x-kom hosting

sysvxd.exe - problem z zamykaniem Windowsa

raulinka7
utworzono
utworzono (edytowane)

witam
miałam ostatnio problem z zamykaniem windowsa, pojawiało się okno z kończeniem pracy programu sysvxd.exe. Teraz już mi się nie wyświetla ale chciałam sprawdzić czy wszystko jest już ok. Mam również problem z zaporą windows - za każdym razem jak uruchamiam komputer, jest wyłączona. nie wiem czy może to mieć związek z tym plikiem sysvxd.exe. Dołączam loga z OTL i bardzo proszę o sprawdzenie i pomoc w rozwiązaniu ewentualnych problemów. Z góry dziękuję.

[log]
OTL logfile created on: 2009-09-28 22:50:33 - Run 2
OTL by OldTimer - Version 3.0.16.0 Folder = D:\Download
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

893,97 Mb Total Physical Memory | 459,75 Mb Available Physical Memory | 51,43% Memory free
2,12 Gb Paging File | 1,71 Gb Available in Paging File | 80,79% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,06 Gb Total Space | 12,09 Gb Free Space | 48,24% Space Free | Partition Type: NTFS
Drive D: | 160,63 Gb Total Space | 63,80 Gb Free Space | 39,72% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAULINA-838056B
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007-08-03 02:37:34 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\System32\acs.exe
PRC - [2007-12-13 11:14:04 | 00,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe
PRC - [2007-12-11 16:50:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2007-04-10 08:45:20 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe
PRC - [2002-12-31 14:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007-05-22 10:50:02 | 00,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2002-12-31 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2007-08-28 14:22:10 | 00,356,352 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
PRC - [2007-12-11 16:59:28 | 00,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2006-04-27 07:57:48 | 00,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2007-10-12 14:16:46 | 00,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TPSMain.exe
PRC - [2007-12-13 11:20:08 | 16,841,216 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007-06-01 10:52:10 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
PRC - [2007-12-13 11:20:46 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007-08-03 02:37:54 | 00,376,921 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2007-05-11 10:06:50 | 00,143,360 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2008-08-04 01:02:20 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2007-04-04 03:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
PRC - [2005-04-11 11:26:06 | 00,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2008-12-29 12:40:30 | 00,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009-09-23 17:58:14 | 00,043,692 | ---- | M] () -- C:\WINDOWS\System32\drivers\svchost.exe
PRC - [2007-12-13 11:20:46 | 01,015,808 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007-10-12 14:16:34 | 00,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TPSBattM.exe
PRC - [2007-12-13 11:20:44 | 00,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2007-05-16 10:27:38 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-06-01 10:52:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2007-06-22 10:24:30 | 04,763,648 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2009-09-28 22:45:30 | 00,518,144 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2007-08-03 02:37:34 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\System32\acs.exe -- (ACS [Auto | Running])
SRV - [2007-12-13 11:14:04 | 00,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])
SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007-12-11 16:50:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs [Auto | Running])
SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009-05-14 15:54:22 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2002-12-31 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2007-04-10 08:45:20 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV [Auto | Running])
SRV - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2007-12-13 11:14:00 | 01,161,888 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2006-07-01 23:32:26 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2007-12-13 11:12:14 | 02,371,584 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2006-09-19 11:03:28 | 00,116,992 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\e4usbaw.sys -- (e4usbaw [On_Demand | Stopped])
DRV - [2009-05-14 15:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV - [2009-05-14 15:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv [System | Running])
DRV - [2009-05-14 15:49:32 | 00,094,360 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [System | Running])
DRV - [2007-04-04 08:56:48 | 00,005,888 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\DRIVERS\FwLnk.sys -- (FwLnk [On_Demand | Running])
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006-09-15 11:07:54 | 00,064,000 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\e4ldr.sys -- (IKANLOADER2 [Auto | Stopped])
DRV - [2007-12-13 11:20:10 | 04,611,072 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2007-12-12 15:33:12 | 00,012,032 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\DRIVERS\netdevio.sys -- (Netdevio [Auto | Running])
DRV - [2003-08-04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
DRV - [2002-12-31 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2007-02-24 14:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007-01-23 16:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007-03-21 22:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2007-12-13 11:22:24 | 00,264,576 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\RTL8187B.sys -- (RTL8187B [On_Demand | Running])
DRV - [2007-12-13 11:14:14 | 00,098,944 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2009-06-19 00:29:31 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2004-09-14 23:19:56 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2009-05-27 20:06:11 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007-12-13 11:20:46 | 00,212,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2007-04-16 10:19:10 | 00,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) -- C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS -- (UVCFTR [On_Demand | Running])
DRV - [2007-12-13 20:31:04 | 00,057,408 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\wsimd.sys -- (WSIMD [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\S-1-5-21-57989841-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.8.0.4134
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-13 01:01:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-13 01:01:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2008-10-20 21:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions
[2008-10-20 21:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-09-28 17:20:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ikd9g1p8.default\extensions
[2009-04-14 20:19:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ikd9g1p8.default\extensions\piclens@cooliris.com
[2009-09-28 22:42:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-13 01:01:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-03-31 22:06:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-09-13 01:01:42 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-13 01:01:42 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008-10-20 22:11:41 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll
[2009-09-13 01:01:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007-05-10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009-08-23 19:22:30 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-08-23 19:22:30 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-08-23 19:22:30 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-08-23 19:22:30 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-08-23 19:22:30 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-08-23 19:22:30 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-08-23 19:22:30 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [SVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe ()
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (TOSHIBA)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nLite] C:\WINDOWS\inf\nlite.cmd ()
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nLite] C:\WINDOWS\inf\nlite.cmd ()
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Monitor.lnk = C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe ( TOSHIBA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 217.98.63.164
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-10-08 21:26:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[2009-09-24 20:29:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009-09-23 22:00:44 | 00,024,275 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe
[2009-09-23 17:58:19 | 00,043,692 | ---- | C] () -- C:\WINDOWS\System32\drivers\svchost.exe
[2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Received Files
[2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Music
[2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\BearShare
[2009-09-17 22:11:22 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx
[2009-09-05 18:31:26 | 00,007,674 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20090905_183121.reg
[2009-07-21 22:56:12 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-07-21 22:56:11 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-07-21 22:56:04 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-07-21 22:56:04 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-21 22:56:03 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-05-27 20:06:11 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-05-27 20:02:39 | 00,000,029 | ---- | C] () -- C:\WINDOWS\BSL.INI
[2009-04-03 23:08:15 | 00,000,030 | ---- | C] () -- C:\WINDOWS\tdlp32.ini
[2009-01-17 17:12:42 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-12-26 19:30:13 | 00,000,604 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2008-11-09 19:40:17 | 00,000,126 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI
[2008-11-09 19:40:14 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\DECODER.DLL
[2008-11-03 22:54:22 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-10-20 21:43:07 | 00,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2008-10-20 21:43:07 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2008-10-20 21:43:02 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2008-10-20 21:43:01 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2008-10-20 21:42:11 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008-10-12 21:50:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2008-10-12 21:20:22 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2008-10-12 21:20:22 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[2008-10-12 21:19:22 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008-10-12 21:17:31 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\TosBthSupport.dll
[2006-05-26 15:29:14 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006-04-03 14:26:36 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2002-12-31 14:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2002-12-31 14:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini
[2002-12-31 14:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[1999-01-22 18:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-09-28 22:41:14 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-28 22:40:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-09-28 22:40:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-09-28 22:05:01 | 00,000,604 | ---- | M] () -- C:\WINDOWS\Thps3.INI
[2009-09-28 22:02:57 | 00,007,674 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20090905_183121.reg
[2009-09-28 21:53:50 | 00,116,224 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-28 18:47:44 | 00,024,275 | ---- | M] () -- C:\WINDOWS\Sysvxd.exe
[2009-09-26 23:50:17 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-09-23 17:58:14 | 00,043,692 | ---- | M] () -- C:\WINDOWS\System32\drivers\svchost.exe
[2009-09-13 01:13:36 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Microsoft Word.lnk

[color=#E56717]========== LOP Check ==========[/color]

[2009-07-21 22:58:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji
[2009-01-19 00:16:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ahead
[2008-10-12 21:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ATI
[2009-05-27 20:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools
[2009-05-27 20:11:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2009-05-27 20:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro
[2008-10-22 18:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu
[2009-08-17 17:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IrfanView
[2008-10-12 21:38:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\toshiba
[2009-09-25 19:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2009-09-17 22:16:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2008-11-04 20:56:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\10015
[2009-01-15 22:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2008-10-12 21:16:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Atheros
[2008-10-12 21:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2008-11-30 23:03:17 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2008-11-04 20:56:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\channels
[2009-05-27 20:08:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2008-10-20 22:14:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2008-10-12 21:32:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UIB
[2008-10-08 23:11:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-01-27 00:27:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Gość\Dane aplikacji
[2009-01-27 00:25:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\ATI
[2008-10-08 21:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2008-10-08 21:27:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2002-12-31 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-09-28 22:40:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [TFncKy] File not found
PRC - [2009-09-27 21:12:17 | 00,043,692 | ---- | M] () -- C:\WINDOWS\System32\drivers\svchost.exe

:Files
C:\WINDOWS\Sysvxd.exe
C:\WINDOWS\System32\drivers\svchost.exe

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Daj loga powstałego po usuwaniu + nowego.

Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
Wykonaj: http://support.microsoft.com/kb/310405/pl

raulinka7
komentarz
komentarz

wykonałam wszystkie polecenia.

log po usuwaniu z OTL:
[log]
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TFncKy deleted successfully.
Process svchost.exe killed successfully!
========== FILES ==========
C:\WINDOWS\Sysvxd.exe moved successfully.
C:\WINDOWS\System32\drivers\svchost.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\etilqs_LQX1ZNyjfezc1LrGAmlP scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\~DFEE2E.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 702298127 bytes
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temporary Internet Files\Content.IE5\OR23YN41\getmainbanner[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 85640 bytes
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
->FireFox cache emptied: 59433995 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Gość
->Temp folder emptied: 1296140 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 100569832 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
Windows Temp folder emptied: 8525 bytes
RecycleBin emptied: 63940 bytes

Total Files Cleaned = 825,89 mb


OTL by OldTimer - Version 3.0.16.0 log created on 09282009_231942

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\etilqs_LQX1ZNyjfezc1LrGAmlP not found!
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\~DFEE2E.tmp moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temporary Internet Files\Content.IE5\OR23YN41\getmainbanner[2].htm moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\ikd9g1p8.default\urlclassifier3.sqlite moved successfully.

Registry entries deleted on Reboot...
[/log]

kolejny log z OTL:
[log]
OTL logfile created on: 2009-09-28 23:27:36 - Run 3
OTL by OldTimer - Version 3.0.16.0 Folder = D:\Download
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

893,97 Mb Total Physical Memory | 471,38 Mb Available Physical Memory | 52,73% Memory free
2,12 Gb Paging File | 1,73 Gb Available in Paging File | 81,73% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,06 Gb Total Space | 12,87 Gb Free Space | 51,33% Space Free | Partition Type: NTFS
Drive D: | 160,63 Gb Total Space | 63,74 Gb Free Space | 39,68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAULINA-838056B
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007-08-03 02:37:34 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\System32\acs.exe
PRC - [2002-12-31 14:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007-12-13 11:14:04 | 00,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe
PRC - [2007-12-11 16:50:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2007-04-10 08:45:20 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe
PRC - [2002-12-31 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2007-05-22 10:50:02 | 00,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007-08-28 14:22:10 | 00,356,352 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
PRC - [2007-10-12 14:16:46 | 00,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TPSMain.exe
PRC - [2007-12-13 11:20:08 | 16,841,216 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007-06-01 10:52:10 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
PRC - [2007-12-13 11:20:46 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007-08-03 02:37:54 | 00,376,921 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2007-05-11 10:06:50 | 00,143,360 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2008-08-04 01:02:20 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2007-04-04 03:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
PRC - [2007-12-13 11:20:46 | 01,015,808 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007-10-12 14:16:34 | 00,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TPSBattM.exe
PRC - [2005-04-11 11:26:06 | 00,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
PRC - [2007-12-13 11:20:44 | 00,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2008-12-29 12:40:30 | 00,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007-05-16 10:27:38 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-06-01 10:52:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2007-06-22 10:24:30 | 04,763,648 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2009-09-28 22:45:30 | 00,518,144 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2007-08-03 02:37:34 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\System32\acs.exe -- (ACS [Auto | Running])
SRV - [2007-12-13 11:14:04 | 00,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])
SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2007-12-13 11:12:14 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007-12-11 16:50:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs [Auto | Running])
SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009-05-14 15:54:22 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2002-12-31 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2007-04-10 08:45:20 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV [Auto | Running])
SRV - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2007-12-13 11:14:00 | 01,161,888 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2006-07-01 23:32:26 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2007-12-13 11:12:14 | 02,371,584 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2006-09-19 11:03:28 | 00,116,992 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\e4usbaw.sys -- (e4usbaw [On_Demand | Stopped])
DRV - [2009-05-14 15:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV - [2009-05-14 15:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv [System | Running])
DRV - [2009-05-14 15:49:32 | 00,094,360 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [System | Running])
DRV - [2007-04-04 08:56:48 | 00,005,888 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\DRIVERS\FwLnk.sys -- (FwLnk [On_Demand | Running])
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006-09-15 11:07:54 | 00,064,000 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\e4ldr.sys -- (IKANLOADER2 [Auto | Stopped])
DRV - [2007-12-13 11:20:10 | 04,611,072 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2007-12-12 15:33:12 | 00,012,032 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\DRIVERS\netdevio.sys -- (Netdevio [Auto | Running])
DRV - [2003-08-04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
DRV - [2002-12-31 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2007-02-24 14:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007-01-23 16:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007-03-21 22:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2007-12-13 11:22:24 | 00,264,576 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\RTL8187B.sys -- (RTL8187B [On_Demand | Running])
DRV - [2007-12-13 11:14:14 | 00,098,944 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2009-06-19 00:29:31 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2004-09-14 23:19:56 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2009-05-27 20:06:11 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007-12-13 11:20:46 | 00,212,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2007-04-16 10:19:10 | 00,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) -- C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS -- (UVCFTR [On_Demand | Running])
DRV - [2007-12-13 20:31:04 | 00,057,408 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\wsimd.sys -- (WSIMD [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKU\S-1-5-21-57989841-1078081533-839522115-500\S-1-5-21-57989841-1078081533-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.8.0.4134
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-13 01:01:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-13 01:01:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2008-10-20 21:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions
[2008-10-20 21:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-09-28 17:20:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ikd9g1p8.default\extensions
[2009-04-14 20:19:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ikd9g1p8.default\extensions\piclens@cooliris.com
[2009-09-28 22:42:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-13 01:01:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-03-31 22:06:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-09-13 01:01:42 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-13 01:01:42 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008-10-20 22:11:41 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll
[2009-09-13 01:01:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007-05-10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009-08-23 19:22:30 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-08-23 19:22:30 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-08-23 19:22:30 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-08-23 19:22:30 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-08-23 19:22:30 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-08-23 19:22:30 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-08-23 19:22:30 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [SVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe File not found
O4 - HKU\S-1-5-21-57989841-1078081533-839522115-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nLite] C:\WINDOWS\inf\nlite.cmd ()
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nLite] C:\WINDOWS\inf\nlite.cmd ()
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Monitor.lnk = C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe ( TOSHIBA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-1078081533-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 217.98.63.164
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-10-08 21:26:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-09-28 23:26:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2009-09-28 23:26:07 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-09-28 23:26:05 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-09-28 23:26:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2009-09-28 23:26:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009-09-24 20:29:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Received Files
[2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Music
[2009-09-17 22:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\BearShare
[2009-09-17 22:11:22 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx
[2009-09-05 18:31:26 | 00,007,674 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20090905_183121.reg
[2009-07-21 22:56:12 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-07-21 22:56:11 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-07-21 22:56:04 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-07-21 22:56:04 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-21 22:56:03 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-05-27 20:06:11 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-05-27 20:02:39 | 00,000,029 | ---- | C] () -- C:\WINDOWS\BSL.INI
[2009-04-03 23:08:15 | 00,000,030 | ---- | C] () -- C:\WINDOWS\tdlp32.ini
[2009-01-17 17:12:42 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-12-26 19:30:13 | 00,000,604 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2008-11-09 19:40:17 | 00,000,126 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI
[2008-11-09 19:40:14 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\DECODER.DLL
[2008-11-03 22:54:22 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-10-20 21:43:07 | 00,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2008-10-20 21:43:07 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2008-10-20 21:43:02 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2008-10-20 21:43:01 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2008-10-20 21:42:11 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008-10-12 21:50:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2008-10-12 21:20:22 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2008-10-12 21:20:22 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[2008-10-12 21:19:22 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008-10-12 21:17:31 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\TosBthSupport.dll
[2006-05-26 15:29:14 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006-04-03 14:26:36 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2002-12-31 14:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2002-12-31 14:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini
[2002-12-31 14:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[1999-01-22 18:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-09-28 23:22:12 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-28 23:21:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-09-28 23:21:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-09-28 22:05:01 | 00,000,604 | ---- | M] () -- C:\WINDOWS\Thps3.INI
[2009-09-28 22:02:57 | 00,007,674 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20090905_183121.reg
[2009-09-28 21:53:50 | 00,116,224 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-26 23:50:17 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-09-13 01:13:36 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Microsoft Word.lnk
[2009-09-10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-09-10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-28 23:26:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji
[2009-01-19 00:16:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ahead
[2008-10-12 21:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ATI
[2009-05-27 20:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools
[2009-05-27 20:11:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2009-05-27 20:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro
[2008-10-22 18:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu
[2009-08-17 17:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IrfanView
[2008-10-12 21:38:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\toshiba
[2009-09-25 19:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2009-09-28 23:26:05 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2008-11-04 20:56:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\10015
[2009-01-15 22:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2008-10-12 21:16:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Atheros
[2008-10-12 21:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2008-11-30 23:03:17 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2008-11-04 20:56:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\channels
[2009-05-27 20:08:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2008-10-20 22:14:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2008-10-12 21:32:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UIB
[2008-10-08 23:11:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-01-27 00:27:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Gość\Dane aplikacji
[2009-01-27 00:25:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\ATI
[2008-10-08 21:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2008-10-08 21:27:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2002-12-31 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-09-28 23:21:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

log z Malware:
[log]
Malwarebytes' Anti-Malware 1.41
Wersja bazy definicji: 2868
Windows 5.1.2600 Dodatek Service Pack 2

2009-09-28 23:48:41
mbam-log-2009-09-28 (23-48-41).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowane obiekty: 147647
Upłynęło: 16 minute(s), 40 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 7
Zainfekowane wartości rejestru: 2
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 0
Zainfekowane pliki: 0

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
HKEY_CLASSES_ROOT\Interface\{37b85a2a-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{37b85a2c-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{37b85a20-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully.

Zainfekowane wartości rejestru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SVCHOST.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Delete on reboot.

Zainfekowane pliki rejestru:
(Nie wykryto groźnych plików)

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
(Nie wykryto groźnych plików)
[/log]

Psycholandia
komentarz
komentarz

Uruchom ponownie OTL i kliknij na CleanUP.
Czysto. :)

raulinka7
komentarz
komentarz

dzięki wielkie, teraz jest już wszystko ok :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.