raulinka7 utworzono 28 września 2009 utworzono 28 września 2009 (edytowane) witam miałam ostatnio problem z zamykaniem windowsa, pojawiało się okno z kończeniem pracy programu sysvxd.exe. Teraz już mi się nie wyświetla ale chciałam sprawdzić czy wszystko jest już ok. Mam również problem z zaporą windows - za każdym razem jak uruchamiam komputer, jest wyłączona. nie wiem czy może to mieć związek z tym plikiem sysvxd.exe. Dołączam loga z OTL i bardzo proszę o sprawdzenie i pomoc w rozwiązaniu ewentualnych problemów. Z góry dziękuję. [log] OTL logfile created on: 2009-09-28 22:50:33 - Run 2 OTL by OldTimer - Version 3.0.16.0 Folder = D:\Download Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 893,97 Mb Total Physical Memory | 459,75 Mb Available Physical Memory | 51,43% Memory free 2,12 Gb Paging File | 1,71 Gb Available in Paging File | 80,79% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 25,06 Gb Total Space | 12,09 Gb Free Space | 48,24% Space Free | Partition Type: NTFS Drive D: | 160,63 Gb Total Space | 63,80 Gb Free Space | 39,72% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PAULINA-838056B Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2007-08-03 02:37:34 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\System32\acs.exe PRC - [2007-12-13 11:14:04 | 00,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe PRC - [2007-12-11 16:50:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2007-04-10 08:45:20 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe PRC - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe PRC - [2002-12-31 14:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2007-05-22 10:50:02 | 00,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe PRC - [2002-12-31 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2007-08-28 14:22:10 | 00,356,352 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe PRC - [2007-12-11 16:59:28 | 00,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2006-04-27 07:57:48 | 00,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe PRC - [2007-10-12 14:16:46 | 00,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TPSMain.exe PRC - [2007-12-13 11:20:08 | 16,841,216 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2007-06-01 10:52:10 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE PRC - [2007-12-13 11:20:46 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe PRC - [2007-08-03 02:37:54 | 00,376,921 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe PRC - [2007-05-11 10:06:50 | 00,143,360 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe PRC - [2008-08-04 01:02:20 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2007-04-04 03:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe PRC - [2005-04-11 11:26:06 | 00,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2008-12-29 12:40:30 | 00,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2009-09-23 17:58:14 | 00,043,692 | ---- | M] () -- C:\WINDOWS\System32\drivers\svchost.exe PRC - [2007-12-13 11:20:46 | 01,015,808 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2007-10-12 14:16:34 | 00,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TPSBattM.exe PRC - [2007-12-13 11:20:44 | 00,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe PRC - [2007-05-16 10:27:38 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-06-01 10:52:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe PRC - [2007-06-22 10:24:30 | 04,763,648 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe PRC - [2009-09-28 22:45:30 | 00,518,144 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2007-08-03 02:37:34 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\System32\acs.exe -- (ACS [Auto | Running]) SRV - [2007-12-13 11:14:04 | 00,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running]) SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2007-12-11 16:50:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs [Auto | Running]) SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2009-05-14 15:54:22 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped]) SRV - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running]) SRV - [2002-12-31 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped]) SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running]) SRV - [2007-04-10 08:45:20 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV [Auto | Running]) SRV - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2007-12-13 11:14:00 | 01,161,888 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running]) DRV - [2006-07-01 23:32:26 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running]) DRV - [2007-12-13 11:12:14 | 02,371,584 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2006-09-19 11:03:28 | 00,116,992 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\e4usbaw.sys -- (e4usbaw [On_Demand | Stopped]) DRV - [2009-05-14 15:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running]) DRV - [2009-05-14 15:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv [System | Running]) DRV - [2009-05-14 15:49:32 | 00,094,360 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [System | Running]) DRV - [2007-04-04 08:56:48 | 00,005,888 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\DRIVERS\FwLnk.sys -- (FwLnk [On_Demand | Running]) DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2006-09-15 11:07:54 | 00,064,000 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\e4ldr.sys -- (IKANLOADER2 [Auto | Stopped]) DRV - [2007-12-13 11:20:10 | 04,611,072 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2007-12-12 15:33:12 | 00,012,032 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\DRIVERS\netdevio.sys -- (Netdevio [Auto | Running]) DRV - [2003-08-04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped]) DRV - [2002-12-31 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2007-02-24 14:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running]) DRV - [2007-01-23 16:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running]) DRV - [2007-03-21 22:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running]) DRV - [2007-12-13 11:22:24 | 00,264,576 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\RTL8187B.sys -- (RTL8187B [On_Demand | Running]) DRV - [2007-12-13 11:14:14 | 00,098,944 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running]) DRV - [2009-06-19 00:29:31 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running]) DRV - [2004-09-14 23:19:56 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped]) DRV - [2009-05-27 20:06:11 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2007-12-13 11:20:46 | 00,212,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running]) DRV - [2007-04-16 10:19:10 | 00,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) -- C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS -- (UVCFTR [On_Demand | Running]) DRV - [2007-12-13 20:31:04 | 00,057,408 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\wsimd.sys -- (WSIMD [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\S-1-5-21-57989841-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.8.0.4134 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14 FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-13 01:01:47 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-13 01:01:47 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2008-10-20 21:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions [2008-10-20 21:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-09-28 17:20:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ikd9g1p8.default\extensions [2009-04-14 20:19:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ikd9g1p8.default\extensions\piclens@cooliris.com [2009-09-28 22:42:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-09-13 01:01:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-03-31 22:06:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2009-09-13 01:01:42 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-13 01:01:42 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2008-10-20 22:11:41 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll [2009-09-13 01:01:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2007-05-10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-08-23 19:22:30 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-08-23 19:22:30 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-23 19:22:30 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-08-23 19:22:30 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-08-23 19:22:30 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-08-23 19:22:30 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-08-23 19:22:30 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - Reg Error: Value error. File not found O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TFncKy] File not found O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe (TOSHIBA) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [SVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe () O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (TOSHIBA) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [nLite] C:\WINDOWS\inf\nlite.cmd () O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [nLite] C:\WINDOWS\inf\nlite.cmd () O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Monitor.lnk = C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe ( TOSHIBA CORPORATION) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 217.98.63.164 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-10-08 21:26:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [2009-09-24 20:29:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009-09-23 22:00:44 | 00,024,275 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe [2009-09-23 17:58:19 | 00,043,692 | ---- | C] () -- C:\WINDOWS\System32\drivers\svchost.exe [2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Received Files [2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Music [2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\BearShare [2009-09-17 22:11:22 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx [2009-09-05 18:31:26 | 00,007,674 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20090905_183121.reg [2009-07-21 22:56:12 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-07-21 22:56:11 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-07-21 22:56:04 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-07-21 22:56:04 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-07-21 22:56:03 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-05-27 20:06:11 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-05-27 20:02:39 | 00,000,029 | ---- | C] () -- C:\WINDOWS\BSL.INI [2009-04-03 23:08:15 | 00,000,030 | ---- | C] () -- C:\WINDOWS\tdlp32.ini [2009-01-17 17:12:42 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-26 19:30:13 | 00,000,604 | ---- | C] () -- C:\WINDOWS\Thps3.INI [2008-11-09 19:40:17 | 00,000,126 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI [2008-11-09 19:40:14 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\DECODER.DLL [2008-11-03 22:54:22 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-10-20 21:43:07 | 00,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2008-10-20 21:43:07 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2008-10-20 21:43:02 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2008-10-20 21:43:01 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL [2008-10-20 21:42:11 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2008-10-12 21:50:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2008-10-12 21:20:22 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2008-10-12 21:20:22 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll [2008-10-12 21:19:22 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2008-10-12 21:17:31 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\TosBthSupport.dll [2006-05-26 15:29:14 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2006-04-03 14:26:36 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2002-12-31 14:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2002-12-31 14:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini [2002-12-31 14:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [1999-01-22 18:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [2009-09-28 22:41:14 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-09-28 22:40:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-09-28 22:40:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-09-28 22:05:01 | 00,000,604 | ---- | M] () -- C:\WINDOWS\Thps3.INI [2009-09-28 22:02:57 | 00,007,674 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20090905_183121.reg [2009-09-28 21:53:50 | 00,116,224 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-28 18:47:44 | 00,024,275 | ---- | M] () -- C:\WINDOWS\Sysvxd.exe [2009-09-26 23:50:17 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-09-23 17:58:14 | 00,043,692 | ---- | M] () -- C:\WINDOWS\System32\drivers\svchost.exe [2009-09-13 01:13:36 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Microsoft Word.lnk [color=#E56717]========== LOP Check ==========[/color] [2009-07-21 22:58:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji [2009-01-19 00:16:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ahead [2008-10-12 21:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ATI [2009-05-27 20:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools [2009-05-27 20:11:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2009-05-27 20:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro [2008-10-22 18:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu [2009-08-17 17:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IrfanView [2008-10-12 21:38:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\toshiba [2009-09-25 19:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2009-09-17 22:16:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2008-11-04 20:56:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\10015 [2009-01-15 22:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead [2008-10-12 21:16:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Atheros [2008-10-12 21:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI [2008-11-30 23:03:17 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2008-11-04 20:56:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\channels [2009-05-27 20:08:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2008-10-20 22:14:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2008-10-12 21:32:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UIB [2008-10-08 23:11:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-01-27 00:27:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Gość\Dane aplikacji [2009-01-27 00:25:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\ATI [2008-10-08 21:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2008-10-08 21:27:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2002-12-31 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-09-28 22:40:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log]
Psycholandia komentarz 28 września 2009 komentarz 28 września 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - Reg Error: Value error. File not found O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [TFncKy] File not found PRC - [2009-09-27 21:12:17 | 00,043,692 | ---- | M] () -- C:\WINDOWS\System32\drivers\svchost.exe :Files C:\WINDOWS\Sysvxd.exe C:\WINDOWS\System32\drivers\svchost.exe :Commands [emptytemp] [start explorer] [Reboot][/code] Daj loga powstałego po usuwaniu + nowego. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware) Wykonaj: http://support.microsoft.com/kb/310405/pl
raulinka7 komentarz 28 września 2009 Autor komentarz 28 września 2009 wykonałam wszystkie polecenia. log po usuwaniu z OTL: [log] All processes killed ========== PROCESSES ========== Process explorer.exe killed successfully! ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TFncKy deleted successfully. Process svchost.exe killed successfully! ========== FILES ========== C:\WINDOWS\Sysvxd.exe moved successfully. C:\WINDOWS\System32\drivers\svchost.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\etilqs_LQX1ZNyjfezc1LrGAmlP scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\~DFEE2E.tmp scheduled to be deleted on reboot. ->Temp folder emptied: 702298127 bytes File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temporary Internet Files\Content.IE5\OR23YN41\getmainbanner[2].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 85640 bytes File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\urlclassifier3.sqlite scheduled to be deleted on reboot. ->FireFox cache emptied: 59433995 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Gość ->Temp folder emptied: 1296140 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 100569832 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2114584 bytes %systemroot%\System32 .tmp files removed: 2596 bytes Windows Temp folder emptied: 8525 bytes RecycleBin emptied: 63940 bytes Total Files Cleaned = 825,89 mb OTL by OldTimer - Version 3.0.16.0 log created on 09282009_231942 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\etilqs_LQX1ZNyjfezc1LrGAmlP not found! C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\~DFEE2E.tmp moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temporary Internet Files\Content.IE5\OR23YN41\getmainbanner[2].htm moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\urlclassifier3.sqlite moved successfully. Registry entries deleted on Reboot... [/log] kolejny log z OTL: [log] OTL logfile created on: 2009-09-28 23:27:36 - Run 3 OTL by OldTimer - Version 3.0.16.0 Folder = D:\Download Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 893,97 Mb Total Physical Memory | 471,38 Mb Available Physical Memory | 52,73% Memory free 2,12 Gb Paging File | 1,73 Gb Available in Paging File | 81,73% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 25,06 Gb Total Space | 12,87 Gb Free Space | 51,33% Space Free | Partition Type: NTFS Drive D: | 160,63 Gb Total Space | 63,74 Gb Free Space | 39,68% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PAULINA-838056B Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2007-08-03 02:37:34 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\System32\acs.exe PRC - [2002-12-31 14:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2007-12-13 11:14:04 | 00,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe PRC - [2007-12-11 16:50:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2007-04-10 08:45:20 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe PRC - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe PRC - [2002-12-31 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2007-05-22 10:50:02 | 00,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe PRC - [2007-08-28 14:22:10 | 00,356,352 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe PRC - [2007-10-12 14:16:46 | 00,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TPSMain.exe PRC - [2007-12-13 11:20:08 | 16,841,216 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2007-06-01 10:52:10 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE PRC - [2007-12-13 11:20:46 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe PRC - [2007-08-03 02:37:54 | 00,376,921 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe PRC - [2007-05-11 10:06:50 | 00,143,360 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe PRC - [2008-08-04 01:02:20 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2007-04-04 03:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe PRC - [2007-12-13 11:20:46 | 01,015,808 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-10-12 14:16:34 | 00,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TPSBattM.exe PRC - [2005-04-11 11:26:06 | 00,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe PRC - [2007-12-13 11:20:44 | 00,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2008-12-29 12:40:30 | 00,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2007-05-16 10:27:38 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-06-01 10:52:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe PRC - [2007-06-22 10:24:30 | 04,763,648 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe PRC - [2009-09-28 22:45:30 | 00,518,144 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2007-08-03 02:37:34 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\System32\acs.exe -- (ACS [Auto | Running]) SRV - [2007-12-13 11:14:04 | 00,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running]) SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2007-12-11 16:50:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs [Auto | Running]) SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2009-05-14 15:54:22 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped]) SRV - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running]) SRV - [2002-12-31 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped]) SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running]) SRV - [2007-04-10 08:45:20 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV [Auto | Running]) SRV - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2007-12-13 11:14:00 | 01,161,888 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running]) DRV - [2006-07-01 23:32:26 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running]) DRV - [2007-12-13 11:12:14 | 02,371,584 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2006-09-19 11:03:28 | 00,116,992 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\e4usbaw.sys -- (e4usbaw [On_Demand | Stopped]) DRV - [2009-05-14 15:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running]) DRV - [2009-05-14 15:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv [System | Running]) DRV - [2009-05-14 15:49:32 | 00,094,360 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [System | Running]) DRV - [2007-04-04 08:56:48 | 00,005,888 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\DRIVERS\FwLnk.sys -- (FwLnk [On_Demand | Running]) DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2006-09-15 11:07:54 | 00,064,000 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\e4ldr.sys -- (IKANLOADER2 [Auto | Stopped]) DRV - [2007-12-13 11:20:10 | 04,611,072 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2007-12-12 15:33:12 | 00,012,032 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\DRIVERS\netdevio.sys -- (Netdevio [Auto | Running]) DRV - [2003-08-04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped]) DRV - [2002-12-31 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2007-02-24 14:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running]) DRV - [2007-01-23 16:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running]) DRV - [2007-03-21 22:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running]) DRV - [2007-12-13 11:22:24 | 00,264,576 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\RTL8187B.sys -- (RTL8187B [On_Demand | Running]) DRV - [2007-12-13 11:14:14 | 00,098,944 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running]) DRV - [2009-06-19 00:29:31 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running]) DRV - [2004-09-14 23:19:56 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped]) DRV - [2009-05-27 20:06:11 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2007-12-13 11:20:46 | 00,212,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running]) DRV - [2007-04-16 10:19:10 | 00,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) -- C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS -- (UVCFTR [On_Demand | Running]) DRV - [2007-12-13 20:31:04 | 00,057,408 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\wsimd.sys -- (WSIMD [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\S-1-5-21-57989841-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.8.0.4134 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14 FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-13 01:01:47 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-13 01:01:47 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2008-10-20 21:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions [2008-10-20 21:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-09-28 17:20:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ikd9g1p8.default\extensions [2009-04-14 20:19:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ikd9g1p8.default\extensions\piclens@cooliris.com [2009-09-28 22:42:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-09-13 01:01:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-03-31 22:06:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2009-09-13 01:01:42 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-13 01:01:42 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2008-10-20 22:11:41 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll [2009-09-13 01:01:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2007-05-10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-08-23 19:22:30 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-08-23 19:22:30 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-23 19:22:30 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-08-23 19:22:30 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-08-23 19:22:30 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-08-23 19:22:30 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-08-23 19:22:30 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe (TOSHIBA) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [SVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe File not found O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (TOSHIBA) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [nLite] C:\WINDOWS\inf\nlite.cmd () O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [nLite] C:\WINDOWS\inf\nlite.cmd () O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Monitor.lnk = C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe ( TOSHIBA CORPORATION) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 217.98.63.164 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-10-08 21:26:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-09-28 23:26:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes [2009-09-28 23:26:07 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-09-28 23:26:05 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009-09-28 23:26:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2009-09-28 23:26:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009-09-24 20:29:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Received Files [2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Music [2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\BearShare [2009-09-17 22:11:22 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx [2009-09-05 18:31:26 | 00,007,674 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20090905_183121.reg [2009-07-21 22:56:12 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-07-21 22:56:11 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-07-21 22:56:04 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-07-21 22:56:04 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-07-21 22:56:03 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-05-27 20:06:11 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-05-27 20:02:39 | 00,000,029 | ---- | C] () -- C:\WINDOWS\BSL.INI [2009-04-03 23:08:15 | 00,000,030 | ---- | C] () -- C:\WINDOWS\tdlp32.ini [2009-01-17 17:12:42 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-26 19:30:13 | 00,000,604 | ---- | C] () -- C:\WINDOWS\Thps3.INI [2008-11-09 19:40:17 | 00,000,126 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI [2008-11-09 19:40:14 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\DECODER.DLL [2008-11-03 22:54:22 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-10-20 21:43:07 | 00,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2008-10-20 21:43:07 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2008-10-20 21:43:02 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2008-10-20 21:43:01 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL [2008-10-20 21:42:11 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2008-10-12 21:50:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2008-10-12 21:20:22 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2008-10-12 21:20:22 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll [2008-10-12 21:19:22 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2008-10-12 21:17:31 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\TosBthSupport.dll [2006-05-26 15:29:14 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2006-04-03 14:26:36 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2002-12-31 14:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2002-12-31 14:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini [2002-12-31 14:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [1999-01-22 18:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-09-28 23:22:12 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-09-28 23:21:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-09-28 23:21:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-09-28 22:05:01 | 00,000,604 | ---- | M] () -- C:\WINDOWS\Thps3.INI [2009-09-28 22:02:57 | 00,007,674 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20090905_183121.reg [2009-09-28 21:53:50 | 00,116,224 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-26 23:50:17 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-09-13 01:13:36 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Microsoft Word.lnk [2009-09-10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-09-10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [color=#E56717]========== LOP Check ==========[/color] [2009-09-28 23:26:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji [2009-01-19 00:16:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ahead [2008-10-12 21:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ATI [2009-05-27 20:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools [2009-05-27 20:11:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2009-05-27 20:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro [2008-10-22 18:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu [2009-08-17 17:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IrfanView [2008-10-12 21:38:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\toshiba [2009-09-25 19:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2009-09-28 23:26:05 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2008-11-04 20:56:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\10015 [2009-01-15 22:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead [2008-10-12 21:16:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Atheros [2008-10-12 21:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI [2008-11-30 23:03:17 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2008-11-04 20:56:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\channels [2009-05-27 20:08:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2008-10-20 22:14:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2008-10-12 21:32:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UIB [2008-10-08 23:11:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-01-27 00:27:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Gość\Dane aplikacji [2009-01-27 00:25:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\ATI [2008-10-08 21:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2008-10-08 21:27:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2002-12-31 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-09-28 23:21:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] log z Malware: [log] Malwarebytes' Anti-Malware 1.41 Wersja bazy definicji: 2868 Windows 5.1.2600 Dodatek Service Pack 2 2009-09-28 23:48:41 mbam-log-2009-09-28 (23-48-41).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowane obiekty: 147647 Upłynęło: 16 minute(s), 40 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 7 Zainfekowane wartości rejestru: 2 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 0 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\Interface\{37b85a2a-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{37b85a2c-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{37b85a20-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SVCHOST.EXE (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Delete on reboot. Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: (Nie wykryto groźnych plików) [/log]
Psycholandia komentarz 28 września 2009 komentarz 28 września 2009 Uruchom ponownie OTL i kliknij na CleanUP. Czysto.
raulinka7 komentarz 29 września 2009 Autor komentarz 29 września 2009 dzięki wielkie, teraz jest już wszystko ok
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.