jarek1994-1994 utworzono 12 października 2009 utworzono 12 października 2009 Proszę o sprawdzenie logów: [log] OTL logfile created on: 2009-10-12 16:54:01 - Run 1 OTL by OldTimer - Version 3.0.20.0 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,50 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 62,50% Memory free 2,11 Gb Paging File | 1,68 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 52,88 Gb Free Space | 54,15% Space Free | Partition Type: NTFS Drive D: | 51,39 Gb Total Space | 15,31 Gb Free Space | 29,79% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SPEED2 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-10-12 16:53:09 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2009-09-11 19:28:01 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-05-14 15:47:08 | 02,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-04-10 19:30:40 | 01,435,488 | ---- | M] (Nullsoft) -- C:\Program Files\winamp\winamp.exe PRC - [2009-04-05 13:38:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-07-22 15:33:38 | 00,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe PRC - [2008-07-22 15:25:05 | 01,528,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2007-12-05 03:41:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2007-09-05 12:20:12 | 00,036,352 | ---- | M] (VisualTaskTips.com) -- C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe PRC - [2007-07-24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007-05-11 03:09:48 | 01,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodag.exe PRC - [2007-05-11 03:08:54 | 02,512,392 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodtray.exe PRC - [2007-04-16 22:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2006-03-04 18:40:30 | 00,882,176 | ---- | M] () -- C:\Programy\Kalendarz XP\Kalendarz.exe PRC - [2005-08-18 01:00:00 | 01,434,112 | ---- | M] (Lavalys, Inc.) -- C:\Programy\EVEREST Home Edition\everest.bin PRC - [2005-07-08 18:24:46 | 00,871,424 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe PRC - [2005-01-19 12:05:48 | 00,221,184 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\System32\LVCOMSX.EXE [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-06-02 10:10:08 | 00,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped]) SRV - [2009-05-14 15:54:22 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped]) SRV - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running]) SRV - [2009-04-05 13:38:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2008-07-22 15:30:47 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset [Auto | Stopped]) SRV - [2008-07-22 13:38:03 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) SRV - [2007-12-05 03:41:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2007-08-24 07:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2007-08-24 04:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2007-07-24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2 [Auto | Running]) SRV - [2007-05-11 03:09:48 | 01,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\System32\oodag.exe -- (O&O Defrag [Auto | Running]) SRV - [2007-04-13 03:21:18 | 00,068,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2007-04-13 03:20:52 | 00,033,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2005-07-08 18:24:46 | 00,871,424 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-08-22 20:25:00 | 00,009,088 | ---- | M] () -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32 [On_Demand | Stopped]) DRV - [2009-06-09 16:04:29 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running]) DRV - [2009-05-14 15:49:32 | 00,094,360 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [System | Running]) DRV - [2009-05-14 15:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv [System | Running]) DRV - [2009-05-14 15:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running]) DRV - [2009-03-19 14:48:18 | 00,136,704 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu [On_Demand | Stopped]) DRV - [2009-03-14 11:35:46 | 00,024,616 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped]) DRV - [2009-03-14 11:35:46 | 00,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggflt.sys -- (ggflt [On_Demand | Stopped]) DRV - [2009-02-09 08:37:46 | 00,022,016 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped]) DRV - [2009-02-09 08:37:46 | 00,017,664 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped]) DRV - [2009-01-21 18:03:55 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2008-07-22 18:19:34 | 00,046,464 | ---- | M] (Silicon Integrated Systems) -- C:\WINDOWS\System32\drivers\SISRAID.sys -- (SISRAID [Boot | Stopped]) DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2008-01-24 23:36:16 | 04,127,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running]) DRV - [2007-12-05 03:41:00 | 07,435,392 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2007-05-11 04:10:50 | 00,034,704 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio [On_Demand | Running]) DRV - [2007-05-09 02:59:40 | 00,036,496 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped]) DRV - [2007-05-02 11:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped]) DRV - [2007-05-02 11:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped]) DRV - [2007-05-02 11:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped]) DRV - [2007-03-05 07:00:04 | 00,027,792 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio [On_Demand | Running]) DRV - [2007-03-05 06:59:04 | 00,018,320 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\DRIVERS\btnetdrv.sys -- (BT [On_Demand | Stopped]) DRV - [2007-03-05 06:57:14 | 00,019,472 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\drivers\VHIDMini.sys -- (VHidMinidrv [On_Demand | Stopped]) DRV - [2007-03-05 06:56:18 | 00,035,600 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr [Boot | Running]) DRV - [2007-03-05 06:55:12 | 00,020,880 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\vbtenum.sys -- (BTHidEnum [Boot | Running]) DRV - [2007-03-05 06:53:18 | 00,044,304 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running]) DRV - [2007-03-05 06:52:18 | 00,034,448 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\DRIVERS\VComm.sys -- (VComm [On_Demand | Running]) DRV - [2006-11-21 23:41:18 | 00,022,416 | ---- | M] (IVT Corporation.) -- C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys -- (BTNetFilter [On_Demand | Stopped]) DRV - [2006-11-10 15:08:50 | 00,024,064 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\ATITool.sys -- (ATITool [System | Running]) DRV - [2006-07-12 11:58:02 | 00,028,672 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm [System | Running]) DRV - [2006-06-19 05:37:34 | 00,036,864 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running]) DRV - [2006-02-14 16:02:56 | 00,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\System32\DRIVERS\sisnicxp.sys -- (SISNICXP [On_Demand | Running]) DRV - [2005-11-03 16:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running]) DRV - [2005-08-18 01:00:00 | 00,007,168 | ---- | M] () -- C:\Programy\EVEREST Home Edition\kerneld.wnt -- (EverestDriver [On_Demand | Running]) DRV - [2005-08-10 14:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running]) DRV - [2005-07-08 18:17:54 | 00,099,584 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running]) DRV - [2005-07-08 18:17:36 | 00,029,696 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys -- (InCDPass [System | Running]) DRV - [2005-05-16 15:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running]) DRV - [2005-01-19 21:14:38 | 00,211,712 | R--- | M] (Labtec Inc.) -- C:\WINDOWS\System32\DRIVERS\LV561AV.SYS -- (PID_0928 [On_Demand | Stopped]) DRV - [2005-01-19 21:11:16 | 00,022,016 | R--- | M] (Labtec Inc.) -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta [On_Demand | Stopped]) DRV - [2001-12-19 12:45:00 | 00,008,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\System\CPL Bonus\Vcdrom.sys -- (vcdrom [System | Running]) DRV - [2001-08-23 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2001-08-23 14:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ IE - HKU\S-1-5-21-1957994488-73586283-1801674531-500\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1957994488-73586283-1801674531-500\S-1-5-21-1957994488-73586283-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.4.0.464 FF - prefs.js..extensions.enabledItems: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}:2.0.0.66311 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-08-03 16:06:33 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-12 20:55:37 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-11 19:28:16 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.14\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009-01-31 11:34:07 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.14\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-01-21 16:26:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions [2009-01-21 16:26:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-10-11 20:57:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ftx8gyhz.default\extensions [2009-06-10 15:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\ftx8gyhz.default\extensions\toolbar@ask.com [2009-01-21 18:07:05 | 00,000,523 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\FireFox\Profiles\ftx8gyhz.default\searchplugins\daemon-search.xml [2009-10-12 16:17:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-09-11 19:28:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-01-22 16:32:37 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2009-01-21 15:04:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2009-04-05 13:39:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-07-19 16:19:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} [2009-09-11 19:27:59 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-11 19:27:59 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-04-05 13:38:55 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-01-22 16:20:22 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll [2009-09-11 19:28:02 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2007-03-22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2009-06-24 14:27:26 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-06-24 14:27:26 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-06-24 14:27:26 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-06-24 14:27:26 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-06-24 14:27:26 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-06-24 14:27:26 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-06-24 14:27:26 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - No CLSID value found. O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE (Labtec Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [OODefragTray] C:\WINDOWS\System32\oodtray.exe (O&O Software GmbH) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKU\.DEFAULT..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\S-1-5-18..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\S-1-5-19..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\S-1-5-20..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\S-1-5-21-1957994488-73586283-1801674531-500..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.DLL (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKU\.DEFAULT\..Trusted Domains: google.com ([mail] https in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-18\..Trusted Domains: google.com ([mail] https in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-19\..Trusted Domains: google.com ([mail] https in Trusted sites) O15 - HKU\S-1-5-19\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-20\..Trusted Domains: google.com ([mail] https in Trusted sites) O15 - HKU\S-1-5-20\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..Trusted Domains: google.com ([mail] https in Trusted sites) O15 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-01-21 14:58:55 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{16f6eff8-189e-11de-a663-001167993afa}\Shell\AutoRun\command - "" = F:\l2f.cmd -- File not found O33 - MountPoints2\{16f6eff8-189e-11de-a663-001167993afa}\Shell\explore\Command - "" = F:\l2f.cmd -- File not found O33 - MountPoints2\{16f6eff8-189e-11de-a663-001167993afa}\Shell\open\Command - "" = F:\l2f.cmd -- File not found O33 - MountPoints2\{8b9411da-923b-11de-a25e-001167993afa}\Shell - "" = AutoRun O33 - MountPoints2\{8b9411da-923b-11de-a25e-001167993afa}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{8b9411dc-923b-11de-a25e-001167993afa}\Shell - "" = AutoRun O33 - MountPoints2\{8b9411dc-923b-11de-a25e-001167993afa}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{8b9411dd-923b-11de-a25e-001167993afa}\Shell - "" = AutoRun O33 - MountPoints2\{8b9411dd-923b-11de-a25e-001167993afa}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH) O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-10-04 13:44:15 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys [2009-10-11 21:19:25 | 00,000,000 | ---D | C] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition [2009-10-12 16:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy [2009-10-12 16:52:46 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2009-10-11 14:52:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\2009_10_11 [2009-10-10 13:51:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Quickoffice.Adobe.Reader.LE.v2.5.131.S60v3.SymbianOS9.1.Unsigned.Cracked.Read.NFO-illusion [2009-10-09 15:04:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\2009_10_09 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [1 C:\WINDOWS\*.tmp files] [2009-10-12 16:53:09 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2009-10-12 16:47:13 | 00,001,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\xp-AntiSpy.lnk [2009-10-12 16:47:00 | 00,355,709 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\xp-AntiSpy_setup-polish.exe [2009-10-12 16:15:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-12 16:15:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-10-12 16:15:16 | 01,694,565 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor [2009-10-12 15:42:54 | 06,481,766 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-12 07:01:00 | 00,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2009-10-11 21:18:45 | 02,676,777 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Rivatuner224c(dobreprogramy.pl).zip [2009-10-11 15:10:39 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\toca.doc [2009-10-10 12:55:15 | 00,688,750 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Lonely.Cat.Games.Jukebox.v2.30.S60v3.SymbianOS9.1.Incl.Keygen-TSRh.rar [2009-10-10 11:36:10 | 00,000,623 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\BMW M3 Challenge.lnk [2009-10-10 08:28:57 | 00,020,225 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\rFactor_[PL]_[ rar]_ _Dodatki[Torrenty.org].torrent [2009-10-09 19:38:59 | 00,002,327 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\F1 Challenge 2007.lnk [2009-10-07 17:44:58 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-10-07 16:44:06 | 27,166,303 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Nowy_Archiwum_WinRAR-a__ZIP_.zip [2009-10-07 16:33:48 | 05,671,874 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Clubland X-Treme Hardcore 5.rar [2009-10-07 16:17:05 | 10,927,4445 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Energy 2000 Mix Vol. 17.rar [2009-10-05 18:38:13 | 03,776,352 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\rusek.jpg [2009-10-04 13:44:45 | 00,000,808 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\EVEREST Corporate Edition.lnk [2009-10-03 12:58:40 | 00,001,648 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims 2 University.lnk [2009-10-03 09:48:51 | 00,001,743 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Osiedlowe życie.lnk [2009-10-03 09:42:18 | 00,001,864 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Młodzieżowy styl Akcesoria.lnk [2009-10-03 09:35:43 | 00,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Cztery pory roku.lnk [2009-10-02 16:48:53 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-09-28 18:20:22 | 00,011,776 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Oceny na semestr.wdb [2009-09-28 18:20:22 | 00,000,510 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\wklnhst.dat [2009-09-28 18:13:28 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-09-27 17:16:49 | 00,008,704 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Oceny na semestr.wps [2009-09-21 19:02:00 | 00,071,360 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-09-21 19:00:00 | 01,140,770 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\skanuj0002.jpg [2009-09-21 18:54:38 | 01,108,147 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\skanuj0001.jpg [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-12 16:47:13 | 00,001,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\xp-AntiSpy.lnk [2009-10-12 16:46:57 | 00,355,709 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\xp-AntiSpy_setup-polish.exe [2009-10-11 21:18:25 | 02,676,777 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Rivatuner224c(dobreprogramy.pl).zip [2009-10-11 15:10:39 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\toca.doc [2009-10-10 12:55:14 | 00,688,750 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Lonely.Cat.Games.Jukebox.v2.30.S60v3.SymbianOS9.1.Incl.Keygen-TSRh.rar [2009-10-10 11:36:10 | 00,000,623 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\BMW M3 Challenge.lnk [2009-10-10 08:28:55 | 00,020,225 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\rFactor_[PL]_[ rar]_ _Dodatki[Torrenty.org].torrent [2009-10-07 16:33:01 | 05,671,874 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Clubland X-Treme Hardcore 5.rar [2009-10-07 16:28:52 | 27,166,303 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Nowy_Archiwum_WinRAR-a__ZIP_.zip [2009-10-07 16:02:44 | 10,927,4445 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Energy 2000 Mix Vol. 17.rar [2009-10-05 18:33:49 | 03,776,352 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\rusek.jpg [2009-10-04 13:44:45 | 00,000,808 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\EVEREST Corporate Edition.lnk [2009-10-03 12:50:44 | 00,001,648 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims 2 University.lnk [2009-10-03 09:48:51 | 00,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Osiedlowe życie.lnk [2009-10-03 09:42:18 | 00,001,864 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Młodzieżowy styl Akcesoria.lnk [2009-10-03 09:35:43 | 00,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Cztery pory roku.lnk [2009-09-27 17:16:13 | 00,008,704 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Oceny na semestr.wps [2009-09-27 16:48:09 | 00,011,776 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Oceny na semestr.wdb [2009-09-21 18:58:34 | 01,140,770 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\skanuj0002.jpg [2009-09-21 18:53:17 | 01,108,147 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\skanuj0001.jpg [2009-08-26 11:28:04 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-08-25 09:47:45 | 00,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2009-08-25 09:47:45 | 00,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\1CBC6D3E8A.sys [2009-06-20 17:15:23 | 00,000,292 | ---- | C] () -- C:\WINDOWS\game.ini [2009-06-09 16:06:27 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-06-09 15:55:35 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-05-30 21:16:40 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-03-17 17:29:24 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2009-03-10 17:11:04 | 00,000,510 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\wklnhst.dat [2009-02-11 17:21:37 | 00,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe [2009-01-23 19:41:44 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-01-23 18:00:47 | 00,071,360 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-01-21 18:03:55 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-01-21 17:04:43 | 00,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2009-01-21 16:03:42 | 06,481,766 | -H-- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-01-21 15:22:26 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-01-21 15:22:26 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-01-21 15:22:26 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-01-21 15:22:26 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-01-21 15:19:08 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-01-21 15:16:16 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2009-01-21 15:11:34 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2009-01-21 15:06:40 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini [2009-01-21 14:52:50 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2009-01-21 14:52:49 | 00,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll [2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2006-11-10 15:08:50 | 00,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys [2001-08-23 14:00:00 | 00,000,983 | ---- | C] () -- C:\WINDOWS\win.ini [2001-08-23 14:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [1999-01-27 14:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll [1997-06-13 08:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll [color=#E56717]========== LOP Check ==========[/color] [2009-09-28 18:20:22 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji [2009-03-15 15:48:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Canon [2009-08-25 09:47:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Corel [2009-02-08 11:49:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Cream Software [2009-01-21 18:07:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools [2009-01-21 18:10:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2009-08-11 14:09:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro [2009-08-26 17:26:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Dev-Cpp [2009-04-05 14:05:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FarmingSimulator2008 [2009-01-21 17:14:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu [2009-03-15 15:57:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2009-01-23 17:31:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mp3DirectCut [2009-08-26 17:27:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\NCH Swift Sound [2009-08-03 16:08:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nokia [2009-02-13 21:08:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Notepad++ [2009-08-02 21:10:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu [2009-08-02 21:13:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM [2009-08-03 16:09:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PC Suite [2009-06-09 16:08:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung [2009-03-11 20:48:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Template [2009-01-31 11:34:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Thunderbird [2009-01-21 15:04:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\URSoft [2009-10-10 08:45:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2009-01-21 14:55:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Xentient [2009-08-26 17:46:36 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-03-17 16:49:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth [2009-01-21 16:55:50 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2009-08-24 21:34:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Corel [2009-01-21 18:07:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-08-26 17:46:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-08-03 16:04:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-09-23 17:25:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-08-03 16:08:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2009-10-10 11:34:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-01-21 15:04:57 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-01-21 15:04:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Notepad++ [2009-01-21 15:04:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\URSoft [2009-01-21 14:53:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\uTorrent [2009-01-21 14:55:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Xentient [2009-01-21 15:08:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-01-21 15:06:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2001-08-23 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-10-12 16:15:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [2009-10-12 07:01:00 | 00,000,250 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report > [/log] I jeszcze jedno. W procesach mam aż 3 procesy oznaczone svchost.exe Co to jest? Dwa z nich to są z systemu, a jeden z usługi sieciowej. Czy przypadkiem nie jest to podejrzane? Pozdrawiam.
Psycholandia komentarz 12 października 2009 komentarz 12 października 2009 1. http://support.microsoft.com/kb/314056/pl 2. W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - No CLSID value found. O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKU\S-1-5-21-1957994488-73586283-1801674531-500\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O33 - MountPoints2\{8b9411da-923b-11de-a25e-001167993afa}\Shell - "" = AutoRun O33 - MountPoints2\{8b9411dc-923b-11de-a25e-001167993afa}\Shell - "" = AutoRun O33 - MountPoints2\{8b9411dd-923b-11de-a25e-001167993afa}\Shell - "" = AutoRun :Files C:\Documents and Settings\All Users\Dane aplikacji\1CBC6D3E8A.sys C:\Program Files\MyGlobalSearch C:\Program Files\Ask.com C:\Program Files\DAEMON Tools Toolbar :Commands [emptytemp] [start explorer] [Reboot][/code] 3. Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. 4. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware) 1
jarek1994-1994 komentarz 12 października 2009 Autor komentarz 12 października 2009 (edytowane) [quote] 3. Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->[b]Następnie kliknij na zapisany plik [/b]i uruchom komputer ponownie. [/quote] Znaczy, że mam to włączyć. Tak?
MarekM25 komentarz 12 października 2009 komentarz 12 października 2009 Masz włączyć notatnik i wkleić tekst i odpowiedni zapisać. Nie rozumiem czego nie rozumiesz
Psycholandia komentarz 12 października 2009 komentarz 12 października 2009 Jak zapiszesz plik to klikasz na TAK w okienku, które wyskoczy
jarek1994-1994 komentarz 13 października 2009 Autor komentarz 13 października 2009 Proszę tu log po skanowaniu malwarem. [log] Wersja bazy definicji: 2775 Windows 5.1.2600 Dodatek Service Pack 3 2009-10-13 16:45:15 mbam-log-2009-10-13 (16-45-15).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowane obiekty: 185606 Upłynęło: 40 minute(s), 9 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 17 Zainfekowane wartości rejestru: 2 Zainfekowane pliki rejestru: 2 Zainfekowane foldery: 0 Zainfekowane pliki: 2 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\myglobalsearchbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\myglobalsearchbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\myglobalsearchbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\myglobalsearchbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{37b85a2a-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{37b85a2c-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ef281620-a3a3-4f08-874f-d68cfc9b7945} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{37b85a20-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. Zainfekowane pliki rejestru: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: C:\Documents and Settings\Administrator\Pulpit\Jarek\sE TOOL\setool2lt.exe (Malware.Packer.T) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Pulpit\Jarek\sE TOOL\PatchWise.bak\setool2lt.exe (Malware.Packer.T) -> Quarantined and deleted successfully. [/log]
MarekM25 komentarz 13 października 2009 komentarz 13 października 2009 No jest dobrze Uruchom otl i wybierz CleanUp. 1
jarek1994-1994 komentarz 13 października 2009 Autor komentarz 13 października 2009 Dzięki wielkie za pomoc Pozdrawiam
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.