x-kom hosting

Problem z wirusem, dziwne zachowywanie się komputera

sseb
utworzono
utworzono

Witam, bardzpo prosze o sprawdzenie loga:

Log do sprawdzenia
OTL logfile created on: 2009-08-26 15:24:51 - Run 1

OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Pan\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free

4,00 Gb Paging File | 3,92 Gb Available in Paging File | 97,97% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 48,83 Gb Total Space | 2,23 Gb Free Space | 4,57% Space Free | Partition Type: NTFS

Drive D: | 249,25 Gb Total Space | 151,98 Gb Free Space | 60,97% Space Free | Partition Type: NTFS

Drive E: | 6,27 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: SE-3127EB83B72D

Current User Name: Pan

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2008-04-22 22:54:40 | 00,536,576 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe

PRC - [2008-04-14 15:03:54 | 00,342,624 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

PRC - [2009-05-21 13:23:04 | 00,909,312 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe

PRC - [2008-03-31 03:55:48 | 00,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe

PRC - [2007-08-08 01:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe

PRC - [2009-07-03 16:49:06 | 01,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2008-04-22 22:54:40 | 00,536,576 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe

PRC - [2009-08-16 09:24:57 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe

PRC - [2009-05-21 14:28:38 | 00,874,768 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe

PRC - [2009-03-21 20:15:58 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2009-08-16 09:25:05 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe

PRC - [2009-08-16 09:25:02 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe

PRC - [2009-05-21 13:04:14 | 00,473,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

PRC - [2009-01-07 13:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe

PRC - [2009-01-21 14:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe

PRC - [2008-04-15 14:00:00 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2009-08-16 09:24:59 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe

PRC - [2008-08-18 11:27:32 | 00,117,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe

PRC - [2008-08-18 10:56:22 | 00,098,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

PRC - [2008-10-20 18:08:30 | 00,166,456 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe

PRC - [2008-12-08 14:33:48 | 01,173,384 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe

PRC - [2009-05-21 13:49:36 | 01,372,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe

PRC - [2009-05-21 13:06:22 | 01,202,448 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

PRC - [2008-04-14 23:51:32 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe

PRC - [2008-07-02 16:16:58 | 00,393,216 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

PRC - [2008-04-14 15:03:54 | 00,596,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

PRC - [2008-09-30 17:48:18 | 07,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe

PRC - [2008-08-13 16:21:56 | 02,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe

PRC - [2009-08-16 09:25:00 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe

PRC - [2008-04-14 15:03:54 | 01,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

PRC - [2008-09-30 17:50:52 | 07,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin

PRC - [2008-08-13 21:00:16 | 00,158,264 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe

PRC - [2009-08-16 09:25:04 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe

PRC - [2008-04-15 14:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe

PRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe

PRC - [2008-04-15 14:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe

PRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe

PRC - [2009-07-03 16:49:06 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2008-12-10 23:32:46 | 00,098,816 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2009-08-26 15:22:14 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pan\Pulpit\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009-02-27 00:35:01 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])

SRV - [2008-03-31 03:55:48 | 00,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService [Auto | Running])

SRV - [2008-07-25 12:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

SRV - [2008-04-22 22:54:40 | 00,536,576 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])

SRV - [2007-08-08 01:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv [Auto | Running])

SRV - [2009-08-16 09:25:00 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])

SRV - [2009-08-16 09:24:57 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])

SRV - [2008-04-14 15:03:54 | 00,342,624 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])

SRV - [2008-07-25 12:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2009-05-21 14:28:38 | 00,874,768 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng [Auto | Running])

SRV - [2008-07-29 22:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

SRV - [2008-04-15 14:00:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2008-07-29 20:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

SRV - [2009-03-21 20:15:58 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

SRV - [2009-07-03 16:49:06 | 01,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])

SRV - [2008-07-29 20:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

SRV - [2009-05-21 13:04:14 | 00,473,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc [Auto | Running])

SRV - [2009-05-21 13:23:04 | 00,909,312 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])

SRV - [2009-01-07 13:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])

SRV - [2009-01-21 14:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2007-08-10 21:19:26 | 00,029,752 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\AsDsm.sys -- (AsDsm [boot | Running])

DRV - [2007-07-24 12:09:04 | 00,013,880 | ---- | M] () -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP [Auto | Running])

DRV - [2008-04-23 01:34:52 | 02,880,000 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])

DRV - [2009-08-16 09:25:05 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [system | Running])

DRV - [2009-08-16 09:25:04 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [system | Running])

DRV - [2009-05-08 10:39:06 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [system | Running])

DRV - [2008-04-15 12:13:00 | 00,534,440 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\drivers\btaudio.sys -- (btaudio [On_Demand | Running])

DRV - [2008-02-04 18:57:00 | 00,037,160 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btport.sys -- (BTDriver [On_Demand | Running])

DRV - [2008-04-15 12:14:00 | 00,990,632 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])

DRV - [2007-09-20 12:59:00 | 00,156,392 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys -- (BTWDNDIS [On_Demand | Running])

DRV - [2008-03-10 19:18:00 | 00,057,384 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btwhid.sys -- (btwhid [On_Demand | Running])

DRV - [2008-02-04 18:57:00 | 00,037,032 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btwmodem.sys -- (btwmodem [On_Demand | Running])

DRV - [2008-03-27 18:18:00 | 00,047,272 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB [On_Demand | Running])

DRV - [2001-08-17 23:46:40 | 00,006,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\enum1394.sys -- (ENUM1394 [On_Demand | Stopped])

DRV - [2008-04-15 14:00:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])

DRV - [2008-10-02 20:01:46 | 04,878,336 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])

DRV - [2007-08-01 15:51:42 | 00,041,656 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\DRIVERS\ipswuio.sys -- (ipswuio [On_Demand | Stopped])

DRV - [2009-07-03 16:49:08 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [boot | Running])

DRV - [2009-08-03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Stopped])

DRV - [2001-08-17 22:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])

DRV - [2007-08-24 12:46:48 | 00,005,760 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\ATKACPI.sys -- (MTsensor [On_Demand | Running])

DRV - [2009-05-29 07:23:22 | 04,203,392 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\NETw5x32.sys -- (NETw5x32 [On_Demand | Running])

DRV - [2009-05-18 13:35:04 | 00,130,936 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore [boot | Running])

DRV - [2008-04-15 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2008-06-24 16:55:12 | 00,047,104 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])

DRV - [2007-07-30 11:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])

DRV - [2007-07-30 12:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])

DRV - [2008-04-15 14:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])

DRV - [2008-08-26 12:28:10 | 03,684,352 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtHDMI.sys -- (RTHDMIAzAudService [On_Demand | Running])

DRV - [2008-08-07 20:14:56 | 00,111,360 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])

DRV - [2008-08-13 17:23:56 | 00,011,904 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])

DRV - [2008-04-15 14:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

DRV - [2008-01-24 17:39:24 | 01,090,304 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])

DRV - [2009-06-23 16:34:30 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

IE - URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found

IE - URLSearchHook: *{ecdee021-0d17-467f-a1ff-c7a115230949} - Reg Error: Key error. File not found

IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-07-15 00:24:38 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: d:\Program Files\Mozilla Thunderbird\components [2009-08-25 17:30:20 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: d:\Program Files\Mozilla Thunderbird\plugins

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

O4 - HKLM..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS)

O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)

O4 - HKLM..\Run: [intelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)

O4 - HKLM..\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)

O4 - HKLM..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe (ASUS)

O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)

O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O4 - HKCU..\Run: [sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

O4 - Startup: C:\Documents and Settings\Pan\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\Pan\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE File not found

O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1237659401281&h=7715ee922a605cc83bafc7fdeee74ad0/&filename=jinstall-6u12-windows-i586-jc.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\Aspwdflt: DllName - C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll - C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll (ASUSTek Computer Inc.)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-02-23 23:59:05 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009-02-19 06:37:19 | 00,000,000 | R--D | M] - E:\AutoRunData -- [ CDFS ]

O32 - AutoRun File - [2009-02-17 23:00:54 | 00,571,200 | R--- | M] (Midway Home Entertainment Inc) - E:\Autorun.exe -- [ CDFS ]

O32 - AutoRun File - [2008-12-01 23:21:21 | 00,000,058 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]

O33 - MountPoints2\{62d127c9-083e-11de-b692-002243a0cf10}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\amp32.exe -- File not found

O33 - MountPoints2\{62d127c9-083e-11de-b692-002243a0cf10}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\amp32.exe -- File not found

O33 - MountPoints2\{a4247cc1-01fa-11de-babf-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{a4247cc1-01fa-11de-babf-806d6172696f}\Shell\AutoRun\command - "" = E:\AUTORUN.exe -- [2009-02-17 23:00:54 | 00,571,200 | R--- | M] (Midway Home Entertainment Inc)

O33 - MountPoints2\{e97217c7-50e4-11de-b713-002354573560}\Shell - "" = Autorun

O33 - MountPoints2\{e97217c7-50e4-11de-b713-002354573560}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009-08-26 15:22:13 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pan\Pulpit\OTL.exe

[2009-08-26 14:38:39 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys

[2009-08-26 14:35:48 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{EF63305C-BAD7-4144-9208-D65528260864}

[2009-08-26 14:35:47 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk

[2009-08-25 20:07:06 | 00,032,147 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\stara baba.jpg

[2009-08-25 19:51:48 | 00,020,202 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\pedały.jpg

[2009-08-25 19:45:34 | 00,033,324 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\grzes2.jpg

[2009-08-25 19:44:05 | 00,029,756 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\grzes.jpg

[2009-08-25 17:30:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Dane aplikacji\Thunderbird

[2009-08-25 14:40:36 | 07,501,704 | ---- | C] (Mozilla) -- C:\Documents and Settings\Pan\Pulpit\Thunderbird Setup 2.0.0.23.exe

[2009-08-25 13:51:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Dane aplikacji\Talkback

[2009-08-25 13:37:30 | 00,032,294 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\gallery-77322026-500x500.jpg

[2009-08-25 13:37:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Pulpit\Gites Foty

[2009-08-25 13:28:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2009-08-25 13:28:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Ustawienia lokalne\Dane aplikacji\Thunderbird

[2009-08-25 13:28:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Dane aplikacji\Mozilla

[2009-08-25 13:02:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Pulpit\konta

[2009-08-25 11:38:23 | 00,042,704 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\assistance_zestawienie_nowe.pdf

[2009-08-24 01:07:49 | 00,065,749 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\billabongspod s.pdf

[2009-08-23 23:24:04 | 00,065,056 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\etui.pdf

[2009-08-23 23:17:38 | 00,065,907 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\quick bluza.pdf

[2009-08-23 23:14:59 | 00,065,426 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\para.pdf

[2009-08-22 22:13:48 | 15,907,681 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\MOV00201.MP4

[2009-08-22 22:13:48 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\Pan\Pulpit\MOV00201.MP4.sha

[2009-08-22 09:22:31 | 00,065,092 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\rezerwacja.29.08

[2009-08-22 09:19:51 | 00,063,147 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\payment_details_090822_091940.pdf

[2009-08-21 16:39:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Ustawienia lokalne\Dane aplikacji\Wheelman

[2009-08-21 16:39:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Ustawienia lokalne\Dane aplikacji\PC

[2009-08-21 16:37:44 | 00,000,958 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Wheelman.lnk

[2009-08-21 16:21:58 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll

[2009-08-21 16:21:58 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll

[2009-08-21 16:21:57 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll

[2009-08-21 16:21:56 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll

[2009-08-21 16:21:56 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll

[2009-08-21 16:21:56 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll

[2009-08-21 16:21:56 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll

[2009-08-21 16:21:55 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll

[2009-08-21 16:21:55 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll

[2009-08-21 16:21:54 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll

[2009-08-21 16:21:53 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll

[2009-08-21 16:21:53 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll

[2009-08-21 16:21:52 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll

[2009-08-18 05:09:08 | 00,007,738 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\OCR00003.doc

[2009-08-18 05:07:10 | 00,016,128 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\OCR00002.doc

[2009-08-18 05:05:05 | 00,013,661 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\OCR00001.doc

[2009-08-18 05:02:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Ustawienia lokalne\Dane aplikacji\ABBYY

[2009-08-17 19:10:43 | 00,010,522 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\OCR.doc

[2009-08-17 19:08:40 | 00,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 6.0 Sprint

[2009-08-17 18:22:59 | 00,046,080 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\wzor_zamowienia.doc

[2009-08-14 17:34:41 | 00,023,073 | ---- | C] () -- D:\DOKUMENTY\Dekalog.pdf

[2009-08-14 12:58:28 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel

[2009-08-14 11:36:19 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn

[2009-08-14 11:36:19 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for

[2009-08-14 00:14:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Pulpit\Pazera_Free_MOV_to_AVI_Converter

[2009-08-13 19:24:51 | 27,275,889 | ---- | C] () -- C:\Documents and Settings\Pan\Pulpit\hr7745_55_dfu_pol.pdf

[2009-08-13 03:01:53 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll

[2009-06-30 19:24:42 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2009-06-23 16:34:30 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-06-23 16:32:13 | 00,000,004 | ---- | C] () -- C:\WINDOWS\System32\micr0st.dll

[2009-04-16 03:13:57 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2009-03-23 16:13:29 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-03-21 01:43:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI

[2009-03-21 00:39:26 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll

[2009-03-21 00:39:26 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll

[2009-03-21 00:36:54 | 00,303,186 | R--- | C] () -- C:\WINDOWS\System32\MKCoInstaller.dll

[2009-03-12 23:10:44 | 00,000,024 | ---- | C] () -- C:\WINDOWS\ATKPF.ini

[2009-02-27 00:37:01 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009-02-26 10:58:52 | 00,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll

[2009-02-24 11:24:09 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2009-02-24 11:24:09 | 00,585,728 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009-02-24 11:24:09 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009-02-24 11:24:08 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2009-02-24 11:24:08 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2009-02-24 02:02:34 | 00,005,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys

[2009-02-24 02:02:27 | 00,886,192 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dll

[2009-02-24 02:02:27 | 00,067,965 | ---- | C] () -- C:\WINDOWS\System32\Oemdspif.dll

[2008-10-28 18:40:48 | 00,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2008-04-15 14:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini

[2008-04-15 14:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[2008-04-14 14:58:40 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll

[2005-06-11 12:47:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\fpprintmon.dll

[2005-02-17 13:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

[2005-02-17 13:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest

[2001-11-14 14:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]

[3 C:\WINDOWS\*.tmp files]

[2009-08-26 15:22:14 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pan\Pulpit\OTL.exe

[2009-08-26 14:46:24 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2009-08-26 14:45:53 | 00,065,024 | ---- | M] () -- C:\Documents and Settings\Pan\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-08-26 14:41:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-08-26 14:41:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-08-26 14:41:19 | 32,202,95680 | -HS- | M] () -- C:\hiberfil.sys

[2009-08-26 14:39:03 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2009-08-26 14:35:47 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk

[2009-08-26 12:53:12 | 40,158,011 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2009-08-26 12:53:12 | 00,068,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2009-08-26 12:51:49 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-08-25 20:07:06 | 00,032,147 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\stara baba.jpg

[2009-08-25 19:55:24 | 00,144,407 | ---- | M] () -- C:\WINDOWS\System32\AdobeFnt.lst

[2009-08-25 19:51:48 | 00,020,202 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\pedały.jpg

[2009-08-25 19:45:35 | 00,033,324 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\grzes2.jpg

[2009-08-25 19:44:05 | 00,029,756 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\grzes.jpg

[2009-08-25 19:33:07 | 00,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2009-08-25 19:33:06 | 01,089,762 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009-08-25 19:33:06 | 00,491,782 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2009-08-25 19:33:06 | 00,433,332 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009-08-25 19:33:06 | 00,084,612 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2009-08-25 19:33:06 | 00,068,096 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009-08-25 16:06:41 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn

[2009-08-25 14:41:40 | 07,501,704 | ---- | M] (Mozilla) -- C:\Documents and Settings\Pan\Pulpit\Thunderbird Setup 2.0.0.23.exe

[2009-08-25 13:37:30 | 00,032,294 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\gallery-77322026-500x500.jpg

[2009-08-25 13:28:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat

[2009-08-25 11:38:23 | 00,042,704 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\assistance_zestawienie_nowe.pdf

[2009-08-24 01:07:49 | 00,065,749 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\billabongspod s.pdf

[2009-08-23 23:24:04 | 00,065,056 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\etui.pdf

[2009-08-23 23:17:39 | 00,065,907 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\quick bluza.pdf

[2009-08-23 23:14:59 | 00,065,426 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\para.pdf

[2009-08-22 22:18:59 | 15,907,681 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\MOV00201.MP4

[2009-08-22 22:13:48 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\Pan\Pulpit\MOV00201.MP4.sha

[2009-08-22 09:22:31 | 00,065,092 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\rezerwacja.29.08

[2009-08-22 09:19:52 | 00,063,147 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\payment_details_090822_091940.pdf

[2009-08-21 16:37:44 | 00,000,958 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Wheelman.lnk

[2009-08-18 05:09:08 | 00,007,738 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\OCR00003.doc

[2009-08-18 05:07:10 | 00,016,128 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\OCR00002.doc

[2009-08-18 05:05:05 | 00,013,661 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\OCR00001.doc

[2009-08-17 19:10:43 | 00,010,522 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\OCR.doc

[2009-08-17 18:22:59 | 00,046,080 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\wzor_zamowienia.doc

[2009-08-16 09:25:05 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

[2009-08-16 09:25:05 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

[2009-08-16 09:25:04 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

[2009-08-14 11:36:19 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for

[2009-08-13 19:27:16 | 27,275,889 | ---- | M] () -- C:\Documents and Settings\Pan\Pulpit\hr7745_55_dfu_pol.pdf

[2009-08-07 02:47:17 | 00,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2009-08-06 12:34:16 | 00,023,073 | ---- | M] () -- D:\DOKUMENTY\Dekalog.pdf

[2009-08-05 11:01:12 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll

[2009-08-05 11:01:12 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll

[2009-08-03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009-08-03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009-07-30 02:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009-07-28 00:27:56 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx

========== LOP Check ==========

[2009-08-26 14:35:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji

[2009-08-26 14:35:50 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{EF63305C-BAD7-4144-9208-D65528260864}

[2009-02-24 02:59:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead

[2009-03-05 20:39:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Apowersoft

[2009-02-24 03:03:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI

[2009-06-26 13:06:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar

[2009-07-14 04:37:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software

[2009-02-24 12:47:52 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ

[2009-02-24 02:10:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Intel

[2009-08-26 14:58:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2009-08-25 17:30:19 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Pan\Dane aplikacji

[2009-02-24 03:06:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Ahead

[2009-06-23 16:52:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Ashampoo

[2009-02-24 03:03:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\ATI

[2009-02-24 12:09:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Auslogics

[2009-05-15 17:22:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\AVGTOOLBAR

[2009-04-28 22:34:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Corel

[2009-02-24 03:18:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\DeepBurner

[2009-02-24 11:30:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Gadu-Gadu

[2009-02-24 02:10:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Intel

[2009-07-14 22:20:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Nokia

[2009-03-21 19:55:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Nokia Multimedia Player

[2009-02-24 11:46:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Nowe Gadu-Gadu

[2009-02-24 13:29:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\OpenOffice.org

[2009-02-24 12:22:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Opera

[2009-03-10 22:19:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\PC Suite

[2009-03-03 21:09:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\SecuROM

[2009-03-21 01:50:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Teleca

[2009-08-25 17:30:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\Thunderbird

[2009-08-26 10:07:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Dane aplikacji\uTorrent

[2009-08-26 14:39:03 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

[2008-04-15 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009-03-06 04:46:55 | 00,000,102 | ---- | M] () -- C:\WINDOWS\Tasks\Low Battery Alarm Program.job

[2009-08-26 14:41:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

========== Files - Unicode (All) ==========

[2009-03-21 19:55:54 | 00,007,462 | ---- | C] ()(D:\DOKUMENTY\? Rys (1).amr) -- D:\DOKUMENTY\ Rys (1).amr

[2009-03-21 19:55:55 | 00,007,462 | ---- | M] ()(D:\DOKUMENTY\? Rys (1).amr) -- D:\DOKUMENTY\ Rys (1).amr

[2009-03-21 19:55:58 | 00,095,814 | ---- | C] ()(D:\DOKUMENTY\? Rys.amr) -- D:\DOKUMENTY\ Rys.amr

[2009-03-21 19:56:01 | 00,095,814 | ---- | M] ()(D:\DOKUMENTY\? Rys.amr) -- D:\DOKUMENTY\ Rys.amr

< End of report >

Gość
komentarz
komentarz

Zostały drobne śmietki w rejestrze. :)

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTL

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O32 - AutoRun File - [2009-02-19 06:37:19 | 00,000,000 | R--D | M] - E:\AutoRunData -- [ CDFS ]

O32 - AutoRun File - [2009-02-17 23:00:54 | 00,571,200 | R--- | M] (Midway Home Entertainment Inc) - E:\Autorun.exe -- [ CDFS ]

O32 - AutoRun File - [2008-12-01 23:21:21 | 00,000,058 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]

:Reg

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]

"SuperHidden"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]

"Hidden"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]

"ShowSuperHidden"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]

"CheckedValue"=dword:00000001

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]

@=""

:Commands

[emptytemp]

[start explorer]

[Reboot]

Kilkasz w Run Fix i zatwierdzasz restart komputera.

Po restarcie - pokazujesz log z czyszczenia.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.