15:31:10 | 06,067,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2009-07-19 15:31:10 | 06,067,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009-07-18 03:38:16 | 00,048,184 | ---- | M] () -- C:\Documents and Settings\XXX\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-07-17 21:43:52 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-07-17 20:57:56 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2009-07-17 20:57:56 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atl.dll

========== LOP Check ==========

[2009-08-11 00:40:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2007-10-19 15:36:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit
[2007-11-03 18:18:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2009-07-27 22:36:34 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2009-08-11 00:57:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2008-12-06 16:08:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2007-10-18 14:23:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2007-10-19 15:32:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2007-10-19 15:32:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\ArcaBit
[2007-10-18 14:10:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2009-08-11 00:39:24 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\XXX\Dane aplikacji
[2007-10-18 16:28:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\ACD Systems
[2007-10-23 16:28:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\ArcaBit
[2009-07-19 15:16:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Ashampoo
[2009-08-15 18:32:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\BITS
[2009-08-15 18:28:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\DNA
[2007-10-19 20:25:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Gadu-Gadu
[2009-07-15 15:48:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\gtk-2.0
[2008-06-12 22:16:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Inkscape
[2009-04-26 17:17:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Leadertech
[2007-12-13 22:48:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\LimeWire
[2009-08-10 23:12:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-11 00:39:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\OpenFM
[2008-02-09 22:58:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Opera
[2008-12-06 19:55:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Ulead Systems
[2009-07-22 09:20:07 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-08-12 18:00:01 | 00,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\Norton Security Scan for XXX.job
[2009-08-15 14:56:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009-08-15 14:58:02 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========


< End of report >


proszę czynić cuda!
Gość
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTL

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O32 - AutoRun File - [2009-08-15 18:26:56 | 00,000,501 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2009-08-15 18:26:58 | 00,000,501 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]

O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\AutoRun\command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()

O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\explore\Command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()

O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\open\Command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()

O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\AutoRun\command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()

O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\explore\Command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()

O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\open\Command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()

O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found

O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Reg Error: Key error.)

O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [amva] C:\WINDOWS\System32\amvo.exe ()

O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\ShellBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

:Files

C:\WINDOWS\System32\amvo0.dll

C:\WINDOWS\System32\amvo1.dll

C:\WINDOWS\System32\amvo2.dll

C:\WINDOWS\System32\amvo3.dll

C:\WINDOWS\System32\amvo4.dll

C:\oufddh.exe

D:\oufddh.exe

E:\oufddh.exe

C:\autorun.inf

D:\autorun.inf

E:\autorun.inf

C:\Program Files\MyGlobalSearch

:Reg

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]

"SuperHidden"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]

"Hidden"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]

"ShowSuperHidden"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]

"CheckedValue"=dword:00000001

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]

@=""

:Commands

[emptytemp]

[start explorer]

[Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję Run Scan. Pokazujesz nowy log OTL.txt (z czyszczenia + skan).

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.