dissemblance utworzono 15 sierpnia 2009 utworzono 15 sierpnia 2009 (edytowane) Na początku pragnę zaznaczyć, że mój Windows dąży do autodestrukcji wraz z komputerem, jestem bliska uśmiercenia Gatesa i moja cierpliwość została już nazbyt naruszona. Pragnę zaznaczyć również, że moje umiejętności posługiwania się tą złowieszczą machiną są poniżej zera, więc proszę pisać najprościej jak się da i nie pomijać możliwie oczywistych dla wielu rzeczy. Otóż po uruchomieniu komputera (2 dni temu) okazało się, że na pulpicie znajduje się jedynie mój komputer, kosz, skrót do gg, skrót do przeglądarki i drukarki. Było tam kilka folderów ze zdjęciami (70 % moich zdjęć, kilka na wystawę), oprócz nich kilka dokumentów Worda i może jakiś plik muzyczny. Jednakże najważniejsze są zdjęcia. Najbardziej przeraza mnie jednak fakt, iż po wejściu w mój komputer > dysk C >Documents and setings > użytkownik >pulpit w folderze pulpit nic nie ma, zaiste ciekawy to przypadek. Włączyłam pokazywanie ukrywanych ikon na pulpicie, resetowałam, przywracałam system, sprawdzałam, czy może wdarli się jacyś użytkownicy, zmieniałam ustawienia w panelu sterowania, ściągnęłam program 'PC Inspector File Recovery'-mimo iż nawet znalazł się tam jeden jedyny folder to po zapisaniu podgląd był niedostępny, więc to też nieudane rozwiązanie. Podobnież klasyczny przypadek to taki, że nie ma żadnych ikon i są kłopoty z paskiem z menu Start, u mnie to wygląda inaczej i groźniej, Windows w akcie nienawiści usunął prawie cały pulpit i się droczy ze mną od dwóch dni, ja jako bezradna istota zjawiam się więc u waszego progu licząc na pomoc, także proszę niezmiernie o odpowiedzi, pomysły, inwencję techniczną(nigdy więcej Windowsa. Z poważaniem, P.
Psycholandia komentarz 15 sierpnia 2009 komentarz 15 sierpnia 2009 Nic prócz wirusa nie przychodzi mi na myśl.. Daj logi z OTL: http://www.forumpc.pl/index.php?showtopic=104338 Sprawdzimy czy to jakiś szkodnik.
Vasir komentarz 15 sierpnia 2009 komentarz 15 sierpnia 2009 Mi jeszcze przyszło do głowy takie narzędzie które usuwa nieużywane rzeczy z pulpitu. Ale to raczej nie to, choć kto wie..
Psycholandia komentarz 15 sierpnia 2009 komentarz 15 sierpnia 2009 Wyłącz jeszcze kreator automatycznego oczyszczania pulpitu na wszelki wypadek: http://www.idg.pl/porada/111932/Wylacz.automatyczne.czyszczenie.pulpitu.Windows.html
dissemblance komentarz 15 sierpnia 2009 Autor komentarz 15 sierpnia 2009 (edytowane) Log do sprawdzenia OTL logfile created on: 2009-08-15 18:24:53 - Run 1OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\XXX\Moje dokumenty\DownloadsWindows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 7.0.5730.13)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd255,48 Mb Total Physical Memory | 91,36 Mb Available Physical Memory | 35,76% Memory free706,27 Mb Paging File | 157,80 Mb Available in Paging File | 22,34% Paging File freePaging file location(s): C:\pagefile.sys 384 768 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 24,42 Gb Total Space | 0,76 Gb Free Space | 3,13% Space Free | Partition Type: NTFSDrive D: | 12,83 Gb Total Space | 12,71 Gb Free Space | 99,00% Space Free | Partition Type: FAT32Drive E: | 144,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDFF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: XXX-3B3502B536CCurrent User Name: XXXLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2007-01-11 16:01:56 | 00,200,704 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exePRC - [2007-02-26 16:04:48 | 00,167,936 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\update.exePRC - [2004-08-23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exePRC - [2009-06-27 01:23:38 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exePRC - [2007-10-09 12:10:21 | 00,150,024 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\FileMonSV.exePRC - [2008-09-06 00:30:06 | 00,952,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WgaTray.exePRC - [2007-06-13 15:23:49 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXEPRC - [2007-06-28 17:23:20 | 00,094,208 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\NetMonSV.exePRC - [2007-01-12 16:42:18 | 00,270,336 | ---- | M] (ArcaBit sp. z o.o.) -- C:\Program Files\ArcaBit\Common\TaskScheduler.exePRC - [2007-07-12 10:40:31 | 00,303,104 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\ABregmon.exePRC - [2007-12-05 11:24:54 | 00,477,704 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\AVMenu.exePRC - [2009-06-27 01:23:39 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2006-02-19 03:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exePRC - [2009-04-26 17:12:05 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exePRC - [2004-04-13 06:07:08 | 00,151,552 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\WINDOWS\System32\MSTMON_N.EXEPRC - [2004-10-05 17:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\TaskBarIcon.exePRC - [2005-06-06 23:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exePRC - [2008-08-19 09:47:38 | 01,795,656 | ---- | M] (FLASHGET) -- C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exePRC - [2008-03-04 03:06:00 | 01,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exePRC - [2008-04-09 16:34:59 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exePRC - [2008-02-22 16:14:00 | 00,287,040 | ---- | M] () -- C:\Program Files\DNA\btdna.exePRC - [2004-10-13 18:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exePRC - [2009-07-27 17:42:10 | 10,719,848 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exePRC - [2006-02-19 05:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exePRC - [2009-07-27 16:39:44 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exePRC - [2006-02-19 06:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exePRC - [2005-12-06 14:53:30 | 00,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\neostradatp.exePRC - [2005-11-22 12:54:18 | 00,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\ComComp.exePRC - [2004-11-02 15:31:20 | 00,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\neostrada tp\Toaster.exePRC - [2004-10-27 11:30:44 | 00,032,768 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.exePRC - [2004-10-27 11:07:06 | 00,069,632 | ---- | M] () -- C:\Program Files\neostrada tp\PollingModule.exePRC - [2004-10-21 08:50:52 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\AlertModule\AlertModule.exePRC - [2004-08-23 14:49:56 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\Watch.exePRC - [2009-07-30 00:14:32 | 00,849,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exePRC - [2009-07-30 00:14:32 | 00,849,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exePRC - [2009-07-30 00:14:32 | 00,849,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exePRC - [2009-07-30 00:14:32 | 00,849,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exePRC - [2009-08-15 18:22:26 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XXX\Moje dokumenty\Downloads\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2007-10-09 12:10:21 | 00,150,024 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\FileMonSV.exe -- (ABFileMon [Auto | Running])SRV - [2007-06-28 17:23:20 | 00,094,208 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe -- (ABNetMon [Auto | Running])SRV - [2007-01-11 16:01:56 | 00,200,704 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe -- (ArcaBit.Core.Configurator [On_Demand | Running])SRV - [2007-01-11 16:03:58 | 00,237,568 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.LoggingService.exe -- (ArcaBit.Core.LoggingService [On_Demand | Stopped])SRV - [2007-01-12 16:42:18 | 00,270,336 | ---- | M] (ArcaBit sp. z o.o.) -- C:\Program Files\ArcaBit\Common\TaskScheduler.exe -- (ArcaBit.TaskScheduler [Auto | Running])SRV - File not found -- -- (AresChatServer [On_Demand | Stopped])SRV - [2007-02-26 16:04:48 | 00,167,936 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaUpdate\update.exe -- (AVUpdate [Auto | Running])SRV - [2004-08-23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe -- (FTRTSVC [Auto | Running])SRV - [2009-05-01 21:12:35 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])SRV - [2009-06-27 01:23:38 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])SRV - [2006-03-03 22:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [unknown | Stopped])========== Driver Services (SafeList) ==========DRV - [2007-09-12 14:37:47 | 00,030,208 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\abflt.sys -- (ABFLT [On_Demand | Running])DRV - [2007-05-08 14:45:01 | 00,044,032 | ---- | M] (ArcaBit) -- C:\Program Files\ArcaBit\ArcaVir\ABTDI.sys -- (ABTDI [system | Running])DRV - [2004-08-04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])DRV - [2006-04-12 12:04:39 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])DRV - [2006-04-12 12:04:39 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])DRV - [2006-04-12 12:04:39 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])DRV - [2004-08-04 02:38:40 | 00,607,068 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Stopped])DRV - [2003-07-18 02:44:24 | 00,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\WINDOWS\System32\MLPTDR_N.SYS -- (MLPTDR_N [Auto | Running])DRV - [2001-08-17 23:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Stopped])DRV - [2007-02-13 01:12:04 | 00,021,376 | ---- | M] (Motorola) -- C:\WINDOWS\System32\DRIVERS\motmodem.sys -- (motmodem [On_Demand | Stopped])DRV - [2001-08-18 00:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])DRV - [2003-08-04 13:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])DRV - [2007-10-18 16:27:17 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2006-05-15 15:35:36 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped])DRV - [2007-11-13 12:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2004-11-03 14:14:26 | 00,267,136 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sis7012.sys -- (SiS7012 [On_Demand | Running])DRV - [2003-07-18 09:58:20 | 00,036,992 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp [boot | Running])DRV - [2004-08-04 00:31:36 | 00,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\System32\DRIVERS\sisnic.sys -- (SISNIC [On_Demand | Running])DRV - [2003-08-12 16:51:00 | 00,060,255 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\System32\DRIVERS\stmatm.sys -- (Stmatm [On_Demand | Running])DRV - [2006-05-25 17:28:44 | 00,684,265 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\torususb.sys -- (TaurusUsb [On_Demand | Running])DRV - File not found -- Service key not found. -- (zsderhgfdqo [unknown | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comIE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.plIE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ieIE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll ()IE - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\S-1-5-21-1078081533-1580818891-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: "Google"FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="FF - prefs.js..browser.search.selectedEngine: "Google"FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.1.9.6FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20090119WFF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-27 01:23:40 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-08-10 12:21:04 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-08-09 22:50:11 | 00,000,000 | ---D | M][2009-04-14 18:36:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Extensions[2009-04-14 18:36:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-08-10 12:11:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Firefox\Profiles\vcg4yhpt.default\extensions[2009-07-05 22:48:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Firefox\Profiles\vcg4yhpt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}[2009-04-15 19:00:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Firefox\Profiles\vcg4yhpt.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}[2009-08-10 12:23:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\mozilla\Firefox\Profiles\yphrldjj.PAT\extensions[2009-08-09 22:50:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-08-09 22:50:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2009-07-31 01:45:28 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-07-31 01:45:28 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009-07-31 01:45:28 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2009-07-31 00:44:16 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-07-31 00:44:16 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-07-31 01:45:26 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-07-31 00:44:16 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-07-31 00:44:16 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-07-31 00:44:16 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-07-31 00:44:16 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\XXX\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\ShellBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)O4 - HKLM..\Run: [ABRegmon] C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe (ArcaBit)O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.DLL (STMicroelectronics )O4 - HKLM..\Run: [ArcaCheck] C:\Program Files\ArcaBit\ArcaVir\ArcaCheck.exe (ArcaBit)O4 - HKLM..\Run: [AvMenu] C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (ArcaBit)O4 - HKLM..\Run: [bearShare] C:\Program Files\BearShare\BearShare.exe File not foundO4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)O4 - HKLM..\Run: [FlashGet] C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe (FLASHGET)O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)O4 - HKLM..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\WINDOWS\System32\MSTMON_N.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe File not foundO4 - HKLM..\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D)O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [amva] C:\WINDOWS\System32\amvo.exe ()O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe File not foundO4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [bitTorrent DNA] C:\Program Files\DNA\btdna.exe ()O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [GoD] C:\Documents and Settings\XXX\Moje dokumenty\GoD\GoD.exe File not foundO4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)O16 - DPF: {33DFB28A-9792-4AFC-B594-D589365DF67D} http://www.bahu.com/BahuPhotoUploader.cab (Bahu Photo Uploader)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\TS_LogonListener: DllName - TS_LogonListener.dll - C:\WINDOWS\System32\TS_LogonListener.dll (ArcaBit sp. z o.o.)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2007-10-18 14:03:31 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O32 - AutoRun File - [2009-08-15 18:26:56 | 00,000,501 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-08-15 18:26:58 | 00,000,501 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\AutoRun\command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\explore\Command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\open\Command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\AutoRun\command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\explore\Command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\open\Command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] ()O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not foundO33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not foundO34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found========== Files/Folders - Created Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][3 C:\WINDOWS\*.tmp files][2009-08-15 18:07:34 | 00,000,009 | ---- | C] () -- C:\WINDOWS\System32\zić[2009-08-15 15:07:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood[2009-08-15 00:03:56 | 00,006,200 | ---- | C] () -- C:\WINDOWS\System32\INT13EXT.VXD[2009-08-15 00:03:49 | 00,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Inspector File Recovery.lnk[2009-08-14 23:47:51 | 00,081,060 | ---- | C] () -- C:\Documents and Settings\XXX\Moje dokumenty\index.htm[2009-08-14 18:41:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles[2009-08-14 18:05:35 | 00,071,680 | RHS- | C] () -- C:\WINDOWS\System32\amvo0.dll[2009-08-11 00:40:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM[2009-08-11 00:39:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\OpenFM[2009-08-10 23:05:27 | 00,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk[2009-08-10 23:05:27 | 00,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk[2009-08-10 23:03:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\Nowe Gadu-Gadu[2009-08-10 23:02:31 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu[2009-08-09 22:50:53 | 00,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk[2009-08-09 22:49:34 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox[2009-08-09 21:11:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\AdobeAUM[2009-08-09 21:10:12 | 00,000,000 | R--D | C] -- C:\Documents and Settings\XXX\Moje dokumenty\Moja muzyka[2009-07-29 13:51:18 | 00,000,009 | ---- | C] () -- C:\WINDOWS\System32\ica[2009-07-27 22:54:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\Canon Easy-PhotoPrint EX[2009-07-27 22:46:26 | 00,001,951 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iP1900 series Podręcznik ekranowy.lnk[2009-07-27 22:36:34 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ[2009-07-27 22:35:45 | 00,230,912 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM9M.DLL[2009-07-27 22:35:03 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information[2009-07-27 22:34:09 | 00,000,000 | -H-D | C] -- C:\Program Files\CanonBJ[2009-07-26 21:31:27 | 00,109,413 | RHS- | C] () -- C:\oufddh.exe[2009-07-19 15:16:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XXX\Dane aplikacji\Ashampoo[2009-07-19 01:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo[2009-07-17 03:32:41 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat[2009-03-08 21:51:58 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll[2008-06-12 23:43:42 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI[2008-03-27 15:49:42 | 00,071,680 | RHS- | C] () -- C:\WINDOWS\System32\amvo1.dll[2007-11-27 22:12:44 | 00,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini[2007-11-27 22:12:41 | 00,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini[2007-11-27 22:12:29 | 00,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys[2007-10-26 22:26:43 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2007-10-23 19:15:58 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2007-10-18 20:38:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI[2007-10-18 20:24:45 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL[2007-10-18 18:46:10 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll[2007-10-18 16:01:58 | 00,002,176 | ---- | C] () -- C:\WINDOWS\wincmd.ini[2003-11-25 05:01:20 | 00,015,200 | ---- | C] () -- C:\WINDOWS\MSTMON_N.INI[2003-07-15 04:57:48 | 01,490,944 | ---- | C] () -- C:\WINDOWS\System32\MSTMON_N.DLL[2003-06-30 14:13:24 | 00,011,521 | ---- | C] () -- C:\WINDOWS\MSUMLT_N.INI[2002-03-21 15:39:02 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL[2001-07-22 00:16:20 | 00,000,608 | ---- | C] () -- C:\WINDOWS\win.ini[2001-07-22 00:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini[2001-07-07 04:00:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI========== Files - Modified Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][3 C:\WINDOWS\*.tmp files][2009-08-15 18:31:33 | 00,000,501 | RHS- | M] () -- C:\autorun.inf[2009-08-15 18:07:40 | 00,000,009 | ---- | M] () -- C:\WINDOWS\System32\zić[2009-08-15 14:58:08 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009-08-15 14:58:02 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job[2009-08-15 14:57:56 | 00,071,680 | RHS- | M] () -- C:\WINDOWS\System32\amvo0.dll[2009-08-15 14:56:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-08-15 14:56:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-08-15 00:03:49 | 00,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Inspector File Recovery.lnk[2009-08-14 23:47:52 | 00,081,060 | ---- | M] () -- C:\Documents and Settings\XXX\Moje dokumenty\index.htm[2009-08-14 18:52:28 | 02,658,914 | -H-- | M] () -- C:\Documents and Settings\XXX\Ustawienia lokalne\Dane aplikacji\IconCache.db[2009-08-12 18:00:01 | 00,000,404 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for XXX.job[2009-08-10 23:05:27 | 00,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk[2009-08-10 23:05:27 | 00,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk[2009-08-10 14:20:32 | 00,071,680 | RHS- | M] () -- C:\WINDOWS\System32\amvo1.dll[2009-08-09 22:50:53 | 00,001,608 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk[2009-08-05 11:08:09 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll[2009-08-05 11:08:09 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll[2009-07-29 13:51:22 | 00,000,009 | ---- | M] () -- C:\WINDOWS\System32\ica[2009-07-29 00:30:53 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat[2009-07-28 00:43:24 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx[2009-07-27 22:46:26 | 00,001,951 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iP1900 series Podręcznik ekranowy.lnk[2009-07-22 09:20:07 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2009-07-19 15:31:12 | 03,597,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll[2009-07-19 15:31:12 | 03,597,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll[2009-07-19 15:31:10 | 06,067,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll[2009-07-19 15:31:10 | 06,067,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll[2009-07-18 03:38:16 | 00,048,184 | ---- | M] () -- C:\Documents and Settings\XXX\Dane aplikacji\GDIPFONTCACHEV1.DAT[2009-07-17 21:43:52 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2009-07-17 20:57:56 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll[2009-07-17 20:57:56 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atl.dll========== LOP Check ==========[2009-08-11 00:40:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2007-10-19 15:36:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit[2007-11-03 18:18:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software[2009-07-27 22:36:34 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ[2009-08-11 00:57:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM[2008-12-06 16:08:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems[2007-10-18 14:23:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2007-10-19 15:32:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2007-10-19 15:32:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\ArcaBit[2007-10-18 14:10:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2009-08-11 00:39:24 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\XXX\Dane aplikacji[2007-10-18 16:28:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\ACD Systems[2007-10-23 16:28:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\ArcaBit[2009-07-19 15:16:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Ashampoo[2009-08-15 18:32:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\BITS[2009-08-15 18:28:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\DNA[2007-10-19 20:25:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Gadu-Gadu[2009-07-15 15:48:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\gtk-2.0[2008-06-12 22:16:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Inkscape[2009-04-26 17:17:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Leadertech[2007-12-13 22:48:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\LimeWire[2009-08-10 23:12:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Nowe Gadu-Gadu[2009-08-11 00:39:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\OpenFM[2008-02-09 22:58:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Opera[2008-12-06 19:55:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Dane aplikacji\Ulead Systems[2009-07-22 09:20:07 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2009-08-12 18:00:01 | 00,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\Norton Security Scan for XXX.job[2009-08-15 14:56:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT[2009-08-15 14:58:02 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job========== Purity Check ==========< End of report > proszę czynić cuda!
Gość komentarz 16 sierpnia 2009 komentarz 16 sierpnia 2009 Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt: :OTL PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) O32 - AutoRun File - [2009-08-15 18:26:56 | 00,000,501 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-08-15 18:26:58 | 00,000,501 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{3dc031d0-6218-11dd-9560-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{610550f1-ed51-11dd-9723-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{72854105-6c53-11de-98d1-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{75b68490-3b10-11dd-94dd-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{8d7860e0-9451-11dc-92ca-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\AutoRun\command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] () O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\explore\Command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] () O33 - MountPoints2\{c52ec7b3-7d73-11dc-b7dc-806d6172696f}\Shell\open\Command - "" = C:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] () O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\AutoRun\command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] () O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\explore\Command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] () O33 - MountPoints2\{c52ec7b4-7d73-11dc-b7dc-806d6172696f}\Shell\open\Command - "" = D:\oufddh.exe -- [2008-02-23 22:28:50 | 00,109,413 | RHS- | M] () O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{eb8fd340-32fa-11dd-94ca-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\AutoRun\command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\explore\Command - "" = G:\oufddh.exe -- File not found O33 - MountPoints2\{fe868f60-154a-11dd-946d-0007951b705a}\Shell\open\Command - "" = G:\oufddh.exe -- File not found O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Reg Error: Key error.) O4 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003..\Run: [amva] C:\WINDOWS\System32\amvo.exe () O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\ShellBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKU\S-1-5-21-1078081533-1580818891-854245398-1003\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) :Files C:\WINDOWS\System32\amvo0.dll C:\WINDOWS\System32\amvo1.dll C:\WINDOWS\System32\amvo2.dll C:\WINDOWS\System32\amvo3.dll C:\WINDOWS\System32\amvo4.dll C:\oufddh.exe D:\oufddh.exe E:\oufddh.exe C:\autorun.inf D:\autorun.inf E:\autorun.inf C:\Program Files\MyGlobalSearch :Reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "SuperHidden"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Hidden"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "ShowSuperHidden"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=dword:00000001 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] @="" :Commands [emptytemp] [start explorer] [Reboot] Kliknij w Run Fix. Zatwierdź restart komputera. Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję Run Scan. Pokazujesz nowy log OTL.txt (z czyszczenia + skan). .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.