x-kom hosting

wciśniety przycisk - nie wina klawiatury

skur3byk
utworzono
utworzono

Witam,

mam następujący problem: otóż komputer reaguję cały czas jakby wciśnięty był klawisz "-", czyli wszelkie przeglądarki przy wpisywaniu lub google itp. od razu wpisują "-------------" bez końca; nie jest to wina klawiatury bo po odłączeniu jest tak samo; sprawdziłem komputer AVG i wykryło 2 trojany i ponoć wyleczyło ale problem dalej istnieje; proszę o pomoc bo nie wiem co mógłbym zrobić.

Pozdrawiam i z góry dzięki za pomoc.

Psycholandia
komentarz
komentarz

Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338

skur3byk
komentarz
komentarz (edytowane)

Log :

[log]OTL logfile created on: 2009-10-01 14:59:26 - Run 1
OTL by OldTimer - Version 3.0.17.0 Folder = C:\Documents and Settings\Marcin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 30,61 Gb Free Space | 78,36% Space Free | Partition Type: NTFS
Drive D: | 259,02 Gb Total Space | 168,15 Gb Free Space | 64,92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 896,29 Mb Total Space | 810,48 Mb Free Space | 90,43% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BUDZEN-B8FC99C2
Current User Name: Marcin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-11-13 15:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe
PRC - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-08-12 12:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-08-12 12:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe
PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007-12-14 01:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe
PRC - [2007-11-05 14:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe
PRC - [2007-07-25 15:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009-08-12 12:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-08-12 12:34:07 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009-08-12 12:34:17 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-08-12 12:34:12 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-08-12 12:34:16 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2008-04-14 21:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2008-02-13 08:31:34 | 16,857,600 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-08-29 17:47:21 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2008-11-13 15:18:56 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009-04-22 17:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2002-07-11 14:54:07 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2005-10-08 16:27:48 | 00,155,648 | ---- | M] () -- C:\Program Files\Razer\Copperhead\razerhid.exe
PRC - [2005-07-22 15:02:46 | 00,159,744 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Copperhead\razerofa.exe
PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2004-06-16 06:03:04 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2007-06-01 10:21:08 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2008-01-10 12:49:18 | 00,782,336 | ---- | M] (Era) -- C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe
PRC - [2007-06-01 10:21:30 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-04-22 17:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2009-07-13 14:02:56 | 14,074,656 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe
PRC - [2009-10-01 14:51:06 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2009-07-02 12:12:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009-08-12 12:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009-08-12 12:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009-08-12 12:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8 [Auto | Running])
SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007-12-14 01:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe -- (DiskMgkS [Auto | Running])
SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2007-11-05 14:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc [Auto | Running])
SRV - [2008-04-14 21:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007-07-25 15:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008-11-13 15:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-02 19:49:32 | 04,125,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009-07-21 01:30:04 | 00,281,760 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])
DRV - [2009-07-27 00:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys -- (Avgfwdx [On_Demand | Running])
DRV - [2009-07-27 00:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys -- (Avgfwfd [On_Demand | Stopped])
DRV - [2009-08-12 12:34:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009-08-12 12:34:17 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009-07-27 00:29:27 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86 [Boot | Running])
DRV - [2009-07-27 00:29:26 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2007-09-06 15:53:00 | 00,014,848 | ---- | M] (Silicon Laboratories) -- C:\WINDOWS\System32\drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1 [On_Demand | Stopped])
DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2007-07-09 14:17:36 | 00,095,744 | ---- | M] (Option NV) -- C:\WINDOWS\System32\DRIVERS\Gt51Ip.sys -- (GT72NDISIPXP [On_Demand | Stopped])
DRV - [2007-06-26 13:38:46 | 00,051,968 | ---- | M] (Option N.V.) -- C:\WINDOWS\System32\DRIVERS\gt72ubus.sys -- (GT72UBUS [On_Demand | Stopped])
DRV - [2007-03-30 13:38:14 | 00,008,064 | ---- | M] (Option N.V.) -- C:\WINDOWS\System32\DRIVERS\gtptser.sys -- (GTPTSER [On_Demand | Stopped])
DRV - [2008-04-13 21:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-02-14 11:04:06 | 04,676,096 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-07-21 01:30:04 | 00,025,888 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])
DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005-08-12 10:11:10 | 00,019,020 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\System32\Drivers\Razerlow.sys -- (Razerlow [On_Demand | Stopped])
DRV - [2008-01-03 16:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2008-04-13 21:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2009-07-27 02:16:39 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2008-04-21 07:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
DRV - [2008-11-13 15:19:00 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant [System | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-18 14:03:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-14 17:01:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-30 19:06:59 | 00,000,000 | ---D | M]

[2009-07-27 00:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions
[2009-07-27 00:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-09-30 14:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\va2m8yp2.default\extensions
[2009-07-27 15:11:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\va2m8yp2.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2009-07-27 02:19:42 | 00,002,395 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\FireFox\Profiles\va2m8yp2.default\searchplugins\daemon-search.xml
[2009-07-27 00:41:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-14 17:01:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-09-14 17:01:07 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-14 17:01:07 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-09-30 19:06:59 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll
[2009-09-14 17:01:07 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe (HP)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GlobeTrotter Connect.lnk = C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe (Era)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\..Trusted Domains: internet ([]about in Internet)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-07-20 18:31:38 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-10-01 14:52:06 | 00,000,035 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{32d13814-8e6e-11de-8263-0021855aba8e}\Shell - "" = AutoRun
O33 - MountPoints2\{5514b5bc-7aa1-11de-821c-0021855aba8e}\Shell - "" = AutoRun
O33 - MountPoints2\{5514b5bc-7aa1-11de-821c-0021855aba8e}\Shell\AutoRun\command - "" = H:\setup.exe -- File not found
O33 - MountPoints2\{5a964ec2-755a-11de-b856-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5a964ec2-755a-11de-b856-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{89e7171e-7a40-11de-8216-0021855aba8e}\Shell - "" = AutoRun
O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[4 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-10-01 14:54:33 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Nowy Dokument programu Microsoft Office Word.docx
[2009-10-01 14:53:08 | 00,519,168 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe
[2009-09-30 19:06:59 | 00,000,000 | ---D | C] -- C:\Program Files\MyGlobalSearch
[2009-09-30 19:06:55 | 00,000,000 | ---D | C] -- C:\Program Files\BearShare
[2009-09-27 22:46:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\NFS SHIFT
[2009-09-27 22:24:08 | 00,000,699 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\NFS Shift by TPTB.lnk
[2009-09-27 17:18:02 | 04,625,720 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\irb_law_book_2009_en.pdf
[2009-09-26 13:20:09 | 00,000,706 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do BmStartApp.lnk
[2009-09-26 01:35:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2009-09-26 01:33:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2009-09-26 01:33:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009-09-26 00:38:10 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009-09-26 00:38:10 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009-09-26 00:38:10 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009-09-26 00:38:10 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009-09-26 00:38:10 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009-09-26 00:38:10 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009-09-26 00:38:10 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009-09-25 23:58:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\Eidos
[2009-09-25 23:57:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2009-09-25 23:57:16 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009-09-25 23:57:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009-09-24 16:35:36 | 00,000,350 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do downloads.lnk
[2009-09-19 16:18:11 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009-09-18 14:02:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009-09-18 14:02:05 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009-09-17 01:08:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2009-09-17 01:08:02 | 02,146,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2009-09-17 01:08:02 | 02,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2009-09-17 01:08:02 | 00,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2009-09-17 01:08:02 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntdll.dll
[2009-09-17 01:08:02 | 00,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advapi32.dll
[2009-09-17 01:08:02 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe
[2009-09-17 01:07:22 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009-09-16 03:02:24 | 01,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll
[2009-09-16 03:02:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009-09-16 03:02:02 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wkssvc.dll
[2009-09-16 03:01:57 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schannel.dll
[2009-09-16 03:01:49 | 00,345,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll
[2009-09-16 03:01:27 | 00,202,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2009-09-16 03:01:23 | 00,456,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb.sys
[2009-09-16 03:01:20 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srv.sys
[2009-09-16 03:00:50 | 00,361,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys
[2009-09-16 03:00:50 | 00,225,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2009-09-16 03:00:50 | 00,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys
[2009-09-16 03:00:37 | 01,845,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2009-09-14 20:55:44 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009-09-14 20:55:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009-09-14 17:08:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009-09-07 00:08:11 | 00,010,464 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\praca.docx
[2009-09-04 22:13:24 | 00,733,695 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\mapawiatary0.jpg
[2009-08-07 19:51:34 | 00,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-08-03 00:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009-07-27 03:07:48 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-07-27 02:33:21 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009-07-27 02:21:52 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-07-27 02:21:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-07-27 02:21:51 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-27 02:21:51 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-07-27 02:21:51 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-07-27 02:16:39 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-07-21 01:30:04 | 00,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-07-21 01:30:04 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2001-07-21 23:16:20 | 00,000,691 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 23:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[4 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-10-01 14:54:33 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Nowy Dokument programu Microsoft Office Word.docx
[2009-10-01 14:51:06 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe
[2009-10-01 14:08:41 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-01 14:03:46 | 00,348,371 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009-10-01 14:03:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-01 14:03:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-01 14:03:36 | 00,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2009-10-01 13:33:12 | 42,040,164 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009-10-01 13:33:12 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009-10-01 13:33:12 | 00,002,202 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009-09-30 18:32:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2009-09-28 15:13:20 | 00,010,464 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\praca.docx
[2009-09-27 23:13:21 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-27 22:24:08 | 00,000,699 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\NFS Shift by TPTB.lnk
[2009-09-27 17:18:02 | 04,625,720 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\irb_law_book_2009_en.pdf
[2009-09-26 13:20:09 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do BmStartApp.lnk
[2009-09-25 03:07:24 | 04,769,144 | -H-- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-09-24 16:35:36 | 00,000,350 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do downloads.lnk
[2009-09-21 13:38:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-09-18 21:29:10 | 01,096,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-09-18 21:29:10 | 00,493,632 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-09-18 21:29:10 | 00,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-09-18 21:29:10 | 00,084,916 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-09-18 21:29:10 | 00,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-09-18 21:24:50 | 00,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-09-18 20:31:17 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-09-18 14:06:44 | 00,068,456 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-09-17 21:16:03 | 00,000,691 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-09-04 22:13:24 | 00,733,695 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\mapawiatary0.jpg
[2009-09-04 17:44:40 | 00,515,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009-09-04 17:44:40 | 00,238,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009-09-04 17:44:40 | 00,069,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009-09-04 17:29:34 | 00,453,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009-09-04 17:29:34 | 00,235,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009-09-04 17:29:32 | 05,501,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009-09-04 17:29:32 | 01,974,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009-09-04 17:29:30 | 01,892,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-08-31 15:06:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-07-27 02:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-07-27 01:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2009-07-27 02:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-09-24 23:39:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink
[2009-07-21 01:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages
[2009-07-20 20:23:52 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-07-20 18:34:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2009-08-28 21:55:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji
[2009-08-24 20:49:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ahead
[2009-07-27 01:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\ATI
[2009-09-21 14:00:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Auslogics
[2009-08-10 12:53:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\DAEMON Tools Lite
[2009-10-01 13:36:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\dvdcss
[2009-07-27 02:01:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Gadu-Gadu
[2009-07-27 02:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\GARMIN
[2009-07-21 01:35:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ubisoft
[2009-07-20 18:33:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-10-01 14:03:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O32 - AutoRun File - [2009-10-01 14:52:06 | 00,000,035 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{32d13814-8e6e-11de-8263-0021855aba8e}\Shell - "" = AutoRun
O33 - MountPoints2\{5514b5bc-7aa1-11de-821c-0021855aba8e}\Shell - "" = AutoRun
O33 - MountPoints2\{5a964ec2-755a-11de-b856-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{89e7171e-7a40-11de-8216-0021855aba8e}\Shell - "" = AutoRun

:Files
C:\Program Files\MyGlobalSearch
C:\Program Files\DAEMON Tools Toolbar

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Daj loga powstałego po usuwaniu + nowego.
Odinstaluj Bearshare, bo to siedzisko wirusów.

Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]
Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie.

Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

  • Dobra wypowiedź 1
skur3byk
komentarz
komentarz (edytowane)

Log po kasowaniu:
[log]All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully.
C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL unregistered successfully.
C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
LoadLibrary failed for C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll NOT unregistered.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{37B85A29-692B-4205-9CAD-2626E4993404} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\ not found.
File C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL not found.
Registry value HKEY_USERS\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
File F:\autorun.inf not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32d13814-8e6e-11de-8263-0021855aba8e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32d13814-8e6e-11de-8263-0021855aba8e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5514b5bc-7aa1-11de-821c-0021855aba8e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5514b5bc-7aa1-11de-821c-0021855aba8e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a964ec2-755a-11de-b856-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a964ec2-755a-11de-b856-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89e7171e-7a40-11de-8216-0021855aba8e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89e7171e-7a40-11de-8216-0021855aba8e}\ not found.
========== FILES ==========
C:\Program Files\MyGlobalSearch\bar\Settings moved successfully.
C:\Program Files\MyGlobalSearch\bar\History moved successfully.
C:\Program Files\MyGlobalSearch\bar\Cache moved successfully.
C:\Program Files\MyGlobalSearch\bar\1.bin moved successfully.
C:\Program Files\MyGlobalSearch\bar moved successfully.
C:\Program Files\MyGlobalSearch moved successfully.
C:\Program Files\DAEMON Tools Toolbar\Resources moved successfully.
C:\Program Files\DAEMON Tools Toolbar moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Marcin
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Temp\etilqs_GkdvR2kcGdldKWPEAKRv scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Temp\~DF1E81.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 1064681 bytes
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33302 bytes
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\XUL.mfl scheduled to be deleted on reboot.
->FireFox cache emptied: 100694253 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 2372132 bytes
File delete failed. C:\WINDOWS\temp\13faa14c-5a31-4bbd-aa99-1e478ea02bf9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\154e8c05-3059-42ba-b985-bb7758e7589a.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\1b6815bf-6289-46d8-8418-47e827f41e61.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\1e1f2d3f-099a-4c73-bb60-681958961e2a.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\32b7f8f6-2ab3-489b-af8f-c9fa3ba7c76d.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\5df8c478-40aa-48fc-b975-189afe83927f.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\6426e87d-613c-49b6-a17f-768c83651fc2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\77d44f94-545b-4516-85e5-eec80bc3481e.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\8855d785-0d2b-4f0d-8f16-cb7c2c49162e.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\a2b1ef22-36a4-49bc-af9c-753c632a10dc.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\a8b05cbb-663f-4a86-b96b-e86405186c78.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\f4d2d6e4-9b44-4dd7-b653-81d472486a06.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\fba6a1b0-b28f-48aa-802d-c97a0cd994ec.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT076d6.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied: 170078 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 101,84 mb


OTL by OldTimer - Version 3.0.17.0 log created on 10012009_155308

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Marcin\Ustawienia lokalne\Temp\etilqs_GkdvR2kcGdldKWPEAKRv not found!
C:\Documents and Settings\Marcin\Ustawienia lokalne\Temp\~DF1E81.tmp moved successfully.
C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\XUL.mfl moved successfully.
C:\WINDOWS\temp\13faa14c-5a31-4bbd-aa99-1e478ea02bf9.tmp moved successfully.
C:\WINDOWS\temp\154e8c05-3059-42ba-b985-bb7758e7589a.tmp moved successfully.
C:\WINDOWS\temp\1b6815bf-6289-46d8-8418-47e827f41e61.tmp moved successfully.
C:\WINDOWS\temp\1e1f2d3f-099a-4c73-bb60-681958961e2a.tmp moved successfully.
C:\WINDOWS\temp\32b7f8f6-2ab3-489b-af8f-c9fa3ba7c76d.tmp moved successfully.
C:\WINDOWS\temp\5df8c478-40aa-48fc-b975-189afe83927f.tmp moved successfully.
C:\WINDOWS\temp\6426e87d-613c-49b6-a17f-768c83651fc2.tmp moved successfully.
C:\WINDOWS\temp\77d44f94-545b-4516-85e5-eec80bc3481e.tmp moved successfully.
C:\WINDOWS\temp\8855d785-0d2b-4f0d-8f16-cb7c2c49162e.tmp moved successfully.
C:\WINDOWS\temp\a2b1ef22-36a4-49bc-af9c-753c632a10dc.tmp moved successfully.
C:\WINDOWS\temp\a8b05cbb-663f-4a86-b96b-e86405186c78.tmp moved successfully.
C:\WINDOWS\temp\f4d2d6e4-9b44-4dd7-b653-81d472486a06.tmp moved successfully.
C:\WINDOWS\temp\fba6a1b0-b28f-48aa-802d-c97a0cd994ec.tmp moved successfully.
File\Folder C:\WINDOWS\temp\ZLT076d6.TMP not found!

Registry entries deleted on Reboot...
[/log]
Nowy log:
[log]OTL logfile created on: 2009-10-01 15:57:38 - Run 2
OTL by OldTimer - Version 3.0.17.0 Folder = C:\Documents and Settings\Marcin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 30,64 Gb Free Space | 78,44% Space Free | Partition Type: NTFS
Drive D: | 259,02 Gb Total Space | 163,79 Gb Free Space | 63,23% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BUDZEN-B8FC99C2
Current User Name: Marcin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-11-13 15:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe
PRC - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-04-14 21:51:32 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-08-12 12:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-08-12 12:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe
PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007-12-14 01:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe
PRC - [2007-11-05 14:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe
PRC - [2007-07-25 15:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009-08-12 12:34:07 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009-08-12 12:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-08-12 12:34:17 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-08-12 12:34:12 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-08-12 12:34:16 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2008-04-14 21:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2008-02-13 08:31:34 | 16,857,600 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-08-29 17:47:21 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2008-11-13 15:18:56 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009-04-22 17:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2002-07-11 14:54:07 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009-02-27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
PRC - [2005-10-08 16:27:48 | 00,155,648 | ---- | M] () -- C:\Program Files\Razer\Copperhead\razerhid.exe
PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2004-06-16 06:03:04 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005-07-22 15:02:46 | 00,159,744 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Copperhead\razerofa.exe
PRC - [2009-06-04 22:56:22 | 00,869,888 | ---- | M] () -- C:\Program Files\ALLPlayer\ALLUpdate.exe
PRC - [2007-06-01 10:21:08 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2008-01-10 12:49:18 | 00,782,336 | ---- | M] (Era) -- C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe
PRC - [2007-06-01 10:21:30 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-04-22 17:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2009-09-14 17:01:07 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-01 14:51:06 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009-07-02 19:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2009-07-02 12:12:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009-08-12 12:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009-08-12 12:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009-08-12 12:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8 [Auto | Running])
SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007-12-14 01:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe -- (DiskMgkS [Auto | Running])
SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2007-11-05 14:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc [Auto | Running])
SRV - [2008-04-14 21:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007-07-25 15:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008-11-13 15:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-02 19:49:32 | 04,125,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009-07-21 01:30:04 | 00,281,760 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])
DRV - [2009-07-27 00:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys -- (Avgfwdx [On_Demand | Running])
DRV - [2009-07-27 00:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys -- (Avgfwfd [On_Demand | Stopped])
DRV - [2009-08-12 12:34:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009-08-12 12:34:17 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009-07-27 00:29:27 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86 [Boot | Running])
DRV - [2009-07-27 00:29:26 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2007-09-06 15:53:00 | 00,014,848 | ---- | M] (Silicon Laboratories) -- C:\WINDOWS\System32\drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1 [On_Demand | Stopped])
DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2007-07-09 14:17:36 | 00,095,744 | ---- | M] (Option NV) -- C:\WINDOWS\System32\DRIVERS\Gt51Ip.sys -- (GT72NDISIPXP [On_Demand | Running])
DRV - [2007-06-26 13:38:46 | 00,051,968 | ---- | M] (Option N.V.) -- C:\WINDOWS\System32\DRIVERS\gt72ubus.sys -- (GT72UBUS [On_Demand | Running])
DRV - [2007-03-30 13:38:14 | 00,008,064 | ---- | M] (Option N.V.) -- C:\WINDOWS\System32\DRIVERS\gtptser.sys -- (GTPTSER [On_Demand | Running])
DRV - [2008-04-13 21:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-02-14 11:04:06 | 04,676,096 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-07-21 01:30:04 | 00,025,888 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])
DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005-08-12 10:11:10 | 00,019,020 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\System32\Drivers\Razerlow.sys -- (Razerlow [On_Demand | Stopped])
DRV - [2008-01-03 16:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2008-04-13 21:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2009-07-27 02:16:39 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2008-04-21 07:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
DRV - [2008-11-13 15:19:00 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant [System | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-18 14:03:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-14 17:01:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-30 19:06:59 | 00,000,000 | ---D | M]

[2009-07-27 00:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions
[2009-07-27 00:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-09-30 14:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\va2m8yp2.default\extensions
[2009-07-27 15:11:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\va2m8yp2.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2009-07-27 02:19:42 | 00,002,395 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\FireFox\Profiles\va2m8yp2.default\searchplugins\daemon-search.xml
[2009-07-27 00:41:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-14 17:01:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-09-14 17:01:07 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-14 17:01:07 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-09-30 19:06:59 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll
[2009-09-14 17:01:07 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009-07-27 02:06:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe (HP)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GlobeTrotter Connect.lnk = C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe (Era)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: internet ([]about in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.158.199.1 213.158.199.5
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-07-20 18:31:38 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-10-01 15:53:08 | 00,000,000 | ---D | C] -- C:\_OTL
[2009-10-01 14:54:33 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Nowy Dokument programu Microsoft Office Word.docx
[2009-10-01 14:53:08 | 00,519,168 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe
[2009-09-30 19:06:55 | 00,000,000 | ---D | C] -- C:\Program Files\BearShare
[2009-09-27 22:46:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\NFS SHIFT
[2009-09-27 22:24:08 | 00,000,699 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\NFS Shift by TPTB.lnk
[2009-09-27 17:18:02 | 04,625,720 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\irb_law_book_2009_en.pdf
[2009-09-26 13:20:09 | 00,000,706 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do BmStartApp.lnk
[2009-09-26 01:35:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2009-09-26 01:33:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2009-09-26 01:33:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009-09-26 00:38:10 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009-09-26 00:38:10 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009-09-26 00:38:10 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009-09-26 00:38:10 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009-09-26 00:38:10 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009-09-26 00:38:10 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009-09-26 00:38:10 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009-09-25 23:58:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\Eidos
[2009-09-25 23:57:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2009-09-25 23:57:16 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009-09-25 23:57:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009-09-24 16:35:36 | 00,000,350 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do downloads.lnk
[2009-09-19 16:18:11 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009-09-18 14:02:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009-09-18 14:02:05 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009-09-17 01:08:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2009-09-17 01:08:02 | 02,146,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2009-09-17 01:08:02 | 02,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2009-09-17 01:08:02 | 00,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2009-09-17 01:08:02 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntdll.dll
[2009-09-17 01:08:02 | 00,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advapi32.dll
[2009-09-17 01:08:02 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe
[2009-09-17 01:07:22 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009-09-16 03:02:24 | 01,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll
[2009-09-16 03:02:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009-09-16 03:02:02 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wkssvc.dll
[2009-09-16 03:01:57 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schannel.dll
[2009-09-16 03:01:49 | 00,345,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll
[2009-09-16 03:01:27 | 00,202,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2009-09-16 03:01:23 | 00,456,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb.sys
[2009-09-16 03:01:20 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srv.sys
[2009-09-16 03:00:50 | 00,361,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys
[2009-09-16 03:00:50 | 00,225,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2009-09-16 03:00:50 | 00,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys
[2009-09-16 03:00:37 | 01,845,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2009-09-14 20:55:44 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009-09-14 20:55:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009-09-14 17:08:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009-09-07 00:08:11 | 00,010,464 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\praca.docx
[2009-09-04 22:13:24 | 00,733,695 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\mapawiatary0.jpg
[2009-08-07 19:51:34 | 00,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-08-03 00:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009-07-27 03:07:48 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-07-27 02:33:21 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009-07-27 02:21:52 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-07-27 02:21:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-07-27 02:21:51 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-27 02:21:51 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-07-27 02:21:51 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-07-27 02:16:39 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-07-21 01:30:04 | 00,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-07-21 01:30:04 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2001-07-21 23:16:20 | 00,000,691 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 23:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-10-01 15:54:35 | 00,348,371 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009-10-01 15:54:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-01 15:54:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-01 15:54:24 | 00,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2009-10-01 15:13:45 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-01 14:54:33 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Nowy Dokument programu Microsoft Office Word.docx
[2009-10-01 14:51:06 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe
[2009-10-01 13:33:12 | 42,040,164 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009-10-01 13:33:12 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009-10-01 13:33:12 | 00,002,202 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009-09-30 18:32:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2009-09-28 15:13:20 | 00,010,464 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\praca.docx
[2009-09-27 23:13:21 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-27 22:24:08 | 00,000,699 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\NFS Shift by TPTB.lnk
[2009-09-27 17:18:02 | 04,625,720 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\irb_law_book_2009_en.pdf
[2009-09-26 13:20:09 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do BmStartApp.lnk
[2009-09-25 03:07:24 | 04,769,144 | -H-- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-09-24 16:35:36 | 00,000,350 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do downloads.lnk
[2009-09-21 13:38:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-09-18 21:29:10 | 01,096,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-09-18 21:29:10 | 00,493,632 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-09-18 21:29:10 | 00,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-09-18 21:29:10 | 00,084,916 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-09-18 21:29:10 | 00,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-09-18 21:24:50 | 00,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-09-18 20:31:17 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-09-18 14:06:44 | 00,068,456 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-09-17 21:16:03 | 00,000,691 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-09-04 22:13:24 | 00,733,695 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\mapawiatary0.jpg
[2009-09-04 17:44:40 | 00,515,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009-09-04 17:44:40 | 00,238,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009-09-04 17:44:40 | 00,069,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009-09-04 17:29:34 | 00,453,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009-09-04 17:29:34 | 00,235,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009-09-04 17:29:32 | 05,501,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009-09-04 17:29:32 | 01,974,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009-09-04 17:29:30 | 01,892,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-08-31 15:06:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-07-27 02:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-07-27 01:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2009-07-27 02:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-10-01 15:17:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink
[2009-07-21 01:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages
[2009-08-28 21:55:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji
[2009-08-24 20:49:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ahead
[2009-07-27 01:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\ATI
[2009-09-21 14:00:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Auslogics
[2009-08-10 12:53:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\DAEMON Tools Lite
[2009-10-01 13:36:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\dvdcss
[2009-07-27 02:01:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Gadu-Gadu
[2009-07-27 02:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\GARMIN
[2009-07-21 01:35:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ubisoft
[2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-10-01 15:54:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]
Log malware:
[log]Malwarebytes' Anti-Malware 1.41
Wersja bazy definicji: 2883
Windows 5.1.2600 Dodatek Service Pack 3

2009-10-01 16:29:06
mbam-log-2009-10-01 (16-29-06).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowane obiekty: 130607
Upłynęło: 8 minute(s), 42 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 3
Zainfekowane wartości rejestru: 0
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 0
Zainfekowane pliki: 0

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully.

Zainfekowane wartości rejestru:
(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:
(Nie wykryto groźnych plików)

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
(Nie wykryto groźnych plików)
[/log]


Bearshare usuniety - na bank jego wina bo wczoraj ściągnąłem dla jednej piosenki a dzisiaj się zaczęło;) Zrobiłem wszystko jak mówiłaś i wszystko działa elegancko, także dzięki wielkie za pomoc. Tak swoją drogą: masz chłopaka ?:D

Pzdr

[color="#FF0000"]//Cieszę się, że pomogło, a tak swoją drogą, jestem zajęta :P[/color]

MarekM25
komentarz
komentarz

Uruchom otl i wybierz opcję CleanUp i to wszystko.

  • 1 miesiąc później...
skur3byk
komentarz
komentarz

Cześć,

odświeżam temat bo mam podobny problem znowu. Tym razem komputer reaguję jakby był cały czas wciśnięty dolny kursor klawiatury co skutecznie uniemożliwia normalne korzystanie z komputera. Znowu nie wina klawiatury a antywirus ani ten malware wcześniej polecony nic nie pokazują. Wklejam jak wcześniej log z OTL i liczę na pomoc.

Z góry dzięki:)

[log]OTL logfile created on: 2009-11-27 14:36:31 - Run 3
OTL by OldTimer - Version 3.1.11.0 Folder = D:\downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 30,34 Gb Free Space | 77,67% Space Free | Partition Type: NTFS
Drive D: | 259,02 Gb Total Space | 128,32 Gb Free Space | 49,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BUDZEN-B8FC99C2
Current User Name: Marcin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2009-11-27 14:25:26 | 00,532,992 | ---- | M] (OldTimer Tools) -- D:\downloads\OTL.exe
PRC - [2009-11-25 23:47:14 | 02,029,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009-11-11 23:04:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-08-12 11:34:17 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-08-12 11:34:16 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009-08-12 11:34:12 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-08-12 11:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-08-12 11:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe
PRC - [2009-08-12 11:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-08-12 11:34:07 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009-07-13 13:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009-07-13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-07-09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-07-02 18:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-07-02 18:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-04-22 16:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009-04-22 16:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-11-13 14:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2008-11-13 14:18:56 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008-04-14 20:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 20:51:50 | 00,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 20:51:44 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 20:51:44 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - 1700 -- C:\WINDOWS\system32\svchost.exe
PRC - 1620 -- C:\WINDOWS\system32\svchost.exe
PRC - 1504 -- C:\WINDOWS\system32\svchost.exe
PRC - 1372 -- C:\WINDOWS\system32\svchost.exe
PRC - 1280 -- C:\WINDOWS\system32\svchost.exe
PRC - [2008-04-14 20:51:40 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 20:51:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 20:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 20:51:12 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 20:51:12 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 20:51:04 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-02-13 07:31:34 | 16,857,600 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2008-01-10 11:49:18 | 00,782,336 | ---- | M] (Era) -- C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe
PRC - [2007-12-14 00:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe
PRC - [2007-11-05 13:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe
PRC - [2007-07-25 14:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007-06-01 09:21:30 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-06-01 09:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007-06-01 09:21:08 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-10-26 23:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2004-06-16 05:03:04 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2002-07-11 13:54:07 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2009-11-27 14:25:26 | 00,532,992 | ---- | M] (OldTimer Tools) -- D:\downloads\OTL.exe
MOD - [2008-04-14 20:51:58 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 20:50:58 | 00,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 20:50:58 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 20:50:58 | 00,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2008-04-14 20:50:58 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 20:50:58 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 20:50:48 | 08,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 20:50:48 | 00,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 20:50:48 | 00,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 20:50:46 | 01,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 20:50:46 | 00,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 20:50:46 | 00,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 20:50:46 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 20:50:46 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 20:50:46 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 20:50:40 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 20:50:40 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-04-14 20:50:38 | 00,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 20:50:36 | 01,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 20:50:34 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 20:50:32 | 00,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 20:50:32 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 20:50:00 | 00,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 20:49:16 | 00,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 20:43:00 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 20:29:10 | 01,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-08-12 11:34:10 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009-08-12 11:34:08 | 01,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8)
SRV - [2009-08-12 11:34:08 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009-07-13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009-07-09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009-07-02 18:04:08 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-07-02 11:12:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008-11-13 14:18:56 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2007-12-14 00:34:52 | 00,415,768 | ---- | M] (RoseCity Software) -- C:\Program Files\DiskMagik\DiskMgkS.exe -- (DiskMgkS)
SRV - [2007-11-05 13:28:10 | 00,204,915 | ---- | M] (Option) -- C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc)
SRV - [2007-07-25 14:50:26 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007-06-01 09:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006-12-01 10:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006-10-26 23:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006-10-26 18:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-08-12 11:34:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-12 11:34:17 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-07-27 01:16:39 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-07-26 23:29:27 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009-07-26 23:29:26 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009-07-26 23:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2009-07-26 23:28:58 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2009-07-21 00:30:04 | 00,281,760 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-07-21 00:30:04 | 00,025,888 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-07-02 18:49:32 | 04,125,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-03-19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008-11-13 14:19:00 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008-04-21 06:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2008-04-13 20:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-13 20:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-14 10:04:06 | 04,676,096 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-01-03 15:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-09-06 14:53:00 | 00,014,848 | ---- | M] (Silicon Laboratories) -- C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1)
DRV - [2007-07-09 13:17:36 | 00,095,744 | ---- | M] (Option NV) -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV - [2007-06-26 12:38:46 | 00,051,968 | ---- | M] (Option N.V.) -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS)
DRV - [2007-03-30 12:38:14 | 00,008,064 | ---- | M] (Option N.V.) -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2005-08-12 09:11:10 | 00,019,020 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)
DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\S-1-5-21-1957994488-1770027372-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-18 13:03:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-11-11 23:04:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-11-11 23:04:44 | 00,000,000 | ---D | M]

[2009-07-26 23:42:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\Extensions
[2009-11-26 21:48:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\extensions
[2009-07-27 14:11:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2009-07-27 01:19:42 | 00,002,395 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\Firefox\Profiles\va2m8yp2.default\searchplugins\daemon-search.xml
[2009-07-26 23:41:58 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-09-30 18:06:59 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
[2006-10-26 19:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009-11-11 23:04:42 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-11-11 23:04:42 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-11-11 23:04:42 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-11-11 23:04:42 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-11-11 23:04:42 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-11-11 23:04:42 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GlobeTrotter Connect.lnk = C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe (Era)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1957994488-1770027372-1801674531-1003\..Trusted Domains: internet ([]about in Internet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-07-20 17:31:38 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{9855b124-cdf7-11de-8322-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]

[2009-11-27 13:59:03 | 00,000,000 | ---D | C] -- C:\$WIN_NT$.~BT
[2009-11-27 13:59:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2009-11-20 12:40:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Moje dokumenty\BioWare
[2009-11-16 15:06:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Pulpit\Marcin
[2009-11-13 18:51:31 | 00,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2009-11-13 18:50:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK
[2009-03-16 13:36:16 | 01,691,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2009-03-16 13:35:46 | 00,525,128 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2009-03-16 13:35:34 | 00,094,024 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]

[2009-11-27 14:32:30 | 04,456,448 | ---- | M] () -- C:\Documents and Settings\Marcin\NTUSER.DAT
[2009-11-27 14:22:21 | 00,348,371 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009-11-27 14:22:06 | 00,068,456 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-11-27 14:21:42 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-11-27 14:21:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-11-27 14:21:36 | 00,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2009-11-27 14:21:34 | 00,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-11-27 14:20:34 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Marcin\ntuser.ini
[2009-11-27 13:59:51 | 00,000,280 | RHS- | M] () -- C:\boot.ini
[2009-11-27 13:56:06 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-11-27 12:13:16 | 45,814,706 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009-11-27 12:13:16 | 00,105,755 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009-11-26 00:12:21 | 00,038,912 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-20 13:34:35 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do DAOriginsLauncher.exe.lnk
[2009-11-18 10:15:09 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2009-11-18 02:56:23 | 00,010,035 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\reading.docx
[2009-11-18 02:56:20 | 00,013,459 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Vocabulary.docx
[2009-11-17 23:59:00 | 00,015,613 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Cloze.docx
[2009-11-13 18:52:31 | 01,096,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-11-13 18:52:31 | 00,493,632 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-11-13 18:52:31 | 00,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-11-13 18:52:31 | 00,084,916 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-11-13 18:52:31 | 00,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-27 13:59:51 | 00,000,211 | -HS- | C] () -- C:\BOOT.BAK
[2009-11-27 13:59:13 | 00,441,248 | R--- | C] () -- C:\txtsetup.sif
[2009-11-27 13:59:13 | 00,262,416 | R--- | C] () -- C:\$LDR$
[2009-11-20 13:34:35 | 00,000,790 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Skrót do DAOriginsLauncher.exe.lnk
[2009-11-18 00:07:49 | 00,010,035 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\reading.docx
[2009-11-17 23:31:24 | 00,015,613 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Cloze.docx
[2009-11-17 23:21:58 | 00,013,459 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Vocabulary.docx
[2009-08-07 18:51:34 | 00,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-08-02 23:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-02 23:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-02 23:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009-07-29 19:32:05 | 00,038,912 | ---- | C] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-27 02:07:48 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-07-27 01:33:21 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009-07-27 01:21:52 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-07-27 01:21:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-07-27 01:21:51 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-27 01:21:51 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-07-27 01:21:51 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-07-27 01:16:39 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-07-21 00:30:04 | 00,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-07-21 00:30:04 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-03-16 13:36:48 | 13,264,160 | ---- | C] () -- C:\Program Files\dxnt.cab
[2009-03-16 13:36:48 | 04,162,622 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2009-03-16 13:36:48 | 01,973,694 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab
[2009-03-16 13:36:48 | 01,906,870 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab
[2009-03-16 13:36:48 | 01,800,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2009-03-16 13:36:48 | 01,794,076 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2009-03-16 13:36:46 | 01,802,050 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2009-03-16 13:36:46 | 01,792,600 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2009-03-16 13:36:46 | 01,769,854 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2009-03-16 13:36:44 | 01,709,352 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2009-03-16 13:36:44 | 01,155,483 | ---- | C] () -- C:\Program Files\BDANT.cab
[2009-03-16 13:36:44 | 01,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2009-03-16 13:36:44 | 01,084,712 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2009-03-16 13:36:42 | 01,350,534 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2009-03-16 13:36:42 | 01,127,209 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2009-03-16 13:36:42 | 01,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2009-03-16 13:36:42 | 01,078,954 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2009-03-16 13:36:42 | 01,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2009-03-16 13:36:42 | 01,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab
[2009-03-16 13:36:42 | 01,064,917 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2009-03-16 13:36:42 | 01,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab
[2009-03-16 13:36:42 | 01,013,217 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2009-03-16 13:36:42 | 00,994,146 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab
[2009-03-16 13:36:40 | 01,607,766 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2009-03-16 13:36:40 | 01,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2009-03-16 13:36:40 | 01,347,346 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2009-03-16 13:36:38 | 01,708,144 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2009-03-16 13:36:38 | 01,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab
[2009-03-16 13:36:38 | 01,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2009-03-16 13:36:38 | 01,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2009-03-16 13:36:38 | 01,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2009-03-16 13:36:38 | 01,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2009-03-16 13:36:38 | 01,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab
[2009-03-16 13:36:38 | 01,464,664 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2009-03-16 13:36:38 | 01,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2009-03-16 13:36:38 | 01,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2009-03-16 13:36:38 | 01,412,894 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2009-03-16 13:36:38 | 01,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2009-03-16 13:36:38 | 01,362,788 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2009-03-16 13:36:38 | 01,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2009-03-16 13:36:38 | 01,335,994 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2009-03-16 13:36:38 | 01,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2009-03-16 13:36:38 | 00,975,148 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2009-03-16 13:36:38 | 00,965,413 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab
[2009-03-16 13:36:38 | 00,916,422 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2009-03-16 13:36:38 | 00,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2009-03-16 13:36:38 | 00,867,604 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2009-03-16 13:36:36 | 00,864,592 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2009-03-16 13:36:36 | 00,852,278 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2009-03-16 13:36:36 | 00,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2009-03-16 13:36:36 | 00,849,159 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2009-03-16 13:36:34 | 00,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2009-03-16 13:36:34 | 00,818,252 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2009-03-16 13:36:34 | 00,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2009-03-16 13:36:34 | 00,796,859 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2009-03-16 13:36:34 | 00,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2009-03-16 13:36:34 | 00,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2009-03-16 13:36:34 | 00,273,990 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab
[2009-03-16 13:36:32 | 00,699,036 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2009-03-16 13:36:32 | 00,695,857 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2009-03-16 13:36:32 | 00,273,203 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab
[2009-03-16 13:36:32 | 00,271,360 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2009-03-16 13:36:32 | 00,269,842 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2009-03-16 13:36:32 | 00,269,620 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2009-03-16 13:36:32 | 00,269,016 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2009-03-16 13:36:30 | 00,275,036 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab
[2009-03-16 13:36:30 | 00,273,010 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab
[2009-03-16 13:36:30 | 00,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2009-03-16 13:36:30 | 00,226,242 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2009-03-16 13:36:30 | 00,212,799 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2009-03-16 13:36:30 | 00,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2009-03-16 13:36:28 | 00,198,088 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2009-03-16 13:36:28 | 00,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2009-03-16 13:36:28 | 00,196,754 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2009-03-16 13:36:28 | 00,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2009-03-16 13:36:28 | 00,180,777 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2009-03-16 13:36:28 | 00,179,125 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2009-03-16 13:36:28 | 00,178,351 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2009-03-16 13:36:26 | 00,195,758 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2009-03-16 13:36:26 | 00,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2009-03-16 13:36:26 | 00,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2009-03-16 13:36:26 | 00,182,895 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2009-03-16 13:36:26 | 00,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2009-03-16 13:36:24 | 00,153,004 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2009-03-16 13:36:24 | 00,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2009-03-16 13:36:24 | 00,147,975 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2009-03-16 13:36:22 | 00,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2009-03-16 13:36:22 | 00,145,591 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2009-03-16 13:36:22 | 00,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2009-03-16 13:36:22 | 00,137,227 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2009-03-16 13:36:20 | 00,133,663 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2009-03-16 13:36:20 | 00,133,095 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2009-03-16 13:36:20 | 00,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2009-03-16 13:36:20 | 00,122,328 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2009-03-16 13:36:20 | 00,121,824 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2009-03-16 13:36:20 | 00,121,746 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab
[2009-03-16 13:36:20 | 00,121,498 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab
[2009-03-16 13:36:20 | 00,121,046 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2009-03-16 13:36:20 | 00,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2009-03-16 13:36:20 | 00,093,726 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2009-03-16 13:36:20 | 00,093,120 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2009-03-16 13:36:20 | 00,093,004 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2009-03-16 13:36:18 | 00,095,296 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2009-03-16 13:36:18 | 00,092,688 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab
[2009-03-16 13:36:16 | 00,092,732 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab
[2009-03-16 13:36:16 | 00,087,134 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2009-03-16 13:36:16 | 00,087,093 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2009-03-16 13:36:16 | 00,086,029 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2009-03-16 13:36:14 | 00,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2009-03-16 13:36:14 | 00,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2009-03-16 13:36:14 | 00,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2009-03-16 13:36:12 | 00,055,110 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab
[2009-03-16 13:36:12 | 00,054,592 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab
[2009-03-16 13:36:12 | 00,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2009-03-16 13:36:12 | 00,046,050 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2009-03-16 13:36:12 | 00,046,002 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2009-03-16 13:36:12 | 00,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2009-03-16 13:36:12 | 00,044,444 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2009-03-16 13:36:12 | 00,021,897 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2009-03-16 13:36:12 | 00,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2009-03-16 13:36:12 | 00,021,836 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab
[2009-03-16 13:36:12 | 00,018,488 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2009-03-16 13:36:10 | 00,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab

[color=#E56717]========== LOP Check ==========[/color]

[2009-07-27 00:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2009-07-27 01:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-07-21 00:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages
[2009-11-13 18:51:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK
[2009-07-27 01:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-07-27 00:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\ATI
[2009-11-26 21:34:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Auslogics
[2009-08-10 11:53:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\DAEMON Tools Lite
[2009-07-27 01:01:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Gadu-Gadu
[2009-07-27 01:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\GARMIN
[2009-07-21 00:35:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\Ubisoft

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:
[code]:Processes
explorer.exe

:OTL
O33 - MountPoints2\{9855b124-cdf7-11de-8322-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\AutoRun\command - "" = F:\ukfbi3aw.exe -- File not found
O33 - MountPoints2\{b0b5ca0e-839e-11de-823d-0021855aba8e}\Shell\open\Command - "" = F:\ukfbi3aw.exe -- File not found

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]
Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie.

Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

skur3byk
komentarz
komentarz

Niestety tym razem nie pomogło:( [ściągnąłem aktualizację do malware]


[log]Malwarebytes' Anti-Malware 1.41
Wersja bazy definicji: 3242
Windows 5.1.2600 Dodatek Service Pack 3

2009-11-27 15:29:25
mbam-log-2009-11-27 (15-29-25).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowane obiekty: 152765
Upłynęło: 10 minute(s), 28 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 0
Zainfekowane wartości rejestru: 0
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 0
Zainfekowane pliki: 0

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
(Nie wykryto groźnych plików)

Zainfekowane wartości rejestru:
(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:
(Nie wykryto groźnych plików)

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
(Nie wykryto groźnych plików)
[/log]

Psycholandia
komentarz
komentarz

Dziwna sprawa, bo w logu nic takiego nie ma, jakby to nie była wina infekcji.
Pobierz Dr.Web LiveCD: http://www.freedrweb.pl/livecd.php wypal na płytę, reset, F11, uruchom z płyty kompa i zeskanuj, usuwając wszystko co znajdzie.

skur3byk
komentarz
komentarz

Zrobiłem jak kazałaś ale nic specjalnego nie znalazł ten dr.web. Problem dalej istnieje więc może to nie infekcja? Ale nie wiem co to by miało być, nie podłączałem ostatnio żadnych nowych kontrolerów ani sprzętów.

Psycholandia
komentarz
komentarz

Skoro wykasowałeś wszystko co podałam wyżej + wszystko ze skanu Dr. Web to prawdopodobnie nie infekcja. Musisz napisać o tym w innym dziale.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.