skur3byk utworzono 1 października 2009 utworzono 1 października 2009 Witam, mam następujący problem: otóż komputer reaguję cały czas jakby wciśnięty był klawisz "-", czyli wszelkie przeglądarki przy wpisywaniu lub google itp. od razu wpisują "-------------" bez końca; nie jest to wina klawiatury bo po odłączeniu jest tak samo; sprawdziłem komputer AVG i wykryło 2 trojany i ponoć wyleczyło ale problem dalej istnieje; proszę o pomoc bo nie wiem co mógłbym zrobić. Pozdrawiam i z góry dzięki za pomoc.
Psycholandia komentarz 1 października 2009 komentarz 1 października 2009 Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338
skur3byk komentarz 1 października 2009 Autor komentarz 1 października 2009 (edytowane) Log : [log]OTL logfile created on: 2009-10-01 14:59:26 - Run 1 OTL by OldTimer - Version 3.0.17.0 Folder = C:\Documents and Settings\Marcin\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 30,61 Gb Free Space | 78,36% Space Free | Partition Type: NTFS Drive D: | 259,02 Gb Total Space | 168,15 Gb Free Space | 64,92% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 896,29 Mb Total Space | 810,48 Mb Free Space | 90,43% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BUDZEN-B8FC99C2 Current User Name: Marcin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2008-11-13 15:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe PRC - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009-08-12 12:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2009-08-12 12:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2007-12-14 01:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe PRC - [2007-11-05 14:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe PRC - [2007-07-25 15:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2009-08-12 12:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe PRC - [2009-08-12 12:34:07 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe PRC - [2009-08-12 12:34:17 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2009-08-12 12:34:12 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2009-08-12 12:34:16 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe PRC - [2008-04-14 21:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2008-02-13 08:31:34 | 16,857,600 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009-08-29 17:47:21 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2008-11-13 15:18:56 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2009-04-22 17:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2002-07-11 14:54:07 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2005-10-08 16:27:48 | 00,155,648 | ---- | M] () -- C:\Program Files\Razer\Copperhead\razerhid.exe PRC - [2005-07-22 15:02:46 | 00,159,744 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Copperhead\razerofa.exe PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2004-06-16 06:03:04 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2007-06-01 10:21:08 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2008-01-10 12:49:18 | 00,782,336 | ---- | M] (Era) -- C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe PRC - [2007-06-01 10:21:30 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009-04-22 17:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe PRC - [2009-07-13 14:02:56 | 14,074,656 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe PRC - [2009-10-01 14:51:06 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2009-07-02 12:12:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2009-08-12 12:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running]) SRV - [2009-08-12 12:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running]) SRV - [2009-08-12 12:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8 [Auto | Running]) SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2007-12-14 01:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe -- (DiskMgkS [Auto | Running]) SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2007-11-05 14:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc [Auto | Running]) SRV - [2008-04-14 21:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) SRV - [2007-07-25 15:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running]) SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2008-11-13 15:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running]) SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-07-02 19:49:32 | 04,125,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2009-07-21 01:30:04 | 00,281,760 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running]) DRV - [2009-07-27 00:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys -- (Avgfwdx [On_Demand | Running]) DRV - [2009-07-27 00:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys -- (Avgfwfd [On_Demand | Stopped]) DRV - [2009-08-12 12:34:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running]) DRV - [2009-08-12 12:34:17 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running]) DRV - [2009-07-27 00:29:27 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86 [Boot | Running]) DRV - [2009-07-27 00:29:26 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running]) DRV - [2007-09-06 15:53:00 | 00,014,848 | ---- | M] (Silicon Laboratories) -- C:\WINDOWS\System32\drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1 [On_Demand | Stopped]) DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV - [2007-07-09 14:17:36 | 00,095,744 | ---- | M] (Option NV) -- C:\WINDOWS\System32\DRIVERS\Gt51Ip.sys -- (GT72NDISIPXP [On_Demand | Stopped]) DRV - [2007-06-26 13:38:46 | 00,051,968 | ---- | M] (Option N.V.) -- C:\WINDOWS\System32\DRIVERS\gt72ubus.sys -- (GT72UBUS [On_Demand | Stopped]) DRV - [2007-03-30 13:38:14 | 00,008,064 | ---- | M] (Option N.V.) -- C:\WINDOWS\System32\DRIVERS\gtptser.sys -- (GTPTSER [On_Demand | Stopped]) DRV - [2008-04-13 21:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2008-02-14 11:04:06 | 04,676,096 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2009-07-21 01:30:04 | 00,025,888 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running]) DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2005-08-12 10:11:10 | 00,019,020 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\System32\Drivers\Razerlow.sys -- (Razerlow [On_Demand | Stopped]) DRV - [2008-01-03 16:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running]) DRV - [2008-04-13 21:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2009-07-27 02:16:39 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2008-04-21 07:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running]) DRV - [2008-11-13 15:19:00 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant [System | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..browser.startup.homepage: "google.com" FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-18 14:03:47 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-14 17:01:08 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-30 19:06:59 | 00,000,000 | ---D | M] [2009-07-27 00:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions [2009-07-27 00:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-09-30 14:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\va2m8yp2.default\extensions [2009-07-27 15:11:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\va2m8yp2.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66} [2009-07-27 02:19:42 | 00,002,395 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\FireFox\Profiles\va2m8yp2.default\searchplugins\daemon-search.xml [2009-07-27 00:41:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-09-14 17:01:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-09-14 17:01:07 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-14 17:01:07 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-09-30 19:06:59 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll [2009-09-14 17:01:07 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe (HP) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe () O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GlobeTrotter Connect.lnk = C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe (Era) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\..Trusted Domains: internet ([]about in Internet) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-20 18:31:38 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-10-01 14:52:06 | 00,000,035 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{32d13814-8e6e-11de-8263-0021855aba8e}\Shell - "" = AutoRun O33 - MountPoints2\{5514b5bc-7aa1-11de-821c-0021855aba8e}\Shell - "" = AutoRun O33 - MountPoints2\{5514b5bc-7aa1-11de-821c-0021855aba8e}\Shell\AutoRun\command - "" = H:\setup.exe -- File not found O33 - MountPoints2\{5a964ec2-755a-11de-b856-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5a964ec2-755a-11de-b856-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found O33 - MountPoints2\{89e7171e-7a40-11de-8216-0021855aba8e}\Shell - "" = AutoRun O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [4 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [2009-10-01 14:54:33 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Nowy Dokument programu Microsoft Office Word.docx [2009-10-01 14:53:08 | 00,519,168 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe [2009-09-30 19:06:59 | 00,000,000 | ---D | C] -- C:\Program Files\MyGlobalSearch [2009-09-30 19:06:55 | 00,000,000 | ---D | C] -- C:\Program Files\BearShare [2009-09-27 22:46:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\NFS SHIFT [2009-09-27 22:24:08 | 00,000,699 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\NFS Shift by TPTB.lnk [2009-09-27 17:18:02 | 04,625,720 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\irb_law_book_2009_en.pdf [2009-09-26 13:20:09 | 00,000,706 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do BmStartApp.lnk [2009-09-26 01:35:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft [2009-09-26 01:33:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive [2009-09-26 01:33:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2009-09-26 00:38:10 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2009-09-26 00:38:10 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2009-09-26 00:38:10 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2009-09-26 00:38:10 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2009-09-26 00:38:10 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2009-09-26 00:38:10 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2009-09-26 00:38:10 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2009-09-25 23:58:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\Eidos [2009-09-25 23:57:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2009-09-25 23:57:16 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2009-09-25 23:57:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2009-09-24 16:35:36 | 00,000,350 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do downloads.lnk [2009-09-19 16:18:11 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2009-09-18 14:02:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2009-09-18 14:02:05 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009-09-17 01:08:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474 [2009-09-17 01:08:02 | 02,146,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe [2009-09-17 01:08:02 | 02,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe [2009-09-17 01:08:02 | 00,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll [2009-09-17 01:08:02 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntdll.dll [2009-09-17 01:08:02 | 00,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advapi32.dll [2009-09-17 01:08:02 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe [2009-09-17 01:07:22 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2009-09-16 03:02:24 | 01,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll [2009-09-16 03:02:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates [2009-09-16 03:02:02 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wkssvc.dll [2009-09-16 03:01:57 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schannel.dll [2009-09-16 03:01:49 | 00,345,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll [2009-09-16 03:01:27 | 00,202,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys [2009-09-16 03:01:23 | 00,456,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb.sys [2009-09-16 03:01:20 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srv.sys [2009-09-16 03:00:50 | 00,361,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys [2009-09-16 03:00:50 | 00,225,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys [2009-09-16 03:00:50 | 00,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys [2009-09-16 03:00:37 | 01,845,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2009-09-14 20:55:44 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009-09-14 20:55:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2009-09-14 17:08:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2009-09-07 00:08:11 | 00,010,464 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\praca.docx [2009-09-04 22:13:24 | 00,733,695 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\mapawiatary0.jpg [2009-08-07 19:51:34 | 00,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-08-03 00:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2009-07-27 03:07:48 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-07-27 02:33:21 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2009-07-27 02:21:52 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-07-27 02:21:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-07-27 02:21:51 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-07-27 02:21:51 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-07-27 02:21:51 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-07-27 02:16:39 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-07-21 01:30:04 | 00,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-07-21 01:30:04 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2001-07-21 23:16:20 | 00,000,691 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 23:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [4 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [2009-10-01 14:54:33 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Nowy Dokument programu Microsoft Office Word.docx [2009-10-01 14:51:06 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe [2009-10-01 14:08:41 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-10-01 14:03:46 | 00,348,371 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2009-10-01 14:03:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-01 14:03:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-10-01 14:03:36 | 00,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2009-10-01 13:33:12 | 42,040,164 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009-10-01 13:33:12 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009-10-01 13:33:12 | 00,002,202 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009-09-30 18:32:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk [2009-09-28 15:13:20 | 00,010,464 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\praca.docx [2009-09-27 23:13:21 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-27 22:24:08 | 00,000,699 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\NFS Shift by TPTB.lnk [2009-09-27 17:18:02 | 04,625,720 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\irb_law_book_2009_en.pdf [2009-09-26 13:20:09 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do BmStartApp.lnk [2009-09-25 03:07:24 | 04,769,144 | -H-- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-09-24 16:35:36 | 00,000,350 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do downloads.lnk [2009-09-21 13:38:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-09-18 21:29:10 | 01,096,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-09-18 21:29:10 | 00,493,632 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-09-18 21:29:10 | 00,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-09-18 21:29:10 | 00,084,916 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-09-18 21:29:10 | 00,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-09-18 21:24:50 | 00,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-09-18 20:31:17 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-09-18 14:06:44 | 00,068,456 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-09-17 21:16:03 | 00,000,691 | ---- | M] () -- C:\WINDOWS\win.ini [2009-09-04 22:13:24 | 00,733,695 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\mapawiatary0.jpg [2009-09-04 17:44:40 | 00,515,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2009-09-04 17:44:40 | 00,238,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2009-09-04 17:44:40 | 00,069,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2009-09-04 17:29:34 | 00,453,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2009-09-04 17:29:34 | 00,235,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2009-09-04 17:29:32 | 05,501,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2009-09-04 17:29:32 | 01,974,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2009-09-04 17:29:30 | 01,892,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [color=#E56717]========== LOP Check ==========[/color] [2009-08-31 15:06:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-07-27 02:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-07-27 01:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI [2009-07-27 02:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-09-24 23:39:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink [2009-07-21 01:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages [2009-07-20 20:23:52 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-07-20 18:34:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-08-28 21:55:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji [2009-08-24 20:49:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ahead [2009-07-27 01:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\ATI [2009-09-21 14:00:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Auslogics [2009-08-10 12:53:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\DAEMON Tools Lite [2009-10-01 13:36:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\dvdcss [2009-07-27 02:01:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Gadu-Gadu [2009-07-27 02:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\GARMIN [2009-07-21 01:35:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ubisoft [2009-07-20 18:33:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-10-01 14:03:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log]
Psycholandia komentarz 1 października 2009 komentarz 1 października 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found O32 - AutoRun File - [2009-10-01 14:52:06 | 00,000,035 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{32d13814-8e6e-11de-8263-0021855aba8e}\Shell - "" = AutoRun O33 - MountPoints2\{5514b5bc-7aa1-11de-821c-0021855aba8e}\Shell - "" = AutoRun O33 - MountPoints2\{5a964ec2-755a-11de-b856-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{89e7171e-7a40-11de-8216-0021855aba8e}\Shell - "" = AutoRun :Files C:\Program Files\MyGlobalSearch C:\Program Files\DAEMON Tools Toolbar :Commands [emptytemp] [start explorer] [Reboot][/code] Daj loga powstałego po usuwaniu + nowego. Odinstaluj Bearshare, bo to siedzisko wirusów. Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware) 1
skur3byk komentarz 1 października 2009 Autor komentarz 1 października 2009 (edytowane) Log po kasowaniu: [log]All processes killed ========== PROCESSES ========== Process explorer.exe killed successfully! ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully. C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL unregistered successfully. C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. LoadLibrary failed for C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll NOT unregistered. C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{37B85A29-692B-4205-9CAD-2626E4993404} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\ not found. File C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL not found. Registry value HKEY_USERS\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully. File F:\autorun.inf not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32d13814-8e6e-11de-8263-0021855aba8e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32d13814-8e6e-11de-8263-0021855aba8e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5514b5bc-7aa1-11de-821c-0021855aba8e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5514b5bc-7aa1-11de-821c-0021855aba8e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a964ec2-755a-11de-b856-806d6172696f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a964ec2-755a-11de-b856-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89e7171e-7a40-11de-8216-0021855aba8e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89e7171e-7a40-11de-8216-0021855aba8e}\ not found. ========== FILES ========== C:\Program Files\MyGlobalSearch\bar\Settings moved successfully. C:\Program Files\MyGlobalSearch\bar\History moved successfully. C:\Program Files\MyGlobalSearch\bar\Cache moved successfully. C:\Program Files\MyGlobalSearch\bar\1.bin moved successfully. C:\Program Files\MyGlobalSearch\bar moved successfully. C:\Program Files\MyGlobalSearch moved successfully. C:\Program Files\DAEMON Tools Toolbar\Resources moved successfully. C:\Program Files\DAEMON Tools Toolbar moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 33170 bytes User: Marcin File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Temp\etilqs_GkdvR2kcGdldKWPEAKRv scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Temp\~DF1E81.tmp scheduled to be deleted on reboot. ->Temp folder emptied: 1064681 bytes File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 33302 bytes File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\XUL.mfl scheduled to be deleted on reboot. ->FireFox cache emptied: 100694253 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2352022 bytes %systemroot%\System32 .tmp files removed: 2372132 bytes File delete failed. C:\WINDOWS\temp\13faa14c-5a31-4bbd-aa99-1e478ea02bf9.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\154e8c05-3059-42ba-b985-bb7758e7589a.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\1b6815bf-6289-46d8-8418-47e827f41e61.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\1e1f2d3f-099a-4c73-bb60-681958961e2a.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\32b7f8f6-2ab3-489b-af8f-c9fa3ba7c76d.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\5df8c478-40aa-48fc-b975-189afe83927f.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\6426e87d-613c-49b6-a17f-768c83651fc2.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\77d44f94-545b-4516-85e5-eec80bc3481e.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\8855d785-0d2b-4f0d-8f16-cb7c2c49162e.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\a2b1ef22-36a4-49bc-af9c-753c632a10dc.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\a8b05cbb-663f-4a86-b96b-e86405186c78.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\f4d2d6e4-9b44-4dd7-b653-81d472486a06.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\fba6a1b0-b28f-48aa-802d-c97a0cd994ec.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\ZLT076d6.TMP scheduled to be deleted on reboot. Windows Temp folder emptied: 170078 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 101,84 mb OTL by OldTimer - Version 3.0.17.0 log created on 10012009_155308 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Marcin\Ustawienia lokalne\Temp\etilqs_GkdvR2kcGdldKWPEAKRv not found! C:\Documents and Settings\Marcin\Ustawienia lokalne\Temp\~DF1E81.tmp moved successfully. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\XUL.mfl moved successfully. C:\WINDOWS\temp\13faa14c-5a31-4bbd-aa99-1e478ea02bf9.tmp moved successfully. C:\WINDOWS\temp\154e8c05-3059-42ba-b985-bb7758e7589a.tmp moved successfully. C:\WINDOWS\temp\1b6815bf-6289-46d8-8418-47e827f41e61.tmp moved successfully. C:\WINDOWS\temp\1e1f2d3f-099a-4c73-bb60-681958961e2a.tmp moved successfully. C:\WINDOWS\temp\32b7f8f6-2ab3-489b-af8f-c9fa3ba7c76d.tmp moved successfully. C:\WINDOWS\temp\5df8c478-40aa-48fc-b975-189afe83927f.tmp moved successfully. C:\WINDOWS\temp\6426e87d-613c-49b6-a17f-768c83651fc2.tmp moved successfully. C:\WINDOWS\temp\77d44f94-545b-4516-85e5-eec80bc3481e.tmp moved successfully. C:\WINDOWS\temp\8855d785-0d2b-4f0d-8f16-cb7c2c49162e.tmp moved successfully. C:\WINDOWS\temp\a2b1ef22-36a4-49bc-af9c-753c632a10dc.tmp moved successfully. C:\WINDOWS\temp\a8b05cbb-663f-4a86-b96b-e86405186c78.tmp moved successfully. C:\WINDOWS\temp\f4d2d6e4-9b44-4dd7-b653-81d472486a06.tmp moved successfully. C:\WINDOWS\temp\fba6a1b0-b28f-48aa-802d-c97a0cd994ec.tmp moved successfully. File\Folder C:\WINDOWS\temp\ZLT076d6.TMP not found! Registry entries deleted on Reboot... [/log] Nowy log: [log]OTL logfile created on: 2009-10-01 15:57:38 - Run 2 OTL by OldTimer - Version 3.0.17.0 Folder = C:\Documents and Settings\Marcin\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 30,64 Gb Free Space | 78,44% Space Free | Partition Type: NTFS Drive D: | 259,02 Gb Total Space | 163,79 Gb Free Space | 63,23% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BUDZEN-B8FC99C2 Current User Name: Marcin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2008-11-13 15:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe PRC - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2008-04-14 21:51:32 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009-08-12 12:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2009-08-12 12:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2007-12-14 01:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe PRC - [2007-11-05 14:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe PRC - [2007-07-25 15:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2009-08-12 12:34:07 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe PRC - [2009-08-12 12:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe PRC - [2009-08-12 12:34:17 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2009-08-12 12:34:12 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2009-08-12 12:34:16 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe PRC - [2008-04-14 21:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2008-02-13 08:31:34 | 16,857,600 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009-08-29 17:47:21 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2008-11-13 15:18:56 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2009-04-22 17:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2002-07-11 14:54:07 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2009-02-27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe PRC - [2005-10-08 16:27:48 | 00,155,648 | ---- | M] () -- C:\Program Files\Razer\Copperhead\razerhid.exe PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2004-06-16 06:03:04 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2005-07-22 15:02:46 | 00,159,744 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Copperhead\razerofa.exe PRC - [2009-06-04 22:56:22 | 00,869,888 | ---- | M] () -- C:\Program Files\ALLPlayer\ALLUpdate.exe PRC - [2007-06-01 10:21:08 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2008-01-10 12:49:18 | 00,782,336 | ---- | M] (Era) -- C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe PRC - [2007-06-01 10:21:30 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009-04-22 17:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe PRC - [2009-09-14 17:01:07 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-10-01 14:51:06 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2009-07-02 12:12:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2009-08-12 12:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running]) SRV - [2009-08-12 12:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running]) SRV - [2009-08-12 12:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8 [Auto | Running]) SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2007-12-14 01:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe -- (DiskMgkS [Auto | Running]) SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2007-11-05 14:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc [Auto | Running]) SRV - [2008-04-14 21:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) SRV - [2007-07-25 15:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running]) SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2008-11-13 15:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running]) SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-07-02 19:49:32 | 04,125,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2009-07-21 01:30:04 | 00,281,760 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running]) DRV - [2009-07-27 00:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys -- (Avgfwdx [On_Demand | Running]) DRV - [2009-07-27 00:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys -- (Avgfwfd [On_Demand | Stopped]) DRV - [2009-08-12 12:34:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running]) DRV - [2009-08-12 12:34:17 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running]) DRV - [2009-07-27 00:29:27 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86 [Boot | Running]) DRV - [2009-07-27 00:29:26 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running]) DRV - [2007-09-06 15:53:00 | 00,014,848 | ---- | M] (Silicon Laboratories) -- C:\WINDOWS\System32\drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1 [On_Demand | Stopped]) DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV - [2007-07-09 14:17:36 | 00,095,744 | ---- | M] (Option NV) -- C:\WINDOWS\System32\DRIVERS\Gt51Ip.sys -- (GT72NDISIPXP [On_Demand | Running]) DRV - [2007-06-26 13:38:46 | 00,051,968 | ---- | M] (Option N.V.) -- C:\WINDOWS\System32\DRIVERS\gt72ubus.sys -- (GT72UBUS [On_Demand | Running]) DRV - [2007-03-30 13:38:14 | 00,008,064 | ---- | M] (Option N.V.) -- C:\WINDOWS\System32\DRIVERS\gtptser.sys -- (GTPTSER [On_Demand | Running]) DRV - [2008-04-13 21:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2008-02-14 11:04:06 | 04,676,096 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2009-07-21 01:30:04 | 00,025,888 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running]) DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2005-08-12 10:11:10 | 00,019,020 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\System32\Drivers\Razerlow.sys -- (Razerlow [On_Demand | Stopped]) DRV - [2008-01-03 16:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running]) DRV - [2008-04-13 21:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2009-07-27 02:16:39 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2008-04-21 07:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running]) DRV - [2008-11-13 15:19:00 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant [System | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..browser.startup.homepage: "google.com" FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-18 14:03:47 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-14 17:01:08 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-30 19:06:59 | 00,000,000 | ---D | M] [2009-07-27 00:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions [2009-07-27 00:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-09-30 14:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\va2m8yp2.default\extensions [2009-07-27 15:11:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\va2m8yp2.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66} [2009-07-27 02:19:42 | 00,002,395 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\FireFox\Profiles\va2m8yp2.default\searchplugins\daemon-search.xml [2009-07-27 00:41:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-09-14 17:01:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-09-14 17:01:07 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-14 17:01:07 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-09-30 19:06:59 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll [2009-09-14 17:01:07 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe (HP) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe () O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GlobeTrotter Connect.lnk = C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe (Era) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKCU\..Trusted Domains: internet ([]about in Internet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.158.199.1 213.158.199.5 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-20 18:31:38 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-10-01 15:53:08 | 00,000,000 | ---D | C] -- C:\_OTL [2009-10-01 14:54:33 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Nowy Dokument programu Microsoft Office Word.docx [2009-10-01 14:53:08 | 00,519,168 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe [2009-09-30 19:06:55 | 00,000,000 | ---D | C] -- C:\Program Files\BearShare [2009-09-27 22:46:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\NFS SHIFT [2009-09-27 22:24:08 | 00,000,699 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\NFS Shift by TPTB.lnk [2009-09-27 17:18:02 | 04,625,720 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\irb_law_book_2009_en.pdf [2009-09-26 13:20:09 | 00,000,706 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do BmStartApp.lnk [2009-09-26 01:35:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft [2009-09-26 01:33:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive [2009-09-26 01:33:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2009-09-26 00:38:10 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2009-09-26 00:38:10 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2009-09-26 00:38:10 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2009-09-26 00:38:10 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2009-09-26 00:38:10 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2009-09-26 00:38:10 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2009-09-26 00:38:10 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2009-09-25 23:58:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\Eidos [2009-09-25 23:57:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2009-09-25 23:57:16 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2009-09-25 23:57:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2009-09-24 16:35:36 | 00,000,350 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do downloads.lnk [2009-09-19 16:18:11 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2009-09-18 14:02:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2009-09-18 14:02:05 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009-09-17 01:08:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474 [2009-09-17 01:08:02 | 02,146,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe [2009-09-17 01:08:02 | 02,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe [2009-09-17 01:08:02 | 00,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll [2009-09-17 01:08:02 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntdll.dll [2009-09-17 01:08:02 | 00,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advapi32.dll [2009-09-17 01:08:02 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe [2009-09-17 01:07:22 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2009-09-16 03:02:24 | 01,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll [2009-09-16 03:02:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates [2009-09-16 03:02:02 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wkssvc.dll [2009-09-16 03:01:57 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schannel.dll [2009-09-16 03:01:49 | 00,345,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll [2009-09-16 03:01:27 | 00,202,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys [2009-09-16 03:01:23 | 00,456,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb.sys [2009-09-16 03:01:20 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srv.sys [2009-09-16 03:00:50 | 00,361,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys [2009-09-16 03:00:50 | 00,225,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys [2009-09-16 03:00:50 | 00,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys [2009-09-16 03:00:37 | 01,845,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2009-09-14 20:55:44 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009-09-14 20:55:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2009-09-14 17:08:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2009-09-07 00:08:11 | 00,010,464 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\praca.docx [2009-09-04 22:13:24 | 00,733,695 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\mapawiatary0.jpg [2009-08-07 19:51:34 | 00,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-08-03 00:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2009-07-27 03:07:48 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-07-27 02:33:21 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2009-07-27 02:21:52 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-07-27 02:21:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-07-27 02:21:51 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-07-27 02:21:51 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-07-27 02:21:51 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-07-27 02:16:39 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-07-21 01:30:04 | 00,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-07-21 01:30:04 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2001-07-21 23:16:20 | 00,000,691 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 23:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-10-01 15:54:35 | 00,348,371 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2009-10-01 15:54:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-01 15:54:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-10-01 15:54:24 | 00,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2009-10-01 15:13:45 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-10-01 14:54:33 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Nowy Dokument programu Microsoft Office Word.docx [2009-10-01 14:51:06 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe [2009-10-01 13:33:12 | 42,040,164 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009-10-01 13:33:12 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009-10-01 13:33:12 | 00,002,202 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009-09-30 18:32:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk [2009-09-28 15:13:20 | 00,010,464 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\praca.docx [2009-09-27 23:13:21 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-27 22:24:08 | 00,000,699 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\NFS Shift by TPTB.lnk [2009-09-27 17:18:02 | 04,625,720 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\irb_law_book_2009_en.pdf [2009-09-26 13:20:09 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do BmStartApp.lnk [2009-09-25 03:07:24 | 04,769,144 | -H-- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-09-24 16:35:36 | 00,000,350 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do downloads.lnk [2009-09-21 13:38:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-09-18 21:29:10 | 01,096,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-09-18 21:29:10 | 00,493,632 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-09-18 21:29:10 | 00,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-09-18 21:29:10 | 00,084,916 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-09-18 21:29:10 | 00,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-09-18 21:24:50 | 00,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-09-18 20:31:17 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-09-18 14:06:44 | 00,068,456 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-09-17 21:16:03 | 00,000,691 | ---- | M] () -- C:\WINDOWS\win.ini [2009-09-04 22:13:24 | 00,733,695 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\mapawiatary0.jpg [2009-09-04 17:44:40 | 00,515,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2009-09-04 17:44:40 | 00,238,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2009-09-04 17:44:40 | 00,069,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2009-09-04 17:29:34 | 00,453,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2009-09-04 17:29:34 | 00,235,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2009-09-04 17:29:32 | 05,501,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2009-09-04 17:29:32 | 01,974,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2009-09-04 17:29:30 | 01,892,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [color=#E56717]========== LOP Check ==========[/color] [2009-08-31 15:06:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-07-27 02:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-07-27 01:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI [2009-07-27 02:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-10-01 15:17:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink [2009-07-21 01:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages [2009-08-28 21:55:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji [2009-08-24 20:49:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ahead [2009-07-27 01:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\ATI [2009-09-21 14:00:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Auslogics [2009-08-10 12:53:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\DAEMON Tools Lite [2009-10-01 13:36:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\dvdcss [2009-07-27 02:01:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Gadu-Gadu [2009-07-27 02:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\GARMIN [2009-07-21 01:35:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ubisoft [2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-10-01 15:54:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] Log malware: [log]Malwarebytes' Anti-Malware 1.41 Wersja bazy definicji: 2883 Windows 5.1.2600 Dodatek Service Pack 3 2009-10-01 16:29:06 mbam-log-2009-10-01 (16-29-06).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowane obiekty: 130607 Upłynęło: 8 minute(s), 42 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 3 Zainfekowane wartości rejestru: 0 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 0 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: (Nie wykryto groźnych plików) Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: (Nie wykryto groźnych plików) [/log] Bearshare usuniety - na bank jego wina bo wczoraj ściągnąłem dla jednej piosenki a dzisiaj się zaczęło;) Zrobiłem wszystko jak mówiłaś i wszystko działa elegancko, także dzięki wielkie za pomoc. Tak swoją drogą: masz chłopaka ? Pzdr [color="#FF0000"]//Cieszę się, że pomogło, a tak swoją drogą, jestem zajęta [/color]
MarekM25 komentarz 1 października 2009 komentarz 1 października 2009 Uruchom otl i wybierz opcję CleanUp i to wszystko.
skur3byk komentarz 27 listopada 2009 Autor komentarz 27 listopada 2009 Cześć, odświeżam temat bo mam podobny problem znowu. Tym razem komputer reaguję jakby był cały czas wciśnięty dolny kursor klawiatury co skutecznie uniemożliwia normalne korzystanie z komputera. Znowu nie wina klawiatury a antywirus ani ten malware wcześniej polecony nic nie pokazują. Wklejam jak wcześniej log z OTL i liczę na pomoc. Z góry dzięki:) [log]OTL logfile created on: 2009-11-27 14:36:31 - Run 3 OTL by OldTimer - Version 3.1.11.0 Folder = D:\downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 30,34 Gb Free Space | 77,67% Space Free | Partition Type: NTFS Drive D: | 259,02 Gb Total Space | 128,32 Gb Free Space | 49,54% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BUDZEN-B8FC99C2 Current User Name: Marcin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 14 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2009-11-27 14:25:26 | 00,532,992 | ---- | M] (OldTimer Tools) -- D:\downloads\OTL.exe PRC - [2009-11-25 23:47:14 | 02,029,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2009-11-11 23:04:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-08-12 11:34:17 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2009-08-12 11:34:16 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe PRC - [2009-08-12 11:34:12 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2009-08-12 11:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2009-08-12 11:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe PRC - [2009-08-12 11:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe PRC - [2009-08-12 11:34:07 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe PRC - [2009-07-13 13:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2009-07-13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009-07-09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009-07-02 18:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2009-07-02 18:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2009-04-22 16:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009-04-22 16:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008-11-13 14:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe PRC - [2008-11-13 14:18:56 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2008-04-14 20:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-14 20:51:50 | 00,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 20:51:44 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 20:51:44 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - 1700 -- C:\WINDOWS\system32\svchost.exe PRC - 1620 -- C:\WINDOWS\system32\svchost.exe PRC - 1504 -- C:\WINDOWS\system32\svchost.exe PRC - 1372 -- C:\WINDOWS\system32\svchost.exe PRC - 1280 -- C:\WINDOWS\system32\svchost.exe PRC - [2008-04-14 20:51:40 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 20:51:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 20:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 20:51:12 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 20:51:12 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 20:51:04 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-02-13 07:31:34 | 16,857,600 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2008-01-10 11:49:18 | 00,782,336 | ---- | M] (Era) -- C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe PRC - [2007-12-14 00:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe PRC - [2007-11-05 13:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe PRC - [2007-07-25 14:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2007-06-01 09:21:30 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-06-01 09:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2007-06-01 09:21:08 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006-10-26 23:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2004-06-16 05:03:04 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2002-07-11 13:54:07 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2009-11-27 14:25:26 | 00,532,992 | ---- | M] (OldTimer Tools) -- D:\downloads\OTL.exe MOD - [2008-04-14 20:51:58 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 20:50:58 | 00,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 20:50:58 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 20:50:58 | 00,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-14 20:50:58 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 20:50:58 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 20:50:48 | 08,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 20:50:48 | 00,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 20:50:48 | 00,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 20:50:46 | 01,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 20:50:46 | 00,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 20:50:46 | 00,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 20:50:46 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 20:50:46 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 20:50:46 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 20:50:40 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 20:50:40 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll MOD - [2008-04-14 20:50:38 | 00,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-14 20:50:36 | 01,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 20:50:34 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 20:50:32 | 00,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 20:50:32 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 20:50:00 | 00,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 20:49:16 | 00,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 20:43:00 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2008-04-14 20:29:10 | 01,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-08-12 11:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2009-08-12 11:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8) SRV - [2009-08-12 11:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc) SRV - [2009-07-13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009-07-09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009-07-02 18:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2009-07-02 11:12:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart) SRV - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008-11-13 14:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2007-12-14 00:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe -- (DiskMgkS) SRV - [2007-11-05 13:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc) SRV - [2007-07-25 14:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2007-06-01 09:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2006-12-01 10:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) SRV - [2006-10-26 23:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2006-10-26 18:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-08-12 11:34:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2009-08-12 11:34:17 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2009-07-27 01:16:39 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-07-26 23:29:27 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86) DRV - [2009-07-26 23:29:26 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2009-07-26 23:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd) DRV - [2009-07-26 23:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx) DRV - [2009-07-21 00:30:04 | 00,281,760 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-07-21 00:30:04 | 00,025,888 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-07-02 18:49:32 | 04,125,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-03-19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2008-11-13 14:19:00 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2008-04-21 06:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan) DRV - [2008-04-13 20:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008-04-13 20:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-02-14 10:04:06 | 04,676,096 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-01-03 15:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-09-06 14:53:00 | 00,014,848 | ---- | M] (Silicon Laboratories) -- C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1) DRV - [2007-07-09 13:17:36 | 00,095,744 | ---- | M] (Option NV) -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP) DRV - [2007-06-26 12:38:46 | 00,051,968 | ---- | M] (Option N.V.) -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS) DRV - [2007-03-30 12:38:14 | 00,008,064 | ---- | M] (Option N.V.) -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER) DRV - [2005-08-12 09:11:10 | 00,019,020 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow) DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..browser.startup.homepage: "google.com" FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-18 13:03:47 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-11-11 23:04:44 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-11-11 23:04:44 | 00,000,000 | ---D | M] [2009-07-26 23:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\Extensions [2009-11-26 21:48:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\extensions [2009-07-27 14:11:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66} [2009-07-27 01:19:42 | 00,002,395 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\searchplugins\daemon-search.xml [2009-07-26 23:41:58 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-09-30 18:06:59 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll [2006-10-26 19:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL [2009-11-11 23:04:42 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-11-11 23:04:42 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-11-11 23:04:42 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-11-11 23:04:42 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-11-11 23:04:42 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-11-11 23:04:42 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GlobeTrotter Connect.lnk = C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe (Era) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\..Trusted Domains: internet ([]about in Internet) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-20 17:31:38 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{9855b124-cdf7-11de-8322-00f1d000f1d0}\Shell - "" = AutoRun O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2009-11-27 13:59:03 | 00,000,000 | ---D | C] -- C:\$WIN_NT$.~BT [2009-11-27 13:59:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\setup.pss [2009-11-20 12:40:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\BioWare [2009-11-16 15:06:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Pulpit\Marcin [2009-11-13 18:51:31 | 00,000,000 | ---D | C] -- C:\Program Files\TP-LINK [2009-11-13 18:50:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK [2009-03-16 13:36:16 | 01,691,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll [2009-03-16 13:35:46 | 00,525,128 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe [2009-03-16 13:35:34 | 00,094,024 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll [4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2009-11-27 14:32:30 | 04,456,448 | ---- | M] () -- C:\Documents and Settings\Marcin\NTUSER.DAT [2009-11-27 14:22:21 | 00,348,371 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2009-11-27 14:22:06 | 00,068,456 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-11-27 14:21:42 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-11-27 14:21:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-11-27 14:21:36 | 00,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2009-11-27 14:21:34 | 00,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-11-27 14:20:34 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Marcin\ntuser.ini [2009-11-27 13:59:51 | 00,000,280 | RHS- | M] () -- C:\boot.ini [2009-11-27 13:56:06 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-27 12:13:16 | 45,814,706 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009-11-27 12:13:16 | 00,105,755 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009-11-26 00:12:21 | 00,038,912 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-20 13:34:35 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do DAOriginsLauncher.exe.lnk [2009-11-18 10:15:09 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk [2009-11-18 02:56:23 | 00,010,035 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\reading.docx [2009-11-18 02:56:20 | 00,013,459 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Vocabulary.docx [2009-11-17 23:59:00 | 00,015,613 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Cloze.docx [2009-11-13 18:52:31 | 01,096,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-11-13 18:52:31 | 00,493,632 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-11-13 18:52:31 | 00,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-11-13 18:52:31 | 00,084,916 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-11-13 18:52:31 | 00,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-11-27 13:59:51 | 00,000,211 | -HS- | C] () -- C:\BOOT.BAK [2009-11-27 13:59:13 | 00,441,248 | R--- | C] () -- C:\txtsetup.sif [2009-11-27 13:59:13 | 00,262,416 | R--- | C] () -- C:\$LDR$ [2009-11-20 13:34:35 | 00,000,790 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do DAOriginsLauncher.exe.lnk [2009-11-18 00:07:49 | 00,010,035 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\reading.docx [2009-11-17 23:31:24 | 00,015,613 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Cloze.docx [2009-11-17 23:21:58 | 00,013,459 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Vocabulary.docx [2009-08-07 18:51:34 | 00,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-08-02 23:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-08-02 23:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-08-02 23:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2009-07-29 19:32:05 | 00,038,912 | ---- | C] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-27 02:07:48 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-07-27 01:33:21 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2009-07-27 01:21:52 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-07-27 01:21:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-07-27 01:21:51 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-07-27 01:21:51 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-07-27 01:21:51 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-07-27 01:16:39 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-07-21 00:30:04 | 00,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-07-21 00:30:04 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-03-16 13:36:48 | 13,264,160 | ---- | C] () -- C:\Program Files\dxnt.cab [2009-03-16 13:36:48 | 04,162,622 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab [2009-03-16 13:36:48 | 01,973,694 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab [2009-03-16 13:36:48 | 01,906,870 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab [2009-03-16 13:36:48 | 01,800,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab [2009-03-16 13:36:48 | 01,794,076 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab [2009-03-16 13:36:46 | 01,802,050 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab [2009-03-16 13:36:46 | 01,792,600 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab [2009-03-16 13:36:46 | 01,769,854 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab [2009-03-16 13:36:44 | 01,709,352 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab [2009-03-16 13:36:44 | 01,155,483 | ---- | C] () -- C:\Program Files\BDANT.cab [2009-03-16 13:36:44 | 01,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab [2009-03-16 13:36:44 | 01,084,712 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab [2009-03-16 13:36:42 | 01,350,534 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab [2009-03-16 13:36:42 | 01,127,209 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab [2009-03-16 13:36:42 | 01,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab [2009-03-16 13:36:42 | 01,078,954 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab [2009-03-16 13:36:42 | 01,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab [2009-03-16 13:36:42 | 01,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab [2009-03-16 13:36:42 | 01,064,917 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab [2009-03-16 13:36:42 | 01,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab [2009-03-16 13:36:42 | 01,013,217 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab [2009-03-16 13:36:42 | 00,994,146 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab [2009-03-16 13:36:40 | 01,607,766 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab [2009-03-16 13:36:40 | 01,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab [2009-03-16 13:36:40 | 01,347,346 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab [2009-03-16 13:36:38 | 01,708,144 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab [2009-03-16 13:36:38 | 01,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab [2009-03-16 13:36:38 | 01,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab [2009-03-16 13:36:38 | 01,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab [2009-03-16 13:36:38 | 01,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab [2009-03-16 13:36:38 | 01,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab [2009-03-16 13:36:38 | 01,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab [2009-03-16 13:36:38 | 01,464,664 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab [2009-03-16 13:36:38 | 01,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab [2009-03-16 13:36:38 | 01,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab [2009-03-16 13:36:38 | 01,412,894 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab [2009-03-16 13:36:38 | 01,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab [2009-03-16 13:36:38 | 01,362,788 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab [2009-03-16 13:36:38 | 01,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab [2009-03-16 13:36:38 | 01,335,994 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab [2009-03-16 13:36:38 | 01,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab [2009-03-16 13:36:38 | 00,975,148 | ---- | C] () -- C:\Program Files\BDAXP.cab [2009-03-16 13:36:38 | 00,965,413 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab [2009-03-16 13:36:38 | 00,916,422 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab [2009-03-16 13:36:38 | 00,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab [2009-03-16 13:36:38 | 00,867,604 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab [2009-03-16 13:36:36 | 00,864,592 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab [2009-03-16 13:36:36 | 00,852,278 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab [2009-03-16 13:36:36 | 00,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab [2009-03-16 13:36:36 | 00,849,159 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab [2009-03-16 13:36:34 | 00,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab [2009-03-16 13:36:34 | 00,818,252 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab [2009-03-16 13:36:34 | 00,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab [2009-03-16 13:36:34 | 00,796,859 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab [2009-03-16 13:36:34 | 00,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab [2009-03-16 13:36:34 | 00,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab [2009-03-16 13:36:34 | 00,273,990 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab [2009-03-16 13:36:32 | 00,699,036 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab [2009-03-16 13:36:32 | 00,695,857 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab [2009-03-16 13:36:32 | 00,273,203 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab [2009-03-16 13:36:32 | 00,271,360 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab [2009-03-16 13:36:32 | 00,269,842 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab [2009-03-16 13:36:32 | 00,269,620 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab [2009-03-16 13:36:32 | 00,269,016 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab [2009-03-16 13:36:30 | 00,275,036 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab [2009-03-16 13:36:30 | 00,273,010 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab [2009-03-16 13:36:30 | 00,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab [2009-03-16 13:36:30 | 00,226,242 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab [2009-03-16 13:36:30 | 00,212,799 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab [2009-03-16 13:36:30 | 00,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab [2009-03-16 13:36:28 | 00,198,088 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab [2009-03-16 13:36:28 | 00,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab [2009-03-16 13:36:28 | 00,196,754 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab [2009-03-16 13:36:28 | 00,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab [2009-03-16 13:36:28 | 00,180,777 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab [2009-03-16 13:36:28 | 00,179,125 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab [2009-03-16 13:36:28 | 00,178,351 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab [2009-03-16 13:36:26 | 00,195,758 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab [2009-03-16 13:36:26 | 00,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab [2009-03-16 13:36:26 | 00,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab [2009-03-16 13:36:26 | 00,182,895 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab [2009-03-16 13:36:26 | 00,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab [2009-03-16 13:36:24 | 00,153,004 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab [2009-03-16 13:36:24 | 00,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab [2009-03-16 13:36:24 | 00,147,975 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab [2009-03-16 13:36:22 | 00,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab [2009-03-16 13:36:22 | 00,145,591 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab [2009-03-16 13:36:22 | 00,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab [2009-03-16 13:36:22 | 00,137,227 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab [2009-03-16 13:36:20 | 00,133,663 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab [2009-03-16 13:36:20 | 00,133,095 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab [2009-03-16 13:36:20 | 00,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab [2009-03-16 13:36:20 | 00,122,328 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab [2009-03-16 13:36:20 | 00,121,824 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab [2009-03-16 13:36:20 | 00,121,746 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab [2009-03-16 13:36:20 | 00,121,498 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab [2009-03-16 13:36:20 | 00,121,046 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab [2009-03-16 13:36:20 | 00,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab [2009-03-16 13:36:20 | 00,093,726 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab [2009-03-16 13:36:20 | 00,093,120 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab [2009-03-16 13:36:20 | 00,093,004 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab [2009-03-16 13:36:18 | 00,095,296 | ---- | C] () -- C:\Program Files\dxupdate.cab [2009-03-16 13:36:18 | 00,092,688 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab [2009-03-16 13:36:16 | 00,092,732 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab [2009-03-16 13:36:16 | 00,087,134 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab [2009-03-16 13:36:16 | 00,087,093 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab [2009-03-16 13:36:16 | 00,086,029 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab [2009-03-16 13:36:14 | 00,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab [2009-03-16 13:36:14 | 00,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab [2009-03-16 13:36:14 | 00,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab [2009-03-16 13:36:12 | 00,055,110 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab [2009-03-16 13:36:12 | 00,054,592 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab [2009-03-16 13:36:12 | 00,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab [2009-03-16 13:36:12 | 00,046,050 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab [2009-03-16 13:36:12 | 00,046,002 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab [2009-03-16 13:36:12 | 00,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab [2009-03-16 13:36:12 | 00,044,444 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab [2009-03-16 13:36:12 | 00,021,897 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab [2009-03-16 13:36:12 | 00,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab [2009-03-16 13:36:12 | 00,021,836 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab [2009-03-16 13:36:12 | 00,018,488 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab [2009-03-16 13:36:10 | 00,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab [color=#E56717]========== LOP Check ==========[/color] [2009-07-27 00:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI [2009-07-27 01:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-07-21 00:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages [2009-11-13 18:51:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK [2009-07-27 01:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-07-27 00:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\ATI [2009-11-26 21:34:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Auslogics [2009-08-10 11:53:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\DAEMON Tools Lite [2009-07-27 01:01:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Gadu-Gadu [2009-07-27 01:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\GARMIN [2009-07-21 00:35:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ubisoft [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log]
Psycholandia komentarz 27 listopada 2009 komentarz 27 listopada 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O33 - MountPoints2\{9855b124-cdf7-11de-8322-00f1d000f1d0}\Shell - "" = AutoRun O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found :Commands [emptytemp] [start explorer] [Reboot][/code] Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
skur3byk komentarz 27 listopada 2009 Autor komentarz 27 listopada 2009 Niestety tym razem nie pomogło:( [ściągnąłem aktualizację do malware] [log]Malwarebytes' Anti-Malware 1.41 Wersja bazy definicji: 3242 Windows 5.1.2600 Dodatek Service Pack 3 2009-11-27 15:29:25 mbam-log-2009-11-27 (15-29-25).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowane obiekty: 152765 Upłynęło: 10 minute(s), 28 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 0 Zainfekowane wartości rejestru: 0 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 0 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: (Nie wykryto groźnych plików) Zainfekowane wartości rejestru: (Nie wykryto groźnych plików) Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: (Nie wykryto groźnych plików) [/log]
Psycholandia komentarz 27 listopada 2009 komentarz 27 listopada 2009 Dziwna sprawa, bo w logu nic takiego nie ma, jakby to nie była wina infekcji. Pobierz Dr.Web LiveCD: http://www.freedrweb.pl/livecd.php wypal na płytę, reset, F11, uruchom z płyty kompa i zeskanuj, usuwając wszystko co znajdzie.
skur3byk komentarz 27 listopada 2009 Autor komentarz 27 listopada 2009 Zrobiłem jak kazałaś ale nic specjalnego nie znalazł ten dr.web. Problem dalej istnieje więc może to nie infekcja? Ale nie wiem co to by miało być, nie podłączałem ostatnio żadnych nowych kontrolerów ani sprzętów.
Psycholandia komentarz 27 listopada 2009 komentarz 27 listopada 2009 Skoro wykasowałeś wszystko co podałam wyżej + wszystko ze skanu Dr. Web to prawdopodobnie nie infekcja. Musisz napisać o tym w innym dziale.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.