x-kom hosting

[Rozwiązany]ubywa mi miejsca na dysku w bardzo szybkim tempie POMOCY

pstryk17
utworzono
utworzono

Witam.
mam problem. Od jakiegoś czasu wyskakuje mi ikonka "mało miejsca na dysku C:" zauważyłem że mam raptem 20MB wolnego miejsca, ale tyle w tym dziwnego że ta wartość ciągle się zmienia. znalazłem gdzie się podziało miejsce na dysku mianowicie "C:\WINDOWS\Temp" w tym folderze tworzą się same po podłączeniu do sieci mojego kompa w momencie uruchomienia oraz pracy z byle jaką przeglądarką przybywają w tym folderze pliki o nazwie
"cch~jakieś literki.htp" później po mojej obserwacji te pliki które tak jak by krążyły w tym folderze zamieniają się w pliki stałe o nazwie PR27.tmp (liczba się zmienia) które zawalają mi miejsce na dysku, początkowo mało a później niektóre pliki mają nawet 1,4Gb. jak wykasuje je unlockerem to miejsce się zwalnia i w momencie podłączenia do sieci mam powtórkę z rozrywki a jak wyłączę kasperskiego to jest ok. Podejrzewam że to jakiś trojan. ale próbowałem już bardzo wielu opcji opisanych na różnych forach i nic.
pomóżcie
log z hijacka


[log]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:42, on 2009-10-03
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Lenovo\Energy Management\utilty.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Program Files\torr\uTorrent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13928&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\pstryk\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utilty.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "E:\Program Files\torr\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6695 bytes[/log]

Psycholandia
komentarz
komentarz

Zaznacz i Fix:
[code]O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKCU\..\Run: [uTorrent] "E:\Program Files\torr\uTorrent.exe"
4 - HKCU\..\Run: [uTorrent] "E:\Program Files\torr\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')[/code]
Odinstaluj:
[b]C:\Program Files\AskBarDis[/b]

Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338

Wyczyść katalog: [b]C:\Documents and Settings\nazwa usera\Ustawienia lokalne\Temp\[/b] i [b]C:\Documents and Settings\nazwa usera\Ustawienia lokalne\Temporary Internet Files\Content.IE5\[/b]
Wyłącz hibernację: [b]Panel Sterowania->Opcje zasilania->zakładka Hibernacja-> odhacz[/b]
Wyłącz przywracanie systemu: [b]Mój Komputer->właściwości->Przywracanie systemu->Ustawienia[/b]
Prawy przycisk myszy na [b]kosz --> właściwości -> Globalne --> Użyj jednego ustawienia, zmień na 2%[/b]
Poczytaj i wykonaj: http://www.forum.tweaks.pl/FAQ-Zwi%EAkszen...owej-t8747.html

  • Dobra wypowiedź 1
pstryk17
komentarz
komentarz (edytowane)

[log]OTL logfile created on: 2009-10-03 13:38:26 - Run 1
OTL by OldTimer - Version 3.0.18.0 Folder = D:\z neta
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 82,98% Memory free
4,00 Gb Paging File | 3,68 Gb Available in Paging File | 92,07% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 20,29 Gb Free Space | 69,28% Space Free | Partition Type: NTFS
Drive D: | 13,67 Gb Total Space | 12,59 Gb Free Space | 92,08% Space Free | Partition Type: NTFS
Drive E: | 132,07 Gb Total Space | 68,09 Gb Free Space | 51,55% Space Free | Partition Type: NTFS
Drive F: | 123,04 Gb Total Space | 80,22 Gb Free Space | 65,20% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPECIAL-XP
Current User Name: pstryk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-05-01 00:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2008-05-28 23:23:00 | 00,342,624 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
PRC - [2007-07-24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe
PRC - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
PRC - [2008-04-02 09:11:24 | 04,456,448 | ---- | M] (Lenovo(Beijing)Limited) -- C:\Program Files\Lenovo\Energy Management\utilty.exe
PRC - [2008-04-10 17:13:22 | 01,282,048 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2008-08-01 06:05:30 | 16,806,912 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2008-05-30 07:12:22 | 01,105,920 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008-05-02 06:15:46 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2009-09-30 11:00:02 | 00,288,048 | ---- | M] (BitTorrent, Inc.) -- E:\Program Files\torr\uTorrent.exe
PRC - [2009-04-10 19:30:40 | 01,435,488 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2009-09-23 14:22:06 | 00,120,120 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Temp\dc68566519\6u77qf.exe
PRC - [2009-08-18 16:38:00 | 02,331,888 | ---- | M] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Temp\dc68566519\qsy2bxp.exe
PRC - [2009-06-15 16:43:12 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-05-02 06:15:43 | 00,087,552 | ---- | M] () -- C:\Program Files\Unlocker\Unlocker.exe
PRC - [2008-05-02 06:15:43 | 00,087,552 | ---- | M] () -- C:\Program Files\Unlocker\Unlocker.exe
PRC - [2008-05-02 06:15:43 | 00,087,552 | ---- | M] () -- C:\Program Files\Unlocker\Unlocker.exe
PRC - [2008-05-02 06:15:43 | 00,087,552 | ---- | M] () -- C:\Program Files\Unlocker\Unlocker.exe
PRC - [2009-10-03 13:32:54 | 00,519,168 | ---- | M] (OldTimer Tools) -- D:\z neta\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-04-02 12:47:04 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade [Auto | Stopped])
SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -- (AVP [Auto | Running])
SRV - [2007-07-24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008-05-28 23:23:00 | 00,342,624 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2006-10-20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009-03-31 09:39:36 | 00,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe -- (FsUsbExService [Disabled | Stopped])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006-10-30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2006-10-30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009-05-01 00:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (nvsvc [Auto | Running])
SRV - [2008-04-07 09:17:30 | 00,430,592 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2008-01-11 14:58:42 | 00,009,472 | ---- | M] (Lenovo Corporation) -- C:\WINDOWS\System32\DRIVERS\AcpiVpc.sys -- (ACPIVPC [On_Demand | Running])
DRV - [2008-03-19 14:26:24 | 00,175,104 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Running])
DRV - [2008-05-22 11:40:30 | 00,991,144 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])
DRV - [2009-03-31 09:39:36 | 00,036,608 | ---- | M] () -- C:\WINDOWS\System32\FsUsbExDisk.SYS -- (FsUsbExDisk [On_Demand | Stopped])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-08-13 07:10:50 | 04,751,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-05-27 22:26:02 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running])
DRV - [2007-12-28 19:51:04 | 00,195,344 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys -- (klif [System | Running])
DRV - [2007-12-13 13:28:40 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])
DRV - [2008-04-28 21:14:54 | 03,626,112 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\NETw5x32.sys -- (NETw5x32 [On_Demand | Running])
DRV - [2009-04-30 22:02:00 | 08,055,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2009-01-22 15:43:56 | 00,046,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvhda32.sys -- (NVHDA [On_Demand | Running])
DRV - [2007-09-17 15:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008-06-24 15:55:12 | 00,047,104 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007-07-30 10:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007-07-30 11:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2001-04-13 19:16:38 | 00,187,992 | ---- | M] (Roland) -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys -- (RVIEG01 [Auto | Running])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008-05-02 08:48:55 | 00,062,208 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112 [Boot | Running])
DRV - [2008-06-11 18:23:12 | 01,097,856 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])
DRV - [2009-05-30 17:58:36 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009-03-20 10:01:26 | 00,090,112 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ss_bbus.sys -- (ss_bbus [On_Demand | Stopped])
DRV - [2009-03-20 10:01:26 | 00,014,976 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys -- (ss_bmdfl [On_Demand | Stopped])
DRV - [2009-03-20 10:01:26 | 00,121,856 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys -- (ss_bmdm [On_Demand | Stopped])
DRV - [2008-05-30 06:57:06 | 00,225,088 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008-01-24 10:08:34 | 00,010,880 | ---- | M] (ITE Tech. Inc. ) -- C:\WINDOWS\System32\DRIVERS\ITEhidCIR.sys -- (vhidmini [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13928&l=dis
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\S-1-5-21-1275210071-1606980848-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\S-1-5-21-1275210071-1606980848-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1004\S-1-5-21-1275210071-1606980848-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-30 11:01:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-01 00:42:41 | 00,000,000 | ---D | M]

[2009-05-30 17:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Extensions
[2009-05-30 17:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-10-02 18:09:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions
[2009-10-01 00:42:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2009-10-01 00:35:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009-09-30 11:58:32 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\pstryk\Dane aplikacji\Mozilla\FireFox\Profiles\1ye5f2yw.default\searchplugins\ask.xml
[2009-10-02 18:09:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-06-15 16:43:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-10-01 00:42:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009-06-15 16:43:11 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-06-15 16:43:12 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-06-15 16:43:20 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\pstryk\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utilty.exe (Lenovo(Beijing)Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003..\Run: [uTorrent] E:\Program Files\torr\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1004..\Run: [RGSC] E:\gry\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-05-27 15:33:30 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{73daf031-5a76-11de-a162-002354399cdb}\Shell\AutoRun\command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{73daf031-5a76-11de-a162-002354399cdb}\Shell\open\Command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{790caecf-4fb0-11de-a136-002354399cdb}\Shell\AutoRun\command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{790caecf-4fb0-11de-a136-002354399cdb}\Shell\open\Command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{8d589912-8665-11de-aa67-00215d3cfae2}\Shell\AutoRun\command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{8d589912-8665-11de-aa67-00215d3cfae2}\Shell\open\Command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{b8bb03a1-4ac6-11de-a10c-c751f950edf9}\Shell\AutoRun\command - "" = H:\2a.exe -- File not found
O33 - MountPoints2\{b8bb03a1-4ac6-11de-a10c-c751f950edf9}\Shell\open\Command - "" = H:\2a.exe -- File not found
O33 - MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\Shell\AutoRun\command - "" = i.cmd
O33 - MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\Shell\open\Command - "" = i.cmd
O33 - MountPoints2\{e766496d-4dfc-11de-a12b-002354399cdb}\Shell\AutoRun\command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{e766496d-4dfc-11de-a12b-002354399cdb}\Shell\open\Command - "" = I:\q9.cmd -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009-09-17 21:48:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-09-17 21:48:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\PC Suite
[2009-09-17 21:44:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\Samsung
[2009-09-30 09:58:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\Sun
[2009-09-30 10:58:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\uTorrent
[2009-09-17 21:32:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2009-09-30 11:01:48 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009-09-30 10:08:38 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009-09-17 21:43:47 | 00,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2009-09-06 15:19:26 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009-09-17 21:43:45 | 00,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2009-09-17 21:43:20 | 00,000,000 | ---D | C] -- C:\Program Files\Samsung
[2009-10-02 18:49:50 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009-10-02 18:43:14 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2009-10-02 18:34:27 | 00,028,160 | ---- | C] (NirSoft) -- C:\WINDOWS\nircmd.exe
[2009-10-02 18:32:20 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009-09-30 10:58:07 | 00,288,048 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\pstryk\Pulpit\utorrent.exe
[2009-09-30 10:22:23 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2009-09-30 10:22:19 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2009-09-30 10:22:18 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2009-09-30 10:22:17 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009-09-30 10:22:16 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2009-09-30 10:22:13 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2009-09-30 10:22:11 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2009-09-30 10:22:09 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2009-09-30 10:22:04 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009-09-30 10:22:04 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009-09-30 10:22:04 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009-09-30 10:22:04 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009-09-30 10:22:03 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009-09-30 10:22:03 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009-09-30 10:22:03 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2009-09-30 10:21:59 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009-09-27 09:51:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Pulpit\Tapety Samsung Avila 720x400 by Siver
[2009-09-17 22:44:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\My Art
[2009-09-17 21:45:18 | 00,090,624 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2009-09-17 21:45:07 | 00,021,632 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2009-09-17 21:44:54 | 00,121,856 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys
[2009-09-17 21:44:54 | 00,090,112 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys
[2009-09-17 21:44:54 | 00,014,976 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwh.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcm.sys
[2009-09-17 21:44:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Samsung_USB_Drivers
[2009-09-17 21:44:30 | 00,233,472 | ---- | C] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
[2009-09-17 21:44:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\My NPS Files
[2009-09-06 16:04:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\Rockstar Games
[2009-09-06 15:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2009-09-06 15:49:11 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009-09-06 15:21:24 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009-09-06 15:21:24 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009-09-06 15:21:23 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009-09-06 15:21:23 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009-09-06 15:21:23 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009-09-06 15:21:23 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009-09-06 15:21:22 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009-09-06 15:21:22 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009-09-06 15:21:21 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009-09-06 15:21:21 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009-09-06 15:21:20 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009-09-06 15:21:19 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009-09-06 15:21:19 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009-09-06 15:21:19 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009-09-06 15:20:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009-09-06 15:19:34 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009-09-06 15:19:34 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009-09-06 15:19:33 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009-09-06 15:19:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009-10-03 13:38:42 | 01,544,736 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009-10-03 13:36:32 | 00,420,896 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009-10-03 13:32:34 | 00,048,158 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009-10-03 12:27:10 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009-10-03 12:20:27 | 00,229,581 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2009-10-03 12:20:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-03 12:20:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-03 12:19:31 | 00,047,720 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009-10-03 10:39:27 | 00,048,158 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009-10-02 18:53:48 | 00,000,163 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\FIX.REG
[2009-10-02 18:49:50 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\HijackThis.lnk
[2009-10-02 17:38:45 | 00,000,663 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\CCleaner.lnk
[2009-10-01 16:44:25 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-01 00:32:16 | 00,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-30 11:00:03 | 00,000,513 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\µTorrent.lnk
[2009-09-30 10:58:23 | 00,288,048 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\pstryk\Pulpit\utorrent.exe
[2009-09-30 10:21:39 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-09-30 09:28:38 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2009-09-30 09:28:38 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2009-09-27 13:14:42 | 00,013,829 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Shakira.jpg
[2009-09-24 21:43:04 | 00,000,809 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Skrót do GovernorofPoker.lnk
[2009-09-24 20:17:39 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-09-24 20:17:39 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-09-24 20:17:39 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009-09-17 22:45:34 | 01,134,406 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Zdjęcie0004.jpg
[2009-09-17 21:44:10 | 00,002,528 | ---- | M] () -- C:\Documents and Settings\pstryk\Dane aplikacji\$_hpcst$.hpc
[2009-09-17 21:43:49 | 00,001,883 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Samsung New PC Studio.lnk
[2009-09-17 20:46:44 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-09-06 15:49:11 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009-09-06 15:12:59 | 00,000,890 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-02 18:53:48 | 00,000,163 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\FIX.REG
[2009-10-02 18:49:50 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\HijackThis.lnk
[2009-10-02 17:38:45 | 00,000,663 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\CCleaner.lnk
[2009-09-30 11:00:03 | 00,000,513 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\µTorrent.lnk
[2009-09-27 09:51:24 | 00,013,829 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Shakira.jpg
[2009-09-24 21:43:04 | 00,000,809 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Skrót do GovernorofPoker.lnk
[2009-09-20 09:47:58 | 04,716,544 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\03 I Love You.mp3
[2009-09-17 22:45:34 | 01,134,406 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Zdjęcie0004.jpg
[2009-09-17 21:44:30 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-09-17 21:44:30 | 00,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-09-17 21:44:10 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\pstryk\Dane aplikacji\$_hpcst$.hpc
[2009-09-17 21:43:49 | 00,001,883 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Samsung New PC Studio.lnk
[2009-09-14 17:20:20 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-09-06 15:12:59 | 00,000,890 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2009-05-31 23:55:46 | 00,000,066 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI
[2009-05-31 13:46:43 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-05-30 17:58:35 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-05-30 17:50:39 | 00,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-05-27 17:24:11 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-05-27 16:19:15 | 00,014,664 | ---- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-05-27 16:10:42 | 06,908,766 | -H-- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-05-27 16:00:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\pstryk\Dane aplikacji\desktop.ini
[2009-05-01 00:31:06 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-05-01 00:31:06 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-05-01 00:31:06 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-05-01 00:31:06 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-22 05:29:06 | 00,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-05-28 23:18:04 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008-05-03 09:24:01 | 00,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007-10-25 17:26:10 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2005-02-17 12:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005-02-17 12:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001-11-14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001-07-22 00:16:20 | 00,000,531 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-17 21:48:43 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-05-30 18:00:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-09-17 21:48:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-05-27 17:24:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-06-18 20:12:23 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\ktoś\Dane aplikacji
[2009-06-02 21:33:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ktoś\Dane aplikacji\Ahead
[2009-06-18 20:12:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ktoś\Dane aplikacji\Thinstall
[2009-05-27 15:43:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2009-05-27 15:35:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2009-09-30 10:58:29 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji
[2009-05-28 13:18:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\Ahead
[2009-05-30 18:01:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\DAEMON Tools
[2009-08-05 22:44:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\DAEMON Tools Lite
[2009-08-11 20:57:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\DAEMON Tools Pro
[2009-06-29 22:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\gtk-2.0
[2009-07-26 20:53:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-17 21:48:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\PC Suite
[2009-09-17 21:44:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\Samsung
[2009-06-15 22:58:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\Thinstall
[2009-10-03 13:39:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\uTorrent
[2009-06-15 13:06:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-10-03 12:20:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O33 - MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\Shell\AutoRun\command - "" = i.cmd
O33 - MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\Shell\open\Command - "" = i.cmd

:Files
C:\Documents and Settings\pstryk\Ustawienia lokalne\Temp\dc68566519\qsy2bxp.exe
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\AskBarDis
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Uruchom OTL i kliknij na CleanUP.

Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]
Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie.

  • Dobra wypowiedź 1
pstryk17
komentarz
komentarz (edytowane)

zrobiłem już wszystko ale nadal wyskakują te pliki
OTL zrzut bieżący


[log]OTL logfile created on: 2009-10-03 14:24:18 - Run 3
OTL by OldTimer - Version 3.0.18.0 Folder = D:\z neta
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 93,74% Memory free
4,00 Gb Paging File | 3,90 Gb Available in Paging File | 97,62% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 20,43 Gb Free Space | 69,74% Space Free | Partition Type: NTFS
Drive D: | 13,67 Gb Total Space | 12,59 Gb Free Space | 92,08% Space Free | Partition Type: NTFS
Drive E: | 132,07 Gb Total Space | 68,09 Gb Free Space | 51,55% Space Free | Partition Type: NTFS
Drive F: | 123,04 Gb Total Space | 80,22 Gb Free Space | 65,20% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPECIAL-XP
Current User Name: pstryk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-05-01 00:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2008-05-28 23:23:00 | 00,342,624 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
PRC - [2007-07-24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe
PRC - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
PRC - [2008-04-02 09:11:24 | 04,456,448 | ---- | M] (Lenovo(Beijing)Limited) -- C:\Program Files\Lenovo\Energy Management\utilty.exe
PRC - [2008-04-10 17:13:22 | 01,282,048 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2008-08-01 06:05:30 | 16,806,912 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2008-05-30 07:12:22 | 01,105,920 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008-05-02 06:15:46 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2009-09-30 11:00:02 | 00,288,048 | ---- | M] (BitTorrent, Inc.) -- E:\Program Files\torr\uTorrent.exe
PRC - [2009-06-15 16:43:12 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-03 13:32:54 | 00,519,168 | ---- | M] (OldTimer Tools) -- D:\z neta\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-04-02 12:47:04 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade [Auto | Stopped])
SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -- (AVP [Auto | Running])
SRV - [2007-07-24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008-05-28 23:23:00 | 00,342,624 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2006-10-20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009-03-31 09:39:36 | 00,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe -- (FsUsbExService [Disabled | Stopped])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006-10-30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2006-10-30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009-05-01 00:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (nvsvc [Auto | Running])
SRV - [2008-04-07 09:17:30 | 00,430,592 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2008-01-11 14:58:42 | 00,009,472 | ---- | M] (Lenovo Corporation) -- C:\WINDOWS\System32\DRIVERS\AcpiVpc.sys -- (ACPIVPC [On_Demand | Running])
DRV - [2008-03-19 14:26:24 | 00,175,104 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Running])
DRV - [2008-05-22 11:40:30 | 00,991,144 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])
DRV - [2009-03-31 09:39:36 | 00,036,608 | ---- | M] () -- C:\WINDOWS\System32\FsUsbExDisk.SYS -- (FsUsbExDisk [On_Demand | Stopped])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-08-13 07:10:50 | 04,751,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-05-27 22:26:02 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running])
DRV - [2007-12-28 19:51:04 | 00,195,344 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys -- (klif [System | Running])
DRV - [2007-12-13 13:28:40 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])
DRV - [2008-04-28 21:14:54 | 03,626,112 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\NETw5x32.sys -- (NETw5x32 [On_Demand | Running])
DRV - [2009-04-30 22:02:00 | 08,055,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2009-01-22 15:43:56 | 00,046,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvhda32.sys -- (NVHDA [On_Demand | Running])
DRV - [2007-09-17 15:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008-06-24 15:55:12 | 00,047,104 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007-07-30 10:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007-07-30 11:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2001-04-13 19:16:38 | 00,187,992 | ---- | M] (Roland) -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys -- (RVIEG01 [Auto | Running])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008-05-02 08:48:55 | 00,062,208 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112 [Boot | Running])
DRV - [2008-06-11 18:23:12 | 01,097,856 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])
DRV - [2009-05-30 17:58:36 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009-03-20 10:01:26 | 00,090,112 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ss_bbus.sys -- (ss_bbus [On_Demand | Stopped])
DRV - [2009-03-20 10:01:26 | 00,014,976 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys -- (ss_bmdfl [On_Demand | Stopped])
DRV - [2009-03-20 10:01:26 | 00,121,856 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys -- (ss_bmdm [On_Demand | Stopped])
DRV - [2008-05-30 06:57:06 | 00,225,088 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008-01-24 10:08:34 | 00,010,880 | ---- | M] (ITE Tech. Inc. ) -- C:\WINDOWS\System32\DRIVERS\ITEhidCIR.sys -- (vhidmini [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13928&l=dis
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-30 11:01:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-01 00:42:41 | 00,000,000 | ---D | M]

[2009-05-30 17:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Extensions
[2009-05-30 17:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-10-02 18:09:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions
[2009-10-01 00:42:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2009-10-01 00:35:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009-09-30 11:58:32 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\pstryk\Dane aplikacji\Mozilla\FireFox\Profiles\1ye5f2yw.default\searchplugins\ask.xml
[2009-10-02 18:09:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-06-15 16:43:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-10-01 00:42:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009-06-15 16:43:11 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-06-15 16:43:12 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-06-15 16:43:20 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\pstryk\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utilty.exe (Lenovo(Beijing)Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [uTorrent] E:\Program Files\torr\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-05-27 15:33:30 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{73daf031-5a76-11de-a162-002354399cdb}\Shell\AutoRun\command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{73daf031-5a76-11de-a162-002354399cdb}\Shell\open\Command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{790caecf-4fb0-11de-a136-002354399cdb}\Shell\AutoRun\command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{790caecf-4fb0-11de-a136-002354399cdb}\Shell\open\Command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{8d589912-8665-11de-aa67-00215d3cfae2}\Shell\AutoRun\command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{8d589912-8665-11de-aa67-00215d3cfae2}\Shell\open\Command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{b8bb03a1-4ac6-11de-a10c-c751f950edf9}\Shell\AutoRun\command - "" = H:\2a.exe -- File not found
O33 - MountPoints2\{b8bb03a1-4ac6-11de-a10c-c751f950edf9}\Shell\open\Command - "" = H:\2a.exe -- File not found
O33 - MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\Shell\AutoRun\command - "" = i.cmd
O33 - MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\Shell\open\Command - "" = i.cmd
O33 - MountPoints2\{e766496d-4dfc-11de-a12b-002354399cdb}\Shell\AutoRun\command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{e766496d-4dfc-11de-a12b-002354399cdb}\Shell\open\Command - "" = I:\q9.cmd -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009-09-17 21:48:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-09-17 21:48:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\PC Suite
[2009-09-17 21:44:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\Samsung
[2009-09-30 09:58:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\Sun
[2009-09-30 10:58:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\uTorrent
[2009-09-17 21:32:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2009-09-30 11:01:48 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009-09-30 10:08:38 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009-09-17 21:43:47 | 00,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2009-09-06 15:19:26 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009-09-17 21:43:45 | 00,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2009-09-17 21:43:20 | 00,000,000 | ---D | C] -- C:\Program Files\Samsung
[2009-10-02 18:49:50 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009-10-02 18:43:14 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2009-10-02 18:34:27 | 00,028,160 | ---- | C] (NirSoft) -- C:\WINDOWS\nircmd.exe
[2009-10-02 18:32:20 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009-09-30 10:58:07 | 00,288,048 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\pstryk\Pulpit\utorrent.exe
[2009-09-30 10:22:23 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2009-09-30 10:22:19 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2009-09-30 10:22:18 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2009-09-30 10:22:17 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009-09-30 10:22:16 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2009-09-30 10:22:13 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2009-09-30 10:22:11 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2009-09-30 10:22:09 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2009-09-30 10:22:04 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009-09-30 10:22:04 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009-09-30 10:22:04 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009-09-30 10:22:04 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009-09-30 10:22:03 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009-09-30 10:22:03 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009-09-30 10:22:03 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2009-09-30 10:21:59 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009-09-27 09:51:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Pulpit\Tapety Samsung Avila 720x400 by Siver
[2009-09-17 22:44:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\My Art
[2009-09-17 21:45:18 | 00,090,624 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2009-09-17 21:45:07 | 00,021,632 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2009-09-17 21:44:54 | 00,121,856 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys
[2009-09-17 21:44:54 | 00,090,112 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys
[2009-09-17 21:44:54 | 00,014,976 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwh.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcm.sys
[2009-09-17 21:44:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Samsung_USB_Drivers
[2009-09-17 21:44:30 | 00,233,472 | ---- | C] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
[2009-09-17 21:44:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\My NPS Files
[2009-09-06 16:04:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\Rockstar Games
[2009-09-06 15:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2009-09-06 15:49:11 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009-09-06 15:21:24 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009-09-06 15:21:24 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009-09-06 15:21:23 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009-09-06 15:21:23 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009-09-06 15:21:23 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009-09-06 15:21:23 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009-09-06 15:21:22 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009-09-06 15:21:22 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009-09-06 15:21:21 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009-09-06 15:21:21 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009-09-06 15:21:20 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009-09-06 15:21:19 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009-09-06 15:21:19 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009-09-06 15:21:19 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009-09-06 15:20:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009-09-06 15:19:34 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009-09-06 15:19:34 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009-09-06 15:19:33 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009-09-06 15:19:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009-10-03 14:24:11 | 00,544,800 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009-10-03 14:23:19 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009-10-03 14:22:09 | 00,229,581 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2009-10-03 14:22:07 | 00,048,158 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009-10-03 14:21:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-03 14:21:42 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-03 14:21:02 | 00,421,408 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009-10-03 14:21:02 | 00,047,888 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009-10-03 14:20:24 | 00,000,126 | ---- | M] () -- C:\fix.reg
[2009-10-03 10:39:27 | 00,048,158 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009-10-02 18:53:48 | 00,000,163 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\FIX.REG
[2009-10-02 18:49:50 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\HijackThis.lnk
[2009-10-02 17:38:45 | 00,000,663 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\CCleaner.lnk
[2009-10-01 16:44:25 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-01 00:32:16 | 00,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-30 11:00:03 | 00,000,513 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\µTorrent.lnk
[2009-09-30 10:58:23 | 00,288,048 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\pstryk\Pulpit\utorrent.exe
[2009-09-30 10:21:39 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-09-30 09:28:38 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2009-09-30 09:28:38 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2009-09-27 13:14:42 | 00,013,829 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Shakira.jpg
[2009-09-24 21:43:04 | 00,000,809 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Skrót do GovernorofPoker.lnk
[2009-09-24 20:17:39 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-09-24 20:17:39 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-09-24 20:17:39 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009-09-17 22:45:34 | 01,134,406 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Zdjęcie0004.jpg
[2009-09-17 21:44:10 | 00,002,528 | ---- | M] () -- C:\Documents and Settings\pstryk\Dane aplikacji\$_hpcst$.hpc
[2009-09-17 21:43:49 | 00,001,883 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Samsung New PC Studio.lnk
[2009-09-17 20:46:44 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-09-06 15:49:11 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009-09-06 15:12:59 | 00,000,890 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-03 14:20:24 | 00,000,126 | ---- | C] () -- C:\fix.reg
[2009-10-02 18:53:48 | 00,000,163 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\FIX.REG
[2009-10-02 18:49:50 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\HijackThis.lnk
[2009-10-02 17:38:45 | 00,000,663 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\CCleaner.lnk
[2009-09-30 11:00:03 | 00,000,513 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\µTorrent.lnk
[2009-09-27 09:51:24 | 00,013,829 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Shakira.jpg
[2009-09-24 21:43:04 | 00,000,809 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Skrót do GovernorofPoker.lnk
[2009-09-20 09:47:58 | 04,716,544 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\03 I Love You.mp3
[2009-09-17 22:45:34 | 01,134,406 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Zdjęcie0004.jpg
[2009-09-17 21:44:30 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-09-17 21:44:30 | 00,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-09-17 21:44:10 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\pstryk\Dane aplikacji\$_hpcst$.hpc
[2009-09-17 21:43:49 | 00,001,883 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Samsung New PC Studio.lnk
[2009-09-14 17:20:20 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-09-06 15:12:59 | 00,000,890 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2009-05-31 23:55:46 | 00,000,066 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI
[2009-05-31 13:46:43 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-05-30 17:58:35 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-05-30 17:50:39 | 00,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-05-27 17:24:11 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-05-27 16:19:15 | 00,014,664 | ---- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-05-27 16:10:42 | 06,908,766 | -H-- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-05-27 16:00:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\pstryk\Dane aplikacji\desktop.ini
[2009-05-01 00:31:06 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-05-01 00:31:06 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-05-01 00:31:06 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-05-01 00:31:06 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-22 05:29:06 | 00,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-05-28 23:18:04 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008-05-03 09:24:01 | 00,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007-10-25 17:26:10 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2005-02-17 12:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005-02-17 12:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001-11-14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001-07-22 00:16:20 | 00,000,531 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
< End of report > [/log]

teraz nie tworzą się te drugie plik tylko są te cch~ ale tylko dwa
to dobrze czy źle??

Psycholandia
komentarz
komentarz

[b]C:\WINDOWS\Temp[/b]
ten katalog możesz opróżnić, w zasadzie ściągnij[url="http://www.dobreprogramy.pl/CCleaner,Program,Windows,13061.html"]Ccleaner[/url] i przeczyść nim komputer, za każdym razem kiedy siedzisz na necie będą się tam tworzyć pliki, tym się nie przejmuj. czyść ccleanerem tylko co jakiś czas.

Nic się nie usunęło z tego o co prosiłam. Wykonaj usuwanie ponownie. Czyli to co poniżej wklejasz w okienko Custom Fix/Scans w OTL
:Processes
explorer.exe

[code]:OTL
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O33 - MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\Shell\AutoRun\command - "" = i.cmd
O33 - MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\Shell\open\Command - "" = i.cmd

:Files
C:\Documents and Settings\pstryk\Ustawienia lokalne\Temp\dc68566519\qsy2bxp.exe
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\AskBarDis
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
i klik na [b]RUN FIX[/b]
po resecie utworzy się log po usuwaniu i dasz go tutaj + nowego loga z OTL

  • Dobra wypowiedź 1
pstryk17
komentarz
komentarz (edytowane)

log po resecie


[log]All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1275210071-1606980848-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d54b34bb-4c19-11de-a121-002354399cdb}\ not found.
File i.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d54b34bb-4c19-11de-a121-002354399cdb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d54b34bb-4c19-11de-a121-002354399cdb}\ not found.
File i.cmd not found.
========== FILES ==========
File\Folder C:\Documents and Settings\pstryk\Ustawienia lokalne\Temp\dc68566519\qsy2bxp.exe not found.
File\Folder C:\Program Files\DAEMON Tools Toolbar not found.
File\Folder C:\Program Files\AskBarDis not found.
File\Folder C:\WINDOWS\Tasks\AppleSoftwareUpdate.job not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: ktoś
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 29616525 bytes
->Apple Safari cache emptied: 149660817 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: pstryk
File delete failed. C:\Documents and Settings\pstryk\Ustawienia lokalne\Temp\etilqs_Q9YTM4yuEzqMzWwYybEZ scheduled to be deleted on reboot.
->Temp folder emptied: 595172 bytes
File delete failed. C:\Documents and Settings\pstryk\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 1544851 bytes
File delete failed. C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
->FireFox cache emptied: 48396872 bytes
->Apple Safari cache emptied: 696784 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder deleted successfully.
%systemroot% .tmp files removed: 2507670 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
Windows Temp folder emptied: 66016 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 222,42 mb


OTL by OldTimer - Version 3.0.18.0 log created on 10032009_164128

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\pstryk\Ustawienia lokalne\Temp\etilqs_Q9YTM4yuEzqMzWwYybEZ not found!
C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1ye5f2yw.default\urlclassifier3.sqlite moved successfully.

Registry entries deleted on Reboot...[/log]

Psycholandia
komentarz
komentarz

Daj loga nowego z OTL

  • Dobra wypowiedź 1
pstryk17
komentarz
komentarz (edytowane)

oto i on. musiałem na chwile odejść od kąpa.


[log]OTL logfile created on: 2009-10-03 17:02:58 - Run 6
OTL by OldTimer - Version 3.0.18.0 Folder = D:\z neta
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 98,95% Memory free
4,00 Gb Paging File | 3,91 Gb Available in Paging File | 97,81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 20,62 Gb Free Space | 70,39% Space Free | Partition Type: NTFS
Drive D: | 13,67 Gb Total Space | 12,55 Gb Free Space | 91,78% Space Free | Partition Type: NTFS
Drive E: | 132,07 Gb Total Space | 63,32 Gb Free Space | 47,94% Space Free | Partition Type: NTFS
Drive F: | 123,04 Gb Total Space | 80,22 Gb Free Space | 65,20% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPECIAL-XP
Current User Name: pstryk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-05-01 00:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2008-05-28 23:23:00 | 00,342,624 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
PRC - [2007-07-24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
PRC - [2008-04-02 09:11:24 | 04,456,448 | ---- | M] (Lenovo(Beijing)Limited) -- C:\Program Files\Lenovo\Energy Management\utilty.exe
PRC - [2008-04-10 17:13:22 | 01,282,048 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2008-08-01 06:05:30 | 16,806,912 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2008-05-30 07:12:22 | 01,105,920 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008-05-02 06:15:46 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2008-12-10 11:02:30 | 00,216,520 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009-06-15 16:43:12 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-03 13:32:54 | 00,519,168 | ---- | M] (OldTimer Tools) -- D:\z neta\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found -- -- (ASKUpgrade [Auto | Stopped])
SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-02-08 18:36:14 | 00,227,856 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -- (AVP [Auto | Running])
SRV - [2007-07-24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008-05-28 23:23:00 | 00,342,624 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2006-10-20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009-03-31 09:39:36 | 00,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe -- (FsUsbExService [Disabled | Stopped])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006-10-30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2006-10-30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009-05-01 00:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (nvsvc [Auto | Running])
SRV - [2008-04-07 09:17:30 | 00,430,592 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2008-01-11 14:58:42 | 00,009,472 | ---- | M] (Lenovo Corporation) -- C:\WINDOWS\System32\DRIVERS\AcpiVpc.sys -- (ACPIVPC [On_Demand | Running])
DRV - [2008-03-19 14:26:24 | 00,175,104 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Running])
DRV - [2008-05-22 11:40:30 | 00,991,144 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])
DRV - [2009-03-31 09:39:36 | 00,036,608 | ---- | M] () -- C:\WINDOWS\System32\FsUsbExDisk.SYS -- (FsUsbExDisk [On_Demand | Stopped])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-08-13 07:10:50 | 04,751,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-05-27 22:26:02 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running])
DRV - [2007-12-28 19:51:04 | 00,195,344 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys -- (klif [System | Running])
DRV - [2007-12-13 13:28:40 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])
DRV - [2008-04-28 21:14:54 | 03,626,112 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\NETw5x32.sys -- (NETw5x32 [On_Demand | Running])
DRV - [2009-04-30 22:02:00 | 08,055,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2009-01-22 15:43:56 | 00,046,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvhda32.sys -- (NVHDA [On_Demand | Running])
DRV - [2007-09-17 15:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008-06-24 15:55:12 | 00,047,104 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007-07-30 10:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007-07-30 11:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2001-04-13 19:16:38 | 00,187,992 | ---- | M] (Roland) -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys -- (RVIEG01 [Auto | Running])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008-05-02 08:48:55 | 00,062,208 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112 [Boot | Running])
DRV - [2008-06-11 18:23:12 | 01,097,856 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])
DRV - [2009-05-30 17:58:36 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009-03-20 10:01:26 | 00,090,112 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ss_bbus.sys -- (ss_bbus [On_Demand | Stopped])
DRV - [2009-03-20 10:01:26 | 00,014,976 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys -- (ss_bmdfl [On_Demand | Stopped])
DRV - [2009-03-20 10:01:26 | 00,121,856 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys -- (ss_bmdm [On_Demand | Stopped])
DRV - [2008-05-30 06:57:06 | 00,225,088 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008-01-24 10:08:34 | 00,010,880 | ---- | M] (ITE Tech. Inc. ) -- C:\WINDOWS\System32\DRIVERS\ITEhidCIR.sys -- (vhidmini [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13928&l=dis
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\S-1-5-21-1275210071-1606980848-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\S-1-5-21-1275210071-1606980848-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-30 11:01:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-01 00:42:41 | 00,000,000 | ---D | M]

[2009-05-30 17:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Extensions
[2009-05-30 17:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-10-02 18:09:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions
[2009-10-01 00:42:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2009-10-01 00:35:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\mozilla\Firefox\Profiles\1ye5f2yw.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009-09-30 11:58:32 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\pstryk\Dane aplikacji\Mozilla\FireFox\Profiles\1ye5f2yw.default\searchplugins\ask.xml
[2009-10-03 16:26:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-06-15 16:43:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-10-01 00:42:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009-06-15 16:43:11 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-06-15 16:43:12 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-06-15 16:43:20 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\pstryk\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utilty.exe (Lenovo(Beijing)Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-1606980848-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-05-27 15:33:30 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{73daf031-5a76-11de-a162-002354399cdb}\Shell\AutoRun\command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{73daf031-5a76-11de-a162-002354399cdb}\Shell\open\Command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{790caecf-4fb0-11de-a136-002354399cdb}\Shell\AutoRun\command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{790caecf-4fb0-11de-a136-002354399cdb}\Shell\open\Command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{8d589912-8665-11de-aa67-00215d3cfae2}\Shell\AutoRun\command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{8d589912-8665-11de-aa67-00215d3cfae2}\Shell\open\Command - "" = I:\i.cmd -- File not found
O33 - MountPoints2\{b8bb03a1-4ac6-11de-a10c-c751f950edf9}\Shell\AutoRun\command - "" = H:\2a.exe -- File not found
O33 - MountPoints2\{b8bb03a1-4ac6-11de-a10c-c751f950edf9}\Shell\open\Command - "" = H:\2a.exe -- File not found
O33 - MountPoints2\{e766496d-4dfc-11de-a12b-002354399cdb}\Shell\AutoRun\command - "" = I:\q9.cmd -- File not found
O33 - MountPoints2\{e766496d-4dfc-11de-a12b-002354399cdb}\Shell\open\Command - "" = I:\q9.cmd -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-09-17 21:48:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-09-17 21:48:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\PC Suite
[2009-09-17 21:44:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\Samsung
[2009-09-30 09:58:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\Sun
[2009-09-30 10:58:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Dane aplikacji\uTorrent
[2009-09-17 21:32:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2009-10-03 16:41:47 | 00,000,000 | ---D | C] -- C:\Program Files\AskBardis
[2009-09-30 10:08:38 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009-09-17 21:43:47 | 00,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2009-09-06 15:19:26 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009-09-17 21:43:45 | 00,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2009-09-17 21:43:20 | 00,000,000 | ---D | C] -- C:\Program Files\Samsung
[2009-10-02 18:49:50 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009-10-02 18:43:14 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2009-10-03 14:51:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\NFS SHIFT
[2009-10-03 14:48:36 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009-10-03 14:48:36 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009-10-03 14:48:35 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009-10-03 14:48:35 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009-10-03 14:48:35 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009-10-03 14:48:34 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009-10-03 14:48:34 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009-10-03 14:48:33 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009-10-03 14:48:33 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009-10-03 14:48:33 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009-10-03 14:48:33 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009-10-03 14:48:33 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009-10-03 14:48:32 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009-10-03 14:48:32 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009-10-03 14:48:31 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009-10-03 14:48:31 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009-10-03 14:48:31 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009-10-03 14:48:30 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009-10-03 14:48:30 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009-10-03 14:48:30 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009-10-02 18:34:27 | 00,028,160 | ---- | C] (NirSoft) -- C:\WINDOWS\nircmd.exe
[2009-10-02 18:32:20 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009-09-30 10:58:07 | 00,288,048 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\pstryk\Pulpit\utorrent.exe
[2009-09-30 10:22:23 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2009-09-30 10:22:19 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2009-09-30 10:22:18 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2009-09-30 10:22:17 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009-09-30 10:22:16 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2009-09-30 10:22:13 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2009-09-30 10:22:11 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2009-09-30 10:22:09 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2009-09-30 10:22:04 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009-09-30 10:22:04 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009-09-30 10:22:04 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009-09-30 10:22:04 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009-09-30 10:22:03 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009-09-30 10:22:03 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009-09-30 10:22:03 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2009-09-30 10:21:59 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009-09-27 09:51:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Pulpit\Tapety Samsung Avila 720x400 by Siver
[2009-09-17 22:44:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\My Art
[2009-09-17 21:45:18 | 00,090,624 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2009-09-17 21:45:07 | 00,021,632 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2009-09-17 21:44:54 | 00,121,856 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys
[2009-09-17 21:44:54 | 00,090,112 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys
[2009-09-17 21:44:54 | 00,014,976 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwh.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys
[2009-09-17 21:44:54 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcm.sys
[2009-09-17 21:44:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Samsung_USB_Drivers
[2009-09-17 21:44:30 | 00,233,472 | ---- | C] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
[2009-09-17 21:44:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\My NPS Files
[2009-09-06 16:04:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pstryk\Moje dokumenty\Rockstar Games
[2009-09-06 15:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2009-09-06 15:49:11 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009-09-06 15:21:24 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009-09-06 15:21:24 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009-09-06 15:21:23 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009-09-06 15:21:23 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009-09-06 15:21:23 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009-09-06 15:21:23 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009-09-06 15:21:22 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009-09-06 15:21:22 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009-09-06 15:21:21 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009-09-06 15:21:21 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009-09-06 15:21:20 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009-09-06 15:21:19 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009-09-06 15:21:19 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009-09-06 15:21:19 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009-09-06 15:20:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009-09-06 15:19:34 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009-09-06 15:19:34 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009-09-06 15:19:33 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009-09-06 15:19:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-10-03 17:02:51 | 00,388,896 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009-10-03 17:01:15 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009-10-03 17:00:58 | 00,229,581 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2009-10-03 17:00:56 | 00,048,158 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009-10-03 16:54:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-03 16:54:06 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-03 16:53:23 | 00,442,144 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009-10-03 16:53:23 | 00,049,832 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009-10-03 14:47:12 | 00,000,638 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Play Need for Speed - Shift.lnk
[2009-10-03 14:20:24 | 00,000,126 | ---- | M] () -- C:\fix.reg
[2009-10-03 10:39:27 | 00,048,158 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009-10-02 18:53:48 | 00,000,163 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\FIX.REG
[2009-10-02 18:49:50 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\HijackThis.lnk
[2009-10-02 17:38:45 | 00,000,663 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\CCleaner.lnk
[2009-10-01 16:44:25 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-01 00:32:16 | 00,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-30 11:00:03 | 00,000,513 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\µTorrent.lnk
[2009-09-30 10:58:23 | 00,288,048 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\pstryk\Pulpit\utorrent.exe
[2009-09-30 10:21:39 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-09-30 09:28:38 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2009-09-30 09:28:38 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2009-09-27 13:14:42 | 00,013,829 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Shakira.jpg
[2009-09-24 21:43:04 | 00,000,809 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Skrót do GovernorofPoker.lnk
[2009-09-24 20:17:39 | 00,000,531 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-09-24 20:17:39 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-09-24 20:17:39 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009-09-17 22:45:34 | 01,134,406 | ---- | M] () -- C:\Documents and Settings\pstryk\Pulpit\Zdjęcie0004.jpg
[2009-09-17 21:44:10 | 00,002,528 | ---- | M] () -- C:\Documents and Settings\pstryk\Dane aplikacji\$_hpcst$.hpc
[2009-09-17 21:43:49 | 00,001,883 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Samsung New PC Studio.lnk
[2009-09-17 20:46:44 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-09-06 15:49:11 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009-09-06 15:12:59 | 00,000,890 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-03 14:47:12 | 00,000,638 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Play Need for Speed - Shift.lnk
[2009-10-03 14:20:24 | 00,000,126 | ---- | C] () -- C:\fix.reg
[2009-10-02 18:53:48 | 00,000,163 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\FIX.REG
[2009-10-02 18:49:50 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\HijackThis.lnk
[2009-10-02 17:38:45 | 00,000,663 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\CCleaner.lnk
[2009-09-30 11:00:03 | 00,000,513 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\µTorrent.lnk
[2009-09-27 09:51:24 | 00,013,829 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Shakira.jpg
[2009-09-24 21:43:04 | 00,000,809 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Skrót do GovernorofPoker.lnk
[2009-09-20 09:47:58 | 04,716,544 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\03 I Love You.mp3
[2009-09-17 22:45:34 | 01,134,406 | ---- | C] () -- C:\Documents and Settings\pstryk\Pulpit\Zdjęcie0004.jpg
[2009-09-17 21:44:30 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-09-17 21:44:30 | 00,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-09-17 21:44:10 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\pstryk\Dane aplikacji\$_hpcst$.hpc
[2009-09-17 21:43:49 | 00,001,883 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Samsung New PC Studio.lnk
[2009-09-14 17:20:20 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-09-06 15:12:59 | 00,000,890 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2009-05-31 23:55:46 | 00,000,066 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI
[2009-05-31 13:46:43 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-05-30 17:58:35 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-05-30 17:50:39 | 00,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-05-27 17:24:11 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-05-27 16:19:15 | 00,014,664 | ---- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-05-27 16:10:42 | 06,908,766 | -H-- | C] () -- C:\Documents and Settings\pstryk\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-05-27 16:00:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\pstryk\Dane aplikacji\desktop.ini
[2009-05-01 00:31:06 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-05-01 00:31:06 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-05-01 00:31:06 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-05-01 00:31:06 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-22 05:29:06 | 00,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-05-28 23:18:04 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008-05-03 09:24:01 | 00,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007-10-25 17:26:10 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2005-02-17 12:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005-02-17 12:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001-11-14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001-07-22 00:16:20 | 00,000,531 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-17 21:48:43 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-05-30 18:00:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-09-17 21:48:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-05-27 17:24:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-06-18 20:12:23 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\ktoś\Dane aplikacji
[2009-06-02 21:33:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ktoś\Dane aplikacji\Ahead
[2009-06-18 20:12:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ktoś\Dane aplikacji\Thinstall
[2009-05-27 15:43:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2009-05-27 15:35:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2009-09-30 10:58:29 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji
[2009-05-28 13:18:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\Ahead
[2009-05-30 18:01:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\DAEMON Tools
[2009-08-05 22:44:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\DAEMON Tools Lite
[2009-08-11 20:57:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\DAEMON Tools Pro
[2009-06-29 22:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\gtk-2.0
[2009-07-26 20:53:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-17 21:48:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\PC Suite
[2009-09-17 21:44:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\Samsung
[2009-06-15 22:58:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\Thinstall
[2009-10-03 14:36:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pstryk\Dane aplikacji\uTorrent
[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-10-03 16:54:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >[/log]

[color="#FF0000"]//Wstawiaj logi w [log] [/ log][/color]

Psycholandia
komentarz
komentarz

Pobierasz Avengera: http://cybertrash.pl/images/tata/Avenger/Avenger.html
W okienko wklejasz poniższy skrypt:

[code]Folders to delete:

C:\Program Files\AskBarDis[/code]
Klik na [b]Execute[/b]. Dajesz powstałego po restarcie loga.

  • Dobra wypowiedź 1
pstryk17
komentarz
komentarz (edytowane)

ok
[log]//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Dodatek Service Pack 3)
Sat Oct 03 17:13:53 2009

17:13:43: Error: Could not set driver ImagePath.
Aborting execution! (error 0: operacja uko?czona pomy?lnie.)


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: folder "C:\Program Files\AskBarDis" not found!
Deletion of folder "C:\Program Files\AskBarDis" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.
[/log]

Psycholandia
komentarz
komentarz

Uruchom OTL i klik na CleanUp.
I jak teraz komputer się ma?

  • Dobra wypowiedź 1
pstryk17
komentarz
komentarz

No miodzio :D
dzięki wielkie.
he trochę mi już głupio ale co było przyczyną i przy pomocy jakiego programu to wywnioskować z logu?

Psycholandia
komentarz
komentarz

Używałeś Ccleanera? On pewnie oczyścił dysk ze zbędnych śmieci.
Miałeś też drobną infekcję.

  • Dobra wypowiedź 1
pstryk17
komentarz
komentarz (edytowane)

Ok. Jeszcze raz wielkie dzięki.
pozdrawiam i polecam sie na przyszłość;-)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.