x-kom hosting

System szwankuje - OTL

xanotol
utworzono
utworzono
Log do sprawdzenia
OTL logfile created on: 2009-08-24 08:39:39 - Run 2
OTL by OldTimer - Version 3.0.10.7 Folder = H:\Documents and Settings\pc\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 66,42% Memory free
3,35 Gb Paging File | 2,82 Gb Available in Paging File | 84,15% Paging File free
Paging file location(s): H:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 102,77 Gb Total Space | 67,00 Gb Free Space | 65,20% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 97,65 Gb Total Space | 91,75 Gb Free Space | 93,96% Space Free | Partition Type: NTFS
Drive K: | 97,66 Gb Total Space | 73,21 Gb Free Space | 74,96% Space Free | Partition Type: NTFS

Computer Name: GARY
Current User Name: pc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Explorer.EXE
PRC - [2007-07-05 10:08:46 | 16,380,416 | R--- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\RTHDCPL.EXE
PRC - [2009-02-14 21:04:59 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008-10-25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008-08-18 13:23:50 | 01,447,168 | ---- | M] (ESET) -- H:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008-12-03 15:55:44 | 02,158,592 | ---- | M] () -- H:\Program Files\Vtune\TBPanel.exe
PRC - [2008-03-20 12:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- H:\Program Files\Gadu-Gadu\gg.exe
PRC - [2009-04-23 15:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- K:\Programy\DAEMON Tools Lite\daemon.exe
PRC - [2008-06-24 16:06:06 | 01,840,424 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- K:\xampp\apache\bin\apache.exe
PRC - [2006-02-28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-08-18 13:25:10 | 00,468,224 | ---- | M] (ESET) -- H:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-02-14 21:04:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-03-16 13:29:28 | 06,562,432 | ---- | M] () -- K:\xampp\mysql\bin\mysqld.exe
PRC - [2008-06-08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- H:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2008-12-03 09:35:49 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\WINDOWS\System32\nvsvc32.exe
PRC - [2006-12-19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- H:\WINDOWS\System32\IoctlSvc.exe
PRC - [2009-03-19 15:13:13 | 00,066,872 | ---- | M] () -- H:\WINDOWS\System32\PnkBstrA.exe
PRC - [2004-08-11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\wdfmgr.exe
PRC - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- K:\xampp\apache\bin\apache.exe
PRC - [2008-06-24 16:05:56 | 00,537,896 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2008-12-10 23:32:46 | 00,098,816 | ---- | M] (Opera Software) -- H:\Program Files\Opera\opera.exe
PRC - [2009-08-23 14:18:52 | 00,514,048 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\pc\Pulpit\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2001-10-26 19:30:00 | 00,003,584 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset [Auto | Stopped])
SRV - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- K:\xampp\apache\bin\apache.exe -- (apache2.2 [Auto | Running])
SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006-02-28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008-08-18 13:30:58 | 00,019,200 | ---- | M] (ESET) -- H:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV - [2008-08-18 13:25:10 | 00,468,224 | ---- | M] (ESET) -- H:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2009-03-12 15:53:17 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2006-10-20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008-08-01 00:16:28 | 00,136,120 | ---- | M] (Google) -- H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006-10-30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])
SRV - [2009-02-14 21:04:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008-10-25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2009-03-16 13:29:28 | 06,562,432 | ---- | M] () -- K:\xampp\mysql\bin\mysqld.exe -- (MySql [Auto | Running])
SRV - [2008-06-08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- H:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2006-10-30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008-06-24 16:05:56 | 00,537,896 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2001-10-26 19:30:00 | 00,003,584 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\regedt32.exe -- (NOD32FiXTemDono [Auto | Stopped])
SRV - [2008-12-03 09:35:49 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006-12-19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- H:\WINDOWS\System32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
SRV - [2009-03-19 15:13:13 | 00,066,872 | ---- | M] () -- H:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - File not found -- -- (StarWindServiceAE [Auto | Stopped])
SRV - [2004-08-11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - [2007-12-21 04:01:02 | 00,060,928 | ---- | M] () -- K:\xampp\service.exe -- (XAMPP [Auto | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009-07-13 08:20:50 | 00,000,000 | ---- | M] () -- H:\WINDOWS\System32\drivers\8752aea7.sys -- (8752aea7 [system | Stopped])
DRV - [2009-01-19 20:31:56 | 00,277,544 | ---- | M] (Protect Software GmbH) -- H:\WINDOWS\System32\drivers\acedrv11.sys -- (acedrv11 [Auto | Running])
DRV - [2007-03-16 11:11:38 | 00,012,256 | ---- | M] (Windows ® 2000 DDK provider) -- H:\WINDOWS\System32\drivers\TBPANEL.SYS -- (Cardex [On_Demand | Stopped])
DRV - [2008-08-18 13:18:26 | 00,039,944 | ---- | M] (ESET) -- H:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV - [2008-08-18 13:19:26 | 00,053,256 | ---- | M] (ESET) -- H:\WINDOWS\System32\DRIVERS\easdrv.sys -- (easdrv [system | Running])
DRV - [2008-09-17 14:14:00 | 00,027,672 | R--- | M] (EnTech Taiwan) -- H:\WINDOWS\System32\DRIVERS\ENTECH.sys -- (ENTECH [On_Demand | Stopped])
DRV - [2008-08-18 13:27:42 | 00,034,312 | ---- | M] () -- H:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [system | Running])
DRV - [2006-11-24 15:47:50 | 00,040,136 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\Drivers\ET5Drv.sys -- (ET5Drv [On_Demand | Running])
DRV - [2009-02-14 20:37:38 | 00,015,600 | ---- | M] (Windows ® 2000 DDK provider) -- H:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped])
DRV - [2009-06-16 15:27:05 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- H:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Stopped])
DRV - [2005-01-07 18:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- H:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007-07-18 13:26:04 | 04,547,584 | R--- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2008-12-03 09:35:49 | 06,188,320 | ---- | M] (NVIDIA Corporation) -- H:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2006-10-18 17:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) -- H:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [boot | Running])
DRV - [2006-11-27 17:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) -- H:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2006-11-27 17:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) -- H:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2009-03-08 12:38:02 | 00,047,360 | ---- | M] (VSO Software) -- H:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Stopped])
DRV - [2004-05-05 22:48:40 | 00,004,228 | ---- | M] (PowerQuest Corporation) -- H:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv [system | Running])
DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008-11-20 21:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- H:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])
DRV - [2001-08-17 23:57:36 | 00,005,888 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () -- H:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2009-05-23 09:01:38 | 00,721,904 | ---- | M] () -- H:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])
DRV - [2007-05-02 12:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) -- H:\WINDOWS\System32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped])
DRV - [2007-05-02 12:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) -- H:\WINDOWS\System32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped])
DRV - [2007-05-02 12:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) -- H:\WINDOWS\System32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped])
DRV - [2009-03-08 14:26:33 | 00,005,632 | ---- | M] () -- H:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [system | Running])
DRV - [2007-03-16 11:11:38 | 00,012,256 | ---- | M] (Windows ® 2000 DDK provider) -- H:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101723&l=dis
IE - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\S-1-5-21-1708537768-1614895754-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\S-1-5-21-1708537768-1614895754-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/intl/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: H:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-02-14 21:04:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: H:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009-02-14 20:59:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\mozilla\Extensions
[2009-02-14 20:59:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-05-23 13:04:59 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\mozilla\Firefox\Profiles\qofdoltr.default\extensions
[2009-05-23 13:04:59 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\mozilla\Firefox\Profiles\qofdoltr.default\extensions\DTToolbar@toolbarnet.com

O1 HOSTS File: (742 bytes) - H:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - H:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - H:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - H:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\..\Toolbar\WebBrowser: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Alcmtr] H:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [EasyTuneV] H:\Program Files\Gigabyte\ET5\ETcall.exe ()
O4 - HKLM..\Run: [egui] H:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] H:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] H:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] H:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] H:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] H:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [skyTel] H:\WINDOWS\SkyTel.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [sunJavaUpdateSched] H:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [DAEMON Tools Lite] K:\Programy\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [EA Core] H:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [Gadu-Gadu] H:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [Google Update] H:\Documents and Settings\pc\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe File not found
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [msnmsgr] H:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [Real Desktop] K:\Real Desktop\Real Desktop.exe File not found
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [spybotSD TeaTimer] H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\Run: [TBPanel] H:\Program Files\Vtune\TBPanel.exe ()
O4 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003..\RunOnce: [shockwave Updater] H:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Opera\9.63 (Windows NT 5.1; U; pl) Presto\2.1.1 File not found
O4 - Startup: H:\Documents and Settings\pc\Menu Start\Programy\Autostart\WinMySQLadmin.lnk = K:\xampp\mysql\bin\winmysqladmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1708537768-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - H:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\crypt: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000-02-15 13:46:08 | 01,153,024 | ---- | M] () - J:\autorun.exe -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - H:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009-08-24 07:33:22 | 00,000,000 | ---D | C] -- H:\_OTL
[2009-08-23 14:18:43 | 00,514,048 | ---- | C] (OldTimer Tools) -- H:\Documents and Settings\pc\Pulpit\OTL.exe
[2009-08-21 17:54:43 | 00,000,000 | ---D | C] -- H:\Documents and Settings\pc\Pulpit\zalew
[2009-08-20 09:01:39 | 00,000,000 | ---D | C] -- H:\Program Files\FlashFXP
[2009-08-20 09:01:38 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\FlashFXP
[2009-08-10 17:07:36 | 00,000,000 | ---D | C] -- H:\Documents and Settings\pc\Moje dokumenty\Nero
[2009-08-09 12:18:44 | 00,000,000 | ---D | C] -- H:\Documents and Settings\pc\Moje dokumenty\Downloads
[2009-08-09 12:14:51 | 00,000,000 | ---D | C] -- H:\Documents and Settings\pc\Ustawienia lokalne\Dane aplikacji\Temp
[2009-08-08 17:40:05 | 00,001,917 | ---- | C] () -- H:\WINDOWS\imsins.BAK
[2009-08-08 13:48:33 | 00,000,000 | ---D | C] -- H:\Documents and Settings\pc\Dane aplikacji\Divine
[2009-08-08 13:45:34 | 00,626,688 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\msvcr80.dll
[2009-08-08 13:45:34 | 00,548,864 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\msvcp80.dll
[2009-08-08 13:45:32 | 00,754,176 | ---- | C] (Terra Informatica Software, Inc., British Columbia, Canada.) -- H:\WINDOWS\htmlayout.dll
[2009-08-08 13:45:32 | 00,000,000 | ---D | C] -- H:\Program Files\Divine
[2009-08-03 17:00:53 | 00,413,696 | ---- | C] (Creative Labs) -- H:\WINDOWS\System32\wrap_oal.dll
[2009-08-03 17:00:53 | 00,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- H:\WINDOWS\System32\OpenAL32.dll
[2009-08-03 17:00:53 | 00,000,000 | ---D | C] -- H:\Program Files\OpenAL
[2009-08-03 17:00:34 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\Futuremark
[2009-08-03 17:00:34 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\Futuremark Shared
[2009-08-03 16:59:45 | 00,000,000 | ---D | C] -- H:\Program Files\Futuremark
[2009-07-30 14:36:12 | 00,000,000 | ---D | C] -- H:\Program Files\ProtectDisc Driver Installer
[2009-07-30 14:36:10 | 00,004,096 | ---- | C] () -- H:\Documents and Settings\All Users\Dokumenty\00001027.LCS
[2009-07-30 14:36:09 | 00,000,000 | ---D | C] -- H:\Documents and Settings\pc\Dane aplikacji\ProtectDisc
[2009-07-29 19:54:43 | 00,000,588 | ---- | C] () -- H:\Documents and Settings\pc\Menu Start\Programy\Autostart\WinMySQLadmin.lnk
[2009-07-27 19:11:31 | 00,000,933 | ---- | C] () -- H:\Documents and Settings\pc\Pulpit\Spybot - Search & Destroy.lnk
[2009-07-27 19:11:23 | 00,000,000 | ---D | C] -- H:\Program Files\Spybot - Search & Destroy
[2009-07-27 19:11:23 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
[2009-07-27 19:07:57 | 00,000,000 | ---D | C] -- H:\Program Files\CCleaner
[2009-07-26 21:21:59 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\eSellerate
[2009-07-22 09:42:49 | 00,000,069 | ---- | C] () -- H:\WINDOWS\NeroDigital.ini
[2009-07-20 16:53:13 | 00,160,768 | ---- | C] () -- H:\WINDOWS\System32\io.dll
[2009-07-13 09:03:33 | 00,129,024 | ---- | C] () -- H:\WINDOWS\inout1.dll
[2009-06-22 07:37:57 | 00,000,000 | ---- | C] () -- H:\WINDOWS\System32\drivers\8752aea7.sys
[2009-05-23 09:01:37 | 00,721,904 | ---- | C] () -- H:\WINDOWS\System32\drivers\sptd.sys
[2009-03-22 10:29:50 | 00,000,482 | ---- | C] () -- H:\WINDOWS\my.ini
[2009-03-19 15:13:42 | 00,138,184 | ---- | C] () -- H:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-03-08 13:35:10 | 00,005,632 | ---- | C] () -- H:\WINDOWS\System32\drivers\StarOpen.sys
[2009-02-14 21:16:52 | 00,000,038 | ---- | C] () -- H:\WINDOWS\avisplitter.ini
[2009-02-14 21:16:51 | 03,596,288 | ---- | C] () -- H:\WINDOWS\System32\qt-dx331.dll
[2009-02-14 21:16:50 | 00,007,680 | ---- | C] () -- H:\WINDOWS\System32\ff_vfw.dll
[2009-02-14 21:16:50 | 00,000,547 | ---- | C] () -- H:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-01-25 23:10:48 | 00,179,200 | ---- | C] () -- H:\WINDOWS\System32\xvidvfw.dll
[2009-01-09 01:01:22 | 00,629,760 | ---- | C] () -- H:\WINDOWS\System32\xvidcore.dll
[2008-12-03 09:35:49 | 01,703,936 | ---- | C] () -- H:\WINDOWS\System32\nvwdmcpl.dll
[2008-12-03 09:35:49 | 01,486,848 | ---- | C] () -- H:\WINDOWS\System32\nview.dll
[2008-12-03 09:35:49 | 01,019,904 | ---- | C] () -- H:\WINDOWS\System32\nvwimg.dll
[2008-12-03 09:35:49 | 00,466,944 | ---- | C] () -- H:\WINDOWS\System32\nvshell.dll
[2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- H:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelFrench.dll
[2008-08-18 13:27:42 | 00,034,312 | ---- | C] () -- H:\WINDOWS\System32\drivers\epfwtdir.sys
[2004-07-17 11:36:38 | 00,027,440 | ---- | C] () -- H:\WINDOWS\System32\drivers\secdrv.sys
[2001-07-22 00:16:20 | 00,000,573 | ---- | C] () -- H:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 00,000,227 | ---- | C] () -- H:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[4 H:\WINDOWS\*.tmp files]
[2009-08-24 08:38:03 | 00,203,520 | ---- | M] () -- H:\WINDOWS\System32\nvapps.xml
[2009-08-24 08:01:00 | 00,000,228 | ---- | M] () -- H:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2009-08-24 07:34:30 | 00,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2009-08-24 07:34:30 | 00,000,006 | -H-- | M] () -- H:\WINDOWS\tasks\SA.DAT
[2009-08-23 14:18:52 | 00,514,048 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\pc\Pulpit\OTL.exe
[2009-08-23 12:36:20 | 00,000,069 | ---- | M] () -- H:\WINDOWS\NeroDigital.ini
[2009-08-17 10:56:47 | 00,030,720 | ---- | M] () -- H:\Documents and Settings\pc\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-11 10:58:09 | 00,001,917 | ---- | M] () -- H:\WINDOWS\imsins.BAK
[2009-08-08 20:47:41 | 00,000,000 | ---- | M] () -- H:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2009-08-08 17:42:06 | 01,081,004 | ---- | M] () -- H:\WINDOWS\System32\PerfStringBackup.INI
[2009-08-08 17:42:06 | 00,487,982 | ---- | M] () -- H:\WINDOWS\System32\perfh015.dat
[2009-08-08 17:42:06 | 00,430,496 | ---- | M] () -- H:\WINDOWS\System32\perfh009.dat
[2009-08-08 17:42:06 | 00,083,266 | ---- | M] () -- H:\WINDOWS\System32\perfc015.dat
[2009-08-08 17:42:06 | 00,067,220 | ---- | M] () -- H:\WINDOWS\System32\perfc009.dat
[2009-08-06 10:31:01 | 00,002,206 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2009-08-03 17:00:53 | 00,413,696 | ---- | M] (Creative Labs) -- H:\WINDOWS\System32\wrap_oal.dll
[2009-08-03 17:00:53 | 00,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- H:\WINDOWS\System32\OpenAL32.dll
[2009-07-31 06:52:59 | 00,000,573 | ---- | M] () -- H:\WINDOWS\win.ini
[2009-07-31 06:52:59 | 00,000,227 | ---- | M] () -- H:\WINDOWS\system.ini
[2009-07-30 14:36:40 | 00,004,096 | ---- | M] () -- H:\Documents and Settings\All Users\Dokumenty\00001027.LCS
[2009-07-27 19:11:31 | 00,000,933 | ---- | M] () -- H:\Documents and Settings\pc\Pulpit\Spybot - Search & Destroy.lnk
[2009-07-26 22:11:15 | 00,000,156 | ---- | M] () -- H:\WINDOWS\Twunk001.MTX
[2009-07-26 22:11:15 | 00,000,003 | ---- | M] () -- H:\WINDOWS\Twain001.Mtx

========== LOP Check ==========

[2009-08-20 09:01:38 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\All Users\Dane aplikacji
[2009-07-21 14:59:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2009-04-26 09:35:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ALM
[2009-06-22 15:26:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\America's Army Deploy Client
[2009-02-22 15:07:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2009-05-23 13:05:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-07-13 13:54:27 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-02-20 20:03:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ESET
[2009-08-20 09:01:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\FlashFXP
[2009-03-13 16:30:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2009-03-15 12:12:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Sony
[2009-08-16 09:34:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-03-08 15:41:39 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\vsosdk
[2009-02-15 01:52:06 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Default User\Dane aplikacji
[2009-02-15 01:02:26 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji
[2009-02-15 01:02:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Dane aplikacji
[2009-08-08 13:48:33 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\pc\Dane aplikacji
[2009-07-21 15:04:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Ahead
[2009-02-22 15:09:16 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Ashampoo
[2009-05-21 15:55:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Audacity
[2009-04-22 15:18:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Canneverbe_Limited
[2009-05-23 13:07:36 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\DAEMON Tools Lite
[2009-08-08 13:48:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Divine
[2009-08-13 13:07:45 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\FileZilla
[2009-08-22 19:06:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\foobar2000
[2009-02-14 21:26:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Gadu-Gadu
[2009-05-15 17:33:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\GanymedeNet
[2009-06-16 16:00:18 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Hamachi
[2009-03-21 21:04:43 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Nowe Gadu-Gadu
[2009-02-15 09:08:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Opera
[2009-07-30 14:36:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\ProtectDisc
[2009-03-15 12:55:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Publish Providers
[2009-06-22 17:49:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Remere's Map Editor
[2009-06-11 21:38:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Samsung
[2009-04-10 10:38:59 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\SmartFTP
[2009-03-15 12:55:14 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Sony
[2009-03-15 11:55:47 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Sony Setup
[2009-03-15 12:11:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\teamspeak2
[2009-08-13 13:40:57 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Tibia
[2009-03-15 12:06:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\pc\Dane aplikacji\Vso
[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- H:\WINDOWS\Tasks\desktop.ini
[2009-08-24 07:34:30 | 00,000,006 | -H-- | M] () -- H:\WINDOWS\Tasks\SA.DAT
[2009-08-24 08:01:00 | 00,000,228 | ---- | M] () -- H:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:C8B8CEBD
@Alternate Data Stream - 300 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
@Alternate Data Stream - 110 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86
< End of report >

Gość
komentarz
komentarz

Jest OK.

Użyj programu Malwarebytes.

Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok.

Wrzuć wygenerowany raport po usuwaniu MBAMem.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.