mrocznydrwal utworzono 5 września 2009 utworzono 5 września 2009 Wiem że nie powinienem czyscic kompa combofixem bez pozwolenia ale zaczął przymulać i niemiałem nic pożądniejszego pod ręką. Log do sprawdzenia ComboFix 09-06-23.01 - Mateusz 2009-09-04 20:56.2 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.511.320 [GMT 2:00] Uruchomiony z: d:\combofix\ComboFix.exe UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . - TRYB ZREDUKOWANEJ FUNKCJONALNOŚCI - . ((((((((((((((((((((((((( Pliki utworzone od 2009-08-04 do 2009-09-04 ))))))))))))))))))))))))))))))) . 2009-09-02 19:02 . 2009-09-02 19:02 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\DAEMON Tools 2009-09-02 19:02 . 2009-09-02 19:04 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\DAEMON Tools Pro 2009-09-02 19:01 . 2009-09-02 19:01 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite 2009-09-02 19:01 . 2009-09-02 19:01 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-09-02 19:01 . 2009-09-02 19:03 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\DAEMON Tools Lite 2009-08-07 19:53 . 2009-08-07 20:01 666 ----a-w- c:\windows\eReg.dat . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-04 18:47 . 2009-06-23 19:26 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP 2009-09-02 19:00 . 2009-05-19 17:41 2545 ----a-w- c:\windows\unins001.dat 2009-09-02 18:37 . 2009-05-21 18:58 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-08-05 19:45 . 2009-05-19 14:35 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-05 16:12 . 2009-08-05 15:40 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\SAMSUNG 2009-08-05 15:27 . 2009-05-19 14:24 -------- d-----w- c:\program files\Common Files\InstallShield 2009-08-04 15:08 . 2009-08-04 15:08 -------- d-----w- c:\program files\Common Files\DirectX 2009-07-15 07:08 . 2009-07-15 07:07 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\Winamp 2009-07-02 18:10 . 2009-06-23 13:58 69624 ----a-w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-07-02 09:35 . 2009-05-19 13:53 69624 ----a-w- c:\documents and settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-06-30 14:59 . 2001-10-26 17:15 89364 ----a-w- c:\windows\system32\perfc015.dat 2009-06-30 14:59 . 2001-10-26 17:15 500378 ----a-w- c:\windows\system32\perfh015.dat 2009-06-18 21:08 . 2009-05-19 14:57 222464 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2009-06-13 18:34 . 2009-06-13 18:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "DAEMON Tools Lite"="d:\daemon tools lite\daemon.exe" [2008-12-29 687560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="d:\adobe reader\Reader\Reader_sl.exe" [2008-06-12 34672] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-03-25 570664] "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\Office 2007\\Office12\\OUTLOOK.EXE"= "d:\\Program Files\\Call of Duty\\CoDMP.exe"= "d:\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"= "d:\\MotoGP URT 3\\motogp.exe"= R3 ATE_PROCMON;ATE_PROCMON;\??\d:\anti trojan elite\ATEPMon.sys --> d:\anti trojan elite\ATEPMon.sys [?] --- Inne Usługi/Sterowniki w Pamięci --- *NewlyCreated* - ATE_PROCMON [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20db0a50-698a-11de-b8f1-f99af2fb020f}] \Shell\AutoRun\command - I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8d1fc03-6732-11de-b8e4-82824dea50f0}] \Shell\AutoRun\command - I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e22b0c01-60ad-11de-b8b5-c8acac47d674}] \Shell\AutoRun\command - I:\AutoRun.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . - - - - USUNIĘTO PUSTE WPISY - - - - HKLM-Run-WinampAgent - d:\winamp\winampa.exe HKLM-Run-Anti Trojan Elite - d:\anti trojan elite\TJEnder.exe . ------- Skan uzupełniający ------- . uStart Page = hxxp://google.pl/ IE: E&ksportuj do programu Microsoft Excel - d:\office~1\Office12\EXCEL.EXE/3000 FF - ProfilePath - . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-04 20:57 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'explorer.exe'(2000) c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Czas ukończenia: 2009-09-04 20:59 ComboFix-quarantined-files.txt 2009-09-04 18:59 Przed: 10,641,825,792 bajtów wolnych Po: 10,683,392,000 bajtów wolnych 107 Pzdr.
MarekM25 komentarz 5 września 2009 komentarz 5 września 2009 Tak czy siak musisz dać loga z OTListIt2.
mrocznydrwal komentarz 5 września 2009 Autor komentarz 5 września 2009 Log do sprawdzenia OTL logfile created on: 2009-09-05 18:04:17 - Run 1OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Mateusz\PulpitWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18372)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd511.48 Mb Total Physical Memory | 341.91 Mb Available Physical Memory | 66.85% Memory free1.22 Gb Paging File | 1.10 Gb Available in Paging File | 90.23% Paging File freePaging file location(s): F:\pagefile.sys 768 1339 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 14.91 Gb Total Space | 9.84 Gb Free Space | 65.98% Space Free | Partition Type: NTFSDrive D: | 68.36 Gb Total Space | 32.23 Gb Free Space | 47.15% Space Free | Partition Type: NTFSDrive E: | 64.45 Gb Total Space | 56.73 Gb Free Space | 88.02% Space Free | Partition Type: NTFSDrive F: | 1.32 Gb Total Space | 0.56 Gb Free Space | 42.36% Space Free | Partition Type: NTFSG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: CENTRALN-15A5B9Current User Name: MateuszLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [1999-12-13 03:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.EXEPRC - [2005-08-02 16:35:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exePRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXEPRC - [2007-04-16 15:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXEPRC - [2008-06-12 02:38:00 | 00,034,672 | ---- | M] (Adobe Systems Incorporated) -- D:\Adobe Reader\Reader\Reader_sl.exePRC - [2008-12-29 12:40:30 | 00,687,560 | ---- | M] (DT Soft Ltd) -- D:\DAEMON Tools Lite\daemon.exePRC - [2009-09-05 16:57:38 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2007-10-24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2007-10-24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [1999-12-13 03:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.EXE -- (Creative Service for CDROM Access [Auto | Running])SRV - [2007-10-09 12:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])SRV - [2008-04-14 21:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2007-03-12 03:35:02 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- D:\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Stopped])SRV - [2007-10-11 09:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])SRV - [2006-11-08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])SRV - [2007-10-11 09:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])SRV - [2008-02-28 18:07:48 | 00,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])SRV - [2005-08-02 16:35:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2006-11-08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])SRV - [2009-09-04 21:21:42 | 00,361,728 | ---- | M] (TuneUp Software GmbH) -- C:\WINDOWS\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [Disabled | Stopped])SRV - [2008-07-18 15:05:40 | 00,028,416 | ---- | M] (TuneUp Software GmbH) -- C:\WINDOWS\System32\uxtuneup.dll -- (UxTuneUp [Disabled | Stopped])SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2008-09-24 10:40:22 | 04,122,368 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])DRV - [2009-05-21 21:00:37 | 00,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys.vir -- (dtscsi [On_Demand | Stopped])DRV - [2008-04-14 02:15:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])DRV - [2001-10-26 19:02:28 | 00,907,584 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys -- (HCF_MSFT [On_Demand | Running])DRV - [2007-03-08 06:20:48 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])DRV - [2007-03-08 06:20:49 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])DRV - [2007-03-08 06:20:50 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])DRV - [2008-04-17 15:52:50 | 00,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard [On_Demand | Stopped])DRV - [2001-08-18 00:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])DRV - [2008-04-13 23:23:10 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped])DRV - [2005-08-02 16:35:00 | 03,198,560 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])DRV - [2003-03-05 12:19:28 | 00,015,840 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\PfModNT.sys -- (PfModNT [Auto | Running])DRV - [2001-08-18 00:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2008-04-13 21:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2009-09-02 20:37:36 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])DRV - [2007-05-02 11:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped])DRV - [2007-05-02 11:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped])DRV - [2007-05-02 11:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped])DRV - [2006-07-24 16:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [system | Running])DRV - [2002-10-24 10:07:00 | 00,006,912 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\Drivers\vulfnth.sys -- (vulfnths [On_Demand | Running])DRV - [2002-11-13 11:34:06 | 00,010,496 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\Drivers\vulfntr.sys -- (vulfntrs [On_Demand | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/IE - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003\S-1-5-21-1060284298-1580436667-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090414FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Components: D:\Mozilla Firefox\components [2009-09-04 21:06:00 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Plugins: D:\Mozilla Firefox\plugins [2009-09-04 21:06:05 | 00,000,000 | ---D | M][2009-05-19 19:43:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Extensions[2009-05-19 19:43:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-09-02 21:01:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\d5bok60r.default\extensions[2009-06-29 11:03:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\d5bok60r.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}[2009-06-29 11:03:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\d5bok60r.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}[2009-09-02 21:01:15 | 00,002,921 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\FireFox\Profiles\d5bok60r.default\searchplugins\daemon-search.xmlO1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)O4 - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-1060284298-1580436667-1957994488-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-05-19 15:46:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O33 - MountPoints2\{20db0a50-698a-11de-b8f1-f99af2fb020f}\Shell - "" = AutoRunO33 - MountPoints2\{20db0a50-698a-11de-b8f1-f99af2fb020f}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not foundO33 - MountPoints2\{d8d1fc03-6732-11de-b8e4-82824dea50f0}\Shell - "" = AutoRunO33 - MountPoints2\{d8d1fc03-6732-11de-b8e4-82824dea50f0}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not foundO33 - MountPoints2\{e22b0c01-60ad-11de-b8b5-c8acac47d674}\Shell - "" = AutoRunO33 - MountPoints2\{e22b0c01-60ad-11de-b8b5-c8acac47d674}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not foundO34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found========== Files/Folders - Created Within 30 Days ==========[3 C:\WINDOWS\*.tmp files][2009-09-05 18:02:46 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe[2009-09-04 22:02:43 | 00,000,000 | ---D | C] -- C:\Program Files\Defraggler[2009-09-04 21:30:27 | 02,330,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TUKernel.exe[2009-09-04 21:22:53 | 00,000,000 | -HSD | C] -- C:\RECYCLER[2009-09-04 21:21:45 | 00,000,544 | ---- | C] () -- C:\WINDOWS\tasks\Konserwacja jednym kliknięciem.job[2009-09-04 21:21:42 | 00,028,416 | ---- | C] (TuneUp Software GmbH) -- C:\WINDOWS\System32\uxtuneup.dll[2009-09-04 21:21:41 | 00,361,728 | ---- | C] (TuneUp Software GmbH) -- C:\WINDOWS\System32\TuneUpDefragService.exe[2009-09-04 21:21:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TuneUp Software[2009-09-04 21:21:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software[2009-09-04 21:21:18 | 00,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2008[2009-09-04 21:20:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard[2009-09-04 21:18:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\WinPatrol[2009-09-04 21:18:44 | 00,000,000 | ---D | C] -- C:\Program Files\BillP Studios[2009-09-04 21:13:25 | 00,000,499 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 06.lnk[2009-09-04 20:59:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp[2009-09-04 20:56:19 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2009-09-04 20:56:19 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2009-09-04 20:56:19 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2009-09-04 20:56:19 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2009-09-04 20:56:19 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2009-09-04 20:56:19 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2009-09-04 20:56:19 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2009-09-04 20:56:02 | 00,000,000 | ---D | C] -- C:\Qoobox[2009-09-02 21:02:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools[2009-09-02 21:02:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Pro[2009-09-02 21:01:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite[2009-09-02 21:01:17 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar[2009-09-02 21:01:15 | 00,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk[2009-09-02 21:01:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite[2009-09-01 17:37:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Help[2009-08-09 13:19:39 | 00,000,456 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\MotoGP URT 3.lnk[2009-08-07 22:01:28 | 00,056,129 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\sdgsdghdxfgh.xps[2009-08-07 21:53:32 | 00,000,666 | ---- | C] () -- C:\WINDOWS\eReg.dat[2009-08-05 17:37:11 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys[2009-06-07 13:48:13 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll[2009-06-07 13:46:51 | 00,002,919 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini[2009-06-07 13:46:50 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS[2009-06-05 21:22:50 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2009-06-05 21:22:48 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll[2009-05-29 21:08:38 | 00,000,766 | ---- | C] () -- C:\WINDOWS\CoD.INI[2009-05-21 20:58:45 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys[2009-05-20 20:22:51 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2009-05-19 16:35:34 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll[2008-07-05 13:14:48 | 00,456,192 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll[2008-07-05 13:14:44 | 03,591,168 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll[2008-07-05 13:13:16 | 00,708,096 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll[2008-06-22 19:34:00 | 00,177,664 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll[2008-06-13 13:39:38 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll[2005-08-02 16:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll[2005-08-02 16:35:00 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll[2005-08-02 16:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll[2005-08-02 16:35:00 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll[2005-08-02 16:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll[2005-08-02 16:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll[2004-11-24 21:25:52 | 00,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll[2004-10-03 19:50:54 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll[2001-07-22 01:16:20 | 00,000,607 | ---- | C] () -- C:\WINDOWS\win.ini[2001-07-22 01:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini========== Files - Modified Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][3 C:\WINDOWS\*.tmp files][2009-09-05 18:02:02 | 00,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2009-09-05 18:01:59 | 00,000,544 | ---- | M] () -- C:\WINDOWS\tasks\Konserwacja jednym kliknięciem.job[2009-09-05 18:01:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-09-05 18:01:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-09-05 18:01:34 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys[2009-09-05 16:57:38 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe[2009-09-04 22:41:24 | 04,274,854 | -H-- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\IconCache.db[2009-09-04 22:39:43 | 00,069,624 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT[2009-09-04 22:38:03 | 00,271,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2009-09-04 21:34:54 | 02,330,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\TUKernel.exe[2009-09-04 21:34:54 | 00,000,389 | RHS- | M] () -- C:\boot.ini[2009-09-04 21:21:42 | 00,361,728 | ---- | M] (TuneUp Software GmbH) -- C:\WINDOWS\System32\TuneUpDefragService.exe[2009-09-04 21:13:25 | 00,000,499 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 06.lnk[2009-09-04 20:57:37 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini[2009-09-04 20:38:53 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009-09-02 21:01:15 | 00,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk[2009-09-02 21:00:24 | 00,002,545 | ---- | M] () -- C:\WINDOWS\unins001.dat[2009-09-02 20:37:36 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys[2009-09-02 19:55:25 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2009-08-31 09:37:54 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-08-09 13:19:39 | 00,000,456 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\MotoGP URT 3.lnk[2009-08-07 22:01:41 | 00,000,666 | ---- | M] () -- C:\WINDOWS\eReg.dat[2009-08-07 22:01:29 | 00,056,129 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\sdgsdghdxfgh.xps========== LOP Check ==========[2009-05-19 17:33:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji[2009-09-04 20:47:22 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2009-09-02 21:01:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite[2009-06-13 20:04:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI[2009-09-04 20:47:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2009-06-22 22:10:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia[2009-09-04 21:21:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software[2009-05-19 17:33:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2009-05-19 15:51:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2009-09-04 21:21:40 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji[2009-06-05 21:28:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\BESTplayer[2009-09-02 21:02:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools[2009-09-02 21:03:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite[2009-09-02 21:04:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Pro[2009-05-19 19:46:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Daoisoft[2009-07-05 12:03:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\gtk-2.0[2009-07-01 18:02:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mobile Master[2009-06-29 11:31:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu[2009-08-05 18:12:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\SAMSUNG[2009-06-29 13:04:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\smc[2009-06-22 22:57:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Softi Software[2009-09-04 21:21:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TuneUp Software[2009-09-04 21:18:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\WinPatrol[2009-06-15 16:37:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\www.pro-evo.xooit.fr[2009-05-19 15:51:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2009-07-15 09:07:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji[2001-07-22 01:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2009-09-05 18:01:59 | 00,000,544 | ---- | M] () -- C:\WINDOWS\Tasks\Konserwacja jednym kliknięciem.job[2009-09-05 18:01:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9< End of report > to z tego otl
Gość komentarz 5 września 2009 komentarz 5 września 2009 Jest OK. Odpal OTL i wywołaj go z opcji CleanUp, zgódź się na czyszczenie + restart komputera. . 1
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.