x-kom hosting

Wirus?

skate02000
utworzono
utworzono

Ostatnio komputer zaczął wolniej chodzić. Zrobiłem pełny skan w Malwarebytes, ale nic nie wykazał. Proszę o sprawdzenie logów.

[log]
OTL logfile created on: 2009-11-10 21:40:41 - Run 2
OTL by OldTimer - Version 3.1.4.0 Folder = E:\
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,35% Memory free
3,85 Gb Paging File | 3,03 Gb Available in Paging File | 78,73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 0,36 Gb Free Space | 1,86% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 21,62 Gb Free Space | 22,14% Space Free | Partition Type: NTFS
Drive E: | 115,69 Gb Total Space | 8,71 Gb Free Space | 7,53% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN-B837C6C20
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-11-10 15:35:31 | 00,528,896 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2009-11-10 14:29:30 | 07,138,304 | ---- | M] (Creative Team S.A.) -- D:\AQQ\AQQ.exe
PRC - [2009-10-29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) -- D:\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009-10-24 09:38:08 | 02,010,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009-10-19 15:50:14 | 00,832,296 | ---- | M] (Opera Software) -- D:\Opera\opera.exe
PRC - [2009-10-16 14:23:31 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009-10-16 14:23:31 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009-10-16 14:23:31 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009-10-16 14:23:31 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009-10-16 14:23:28 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009-08-07 13:23:57 | 00,189,104 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2009-07-20 11:51:52 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-05-16 12:01:20 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-04-30 12:31:12 | 17,881,088 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-03-05 15:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009-02-09 13:18:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-10-25 12:56:23 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008-06-10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008-05-02 02:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008-05-02 02:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008-04-14 18:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- D:\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2005-03-23 15:27:18 | 01,941,504 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
PRC - [2005-03-23 15:24:34 | 02,899,968 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
PRC - [2005-03-23 15:24:34 | 02,899,968 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
PRC - [2003-06-19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-11-10 15:35:31 | 00,528,896 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
MOD - [2009-07-12 00:12:06 | 00,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008-05-02 02:42:50 | 00,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008-05-02 02:38:54 | 00,064,016 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll
MOD - [2008-04-14 18:20:31 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 17:59:08 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-10-29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) -- D:\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009-10-16 14:23:28 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009-08-07 13:23:57 | 00,189,104 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2009-07-20 11:51:52 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-05-16 12:01:20 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009-03-15 15:35:21 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-02-09 13:18:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008-10-25 12:56:23 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008-07-29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-07-29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-07-29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-07-25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-07-25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008-05-02 02:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008-04-14 18:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008-04-14 18:19:53 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\6to4svc.dll -- (6to4)
SRV - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- D:\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-03-23 15:27:18 | 01,941,504 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4)
SRV - [2005-02-09 11:59:00 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
SRV - [2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003-06-19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-10 19:24:34 | 00,025,616 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\temp\RUD60D.tmp -- (GarenaPEngine)
DRV - [2009-10-24 09:38:07 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009-10-16 14:23:43 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-10-16 14:23:43 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-08-30 09:07:02 | 00,281,760 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-08-30 09:07:02 | 00,025,888 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-05-04 16:22:54 | 05,075,968 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009-04-11 12:20:58 | 00,033,824 | ---- | M] () -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2009-02-17 15:37:11 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-02-09 13:18:00 | 06,307,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-12-24 10:45:41 | 00,004,484 | ---- | M] () -- C:\WINDOWS\system32\drivers\cpuidlep.sys -- (cpuidlep)
DRV - [2008-10-27 19:32:50 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-08-14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008-08-05 19:10:12 | 01,684,736 | ---- | M] (Creative) -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008-06-20 12:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008-04-13 19:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008-04-13 19:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008-04-13 19:46:10 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008-04-13 17:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-03-21 21:30:04 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-03-20 15:39:04 | 00,021,672 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008-03-20 15:39:04 | 00,013,352 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008-02-29 03:13:46 | 00,028,944 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008-02-29 03:13:24 | 00,036,880 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008-02-29 03:13:16 | 00,035,344 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008-02-29 03:12:48 | 00,020,240 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007-11-13 11:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-09-21 03:10:54 | 00,078,992 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007-09-21 03:10:26 | 00,063,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007-07-04 15:27:24 | 00,065,604 | ---- | M] () -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys -- (WRSWanDD)
DRV - [2007-01-04 09:07:00 | 00,171,520 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006-12-01 14:23:58 | 00,392,122 | ---- | M] (Vimicro Corporation) -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303)
DRV - [2006-11-22 07:01:00 | 00,250,496 | ---- | M] (Marvell) -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006-04-25 10:57:42 | 00,428,160 | ---- | M] (Vimicro Corporation) -- C:\WINDOWS\system32\drivers\vmfilter303.sys -- (vmfilter303)
DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006-01-04 14:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005-03-21 14:39:16 | 00,270,336 | ---- | M] (Kerio Technologies) -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-484763869-606747145-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-484763869-606747145-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-484763869-606747145-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
IE - HKU\S-1-5-21-484763869-606747145-839522115-1004\S-1-5-21-484763869-606747145-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484763869-606747145-839522115-1004\S-1-5-21-484763869-606747145-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "wp.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.696
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.29
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.3
FF - prefs.js..extensions.enabledItems: {04426594-bce6-4705-b811-bcdba2fd9c7b}:0.92
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:3.22
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.01
FF - prefs.js..extensions.enabledItems: {e3f6c2cc-d8db-498c-af6c-499fb211db97}:1.2
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 8
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090918
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..extensions.enabledItems: {a78f0ac6-753b-491b-9021-cd2aec3502d9}:3.5
FF - prefs.js..network.proxy.http: "62.87.244.34"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-03 07:03:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009-10-24 14:22:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-11-07 18:50:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-11-07 18:50:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009-10-13 22:00:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009-06-30 11:56:35 | 00,000,000 | ---D | M]

[2009-04-11 16:00:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2009-04-11 16:00:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
[2009-02-25 20:35:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-11-09 19:52:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions
[2009-05-08 13:51:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}
[2009-10-04 15:23:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009-05-27 15:23:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009-10-28 22:20:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2009-10-04 15:23:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009-10-04 15:23:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009-07-17 11:53:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{a78f0ac6-753b-491b-9021-cd2aec3502d9}
[2009-08-04 14:12:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2009-08-14 18:25:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-08-12 15:52:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2009-08-04 14:12:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2009-10-04 15:22:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009-08-28 14:55:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2009-08-28 14:55:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}-trash
[2009-10-04 15:23:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009-09-03 07:04:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009-08-04 14:12:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009-10-04 15:23:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\firebug@software.joehewitt.com
[2009-09-27 18:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\firefox@tvunetworks.com
[2009-10-04 15:23:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\kosa@kallout.com
[2009-09-08 14:54:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\sharing@addons.mozilla.org
[2009-05-03 19:55:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\extensions\zrzuta@klachoo.net
[2009-05-03 19:55:11 | 00,001,972 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\searchplugins\wrzuta.xml
[2009-11-07 19:13:24 | 00,001,264 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\lpiyfg3x.default\searchplugins\zgapa---wypracowania.xml
[2009-11-09 19:03:39 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-11-07 18:50:26 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-08-24 09:16:37 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-06-22 14:08:12 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-11-07 18:50:26 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009-11-07 18:50:26 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009-05-01 22:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2007-04-10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009-07-25 04:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009-05-12 19:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009-05-18 23:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2009-05-25 14:58:53 | 00,024,576 | ---- | M] (My Global Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
[2009-11-07 18:50:27 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007-03-22 18:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2008-10-14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009-05-30 12:41:51 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009-05-30 12:41:51 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009-05-30 12:41:51 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009-05-30 12:41:51 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009-05-30 12:41:52 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009-05-30 12:41:52 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009-05-30 12:41:52 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009-05-01 22:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2009-10-28 22:15:22 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-10-28 22:15:22 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-28 22:15:22 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009-10-28 22:15:22 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-10-28 22:15:22 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-10-28 22:15:22 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-10-28 22:15:22 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (346444 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11904 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DWABrowserHlprObj Class) - {2709D830-B643-4e72-9A1E-701CFFFCF30C} - C:\WINDOWS\system32\dwabho.dll (IBM Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\admin\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] D:\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-484763869-606747145-839522115-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-484763869-606747145-839522115-1004..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-484763869-606747145-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-484763869-606747145-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-484763869-606747145-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-484763869-606747145-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-484763869-606747145-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-484763869-606747145-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-21-484763869-606747145-839522115-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-484763869-606747145-839522115-1004\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} https://webmail.strazgraniczna.pl/dwa8W.cab (Domino Web Access 8 Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-06-27 21:07:38 | 00,000,067 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d849ea2b-30f9-11de-a6de-00508dbd4395}\Shell - "" = Autorun
O33 - MountPoints2\{d849ea2b-30f9-11de-a6de-00508dbd4395}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 18:21:39 | 00,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{f364fe6c-1001-11de-a62b-00508dbd4395}\Shell - "" = AutoRun
O33 - MountPoints2\{f364fe6c-1001-11de-a62b-00508dbd4395}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-11-10 17:26:02 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\admin\Recent
[2009-11-10 15:41:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes
[2009-11-10 15:40:54 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-11-10 15:40:53 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-11-10 15:40:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2009-10-31 10:28:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\javame-sdk
[2009-10-31 10:26:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\.m2
[2009-10-31 10:26:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\.netbeans-derby
[2009-10-31 10:24:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\.netbeans-registration
[2009-10-31 10:24:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\.netbeans
[2009-10-31 10:24:31 | 00,000,000 | ---D | C] -- C:\Program Files\sges-v3-prelude
[2009-10-31 10:23:03 | 00,000,000 | ---D | C] -- C:\Sun
[2009-10-31 10:16:50 | 00,000,000 | ---D | C] -- C:\Program Files\Sun
[2009-10-31 00:00:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\GetRightToGo
[2009-10-30 23:58:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\.jarExplorer
[2009-10-30 23:55:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Pobieranie
[2009-10-30 23:50:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ArmDic
[2009-10-29 21:22:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\w980_for_K850_beta_3_by_Luhcass_(loud)
[2009-10-28 08:34:48 | 00,000,000 | ---D | C] -- C:\Program Files\CS
[2009-10-26 17:12:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Nero
[2009-10-26 17:06:15 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2009-10-26 17:06:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2009-10-26 17:06:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero
[2009-10-26 15:10:30 | 00,000,000 | ---D | C] -- C:\Spybot - Search & Destroy
[2009-10-16 14:23:57 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009-10-16 14:23:47 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009-10-16 14:23:46 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009-10-16 14:23:43 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009-10-16 14:23:43 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009-10-16 14:23:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009-10-16 14:23:26 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009-10-16 14:23:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2009-10-14 09:37:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-11-10 15:40:59 | 00,000,474 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-10 15:39:03 | 00,000,408 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\AQQ.lnk
[2009-11-10 15:30:13 | 00,206,323 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-11-10 15:30:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-11-10 15:29:59 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-11-10 14:50:39 | 13,631,488 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT
[2009-11-10 14:38:36 | 00,466,964 | ---- | M] () -- C:\WINDOWS\System32\prfh0415.dat
[2009-11-10 14:38:36 | 00,443,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-11-10 14:38:36 | 00,082,840 | ---- | M] () -- C:\WINDOWS\System32\prfc0415.dat
[2009-11-10 14:38:36 | 00,071,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-11-09 23:15:17 | 00,000,292 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini
[2009-11-09 23:15:07 | 05,826,562 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-11-09 21:58:34 | 01,556,085 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\DSC03261.JPG
[2009-11-09 20:43:05 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-11-09 20:42:31 | 00,000,265 | RHS- | M] () -- C:\boot.ini
[2009-11-09 20:36:12 | 02,271,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-11-09 20:07:30 | 00,001,099 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-11-09 20:07:30 | 00,000,277 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-11-09 20:03:19 | 00,054,720 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-11-09 15:31:12 | 44,834,641 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009-11-09 15:30:54 | 00,087,129 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009-11-08 15:27:18 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-08 15:26:20 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2009-11-08 14:03:04 | 00,000,475 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Filmpex Cinema Player.lnk
[2009-11-06 18:55:30 | 00,222,208 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-05 15:46:11 | 00,525,294 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-11-05 15:46:11 | 00,099,234 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-11-05 15:45:33 | 00,000,011 | R--- | M] () -- C:\WINDOWS\amunres.lsl
[2009-11-02 22:36:03 | 00,000,350 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\dokumenty.lnk
[2009-11-01 15:41:21 | 00,000,711 | ---- | M] () -- C:\WINDOWS\M3JPEG.INI
[2009-10-31 15:08:44 | 00,001,975 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DJ Java Decompiler 3.9.lnk
[2009-10-31 10:24:29 | 00,000,120 | ---- | M] () -- C:\Documents and Settings\admin\.asadminpass
[2009-10-31 10:24:17 | 00,000,807 | ---- | M] () -- C:\Documents and Settings\admin\.asadmintruststore
[2009-10-31 10:19:31 | 00,000,658 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NetBeans IDE 6.7.1.lnk
[2009-10-31 10:16:25 | 01,187,354 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-10-29 15:30:53 | 00,000,410 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2009-10-28 14:42:53 | 19,421,476 | ---- | M] () -- C:\WINDOWS\System32\crashlog.tar.gz
[2009-10-28 08:50:35 | 00,000,863 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009-10-26 17:06:37 | 00,002,351 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2009-10-25 19:18:26 | 00,105,703 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\zad3.jpg
[2009-10-24 20:09:06 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Spybot - Search & Destroy.lnk
[2009-10-24 20:01:16 | 00,346,444 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009-10-24 17:50:39 | 00,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-10-24 09:38:07 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009-10-18 14:29:40 | 00,002,855 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Skrót do Turbo Pascal.pif
[2009-10-16 14:23:47 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009-10-16 14:23:47 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk
[2009-10-16 14:23:43 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009-10-16 14:23:43 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009-10-16 14:23:43 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009-10-16 14:23:37 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009-10-16 14:23:37 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009-10-16 12:44:56 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-10 15:40:59 | 00,000,474 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-09 22:00:42 | 01,556,085 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\DSC03261.JPG
[2009-11-08 14:03:04 | 00,000,475 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Filmpex Cinema Player.lnk
[2009-11-05 15:45:33 | 00,000,011 | R--- | C] () -- C:\WINDOWS\amunres.lsl
[2009-11-02 22:36:03 | 00,000,350 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\dokumenty.lnk
[2009-10-31 10:24:29 | 00,000,120 | ---- | C] () -- C:\Documents and Settings\admin\.asadminpass
[2009-10-31 10:24:17 | 00,000,807 | ---- | C] () -- C:\Documents and Settings\admin\.asadmintruststore
[2009-10-31 10:19:31 | 00,000,658 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NetBeans IDE 6.7.1.lnk
[2009-10-31 00:01:38 | 00,001,975 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DJ Java Decompiler 3.9.lnk
[2009-10-28 14:42:48 | 19,421,476 | ---- | C] () -- C:\WINDOWS\System32\crashlog.tar.gz
[2009-10-28 08:50:32 | 00,000,863 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009-10-26 17:06:37 | 00,002,351 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2009-10-25 19:18:26 | 00,105,703 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\zad3.jpg
[2009-10-18 14:29:40 | 00,002,855 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Skrót do Turbo Pascal.pif
[2009-10-16 14:23:47 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk
[2009-10-16 14:23:43 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009-10-16 14:23:37 | 44,834,641 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009-10-16 14:23:37 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009-10-16 14:23:37 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009-10-16 14:23:37 | 00,087,129 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009-07-26 12:32:14 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-07-26 12:31:35 | 00,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll
[2009-07-26 12:31:04 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2009-07-26 12:28:50 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009-07-26 12:28:45 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009-07-26 11:06:24 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-07-26 11:06:21 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-26 11:06:20 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-07-26 11:06:20 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-06-04 19:44:31 | 00,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2009-02-14 10:11:01 | 00,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-02-14 10:11:01 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-02-08 20:24:39 | 00,000,055 | ---- | C] () -- C:\WINDOWS\videotoaudio.ini
[2009-01-19 20:26:54 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009-01-19 20:26:54 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2009-01-19 20:26:54 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009-01-19 20:26:54 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009-01-11 15:27:51 | 05,826,562 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2008-12-24 10:45:41 | 00,004,484 | ---- | C] () -- C:\WINDOWS\System32\drivers\cpuidlep.sys
[2008-10-31 19:35:37 | 00,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2008-10-31 19:35:37 | 00,000,491 | ---- | C] () -- C:\WINDOWS\Instit.ini
[2008-10-08 15:23:18 | 00,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-08-26 17:15:28 | 00,065,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoETNic2000.sys
[2008-08-26 17:06:19 | 00,052,214 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoET2000.sys
[2008-07-15 20:36:05 | 00,000,087 | ---- | C] () -- C:\WINDOWS\dswplug.ini
[2008-07-15 20:35:59 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\mplaw7.dll
[2008-07-15 20:35:59 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\mplaa6.dll
[2008-07-15 20:35:59 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\mplam6.dll
[2008-07-15 20:35:59 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008-07-05 21:55:51 | 00,089,088 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2008-07-05 21:55:37 | 00,046,592 | ---- | C] () -- C:\WINDOWS\System32\shellses.dll
[2008-07-05 21:54:30 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008-06-28 09:47:35 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2008-06-27 21:19:25 | 00,000,024 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\__FileUploader.log
[2008-06-27 21:09:40 | 00,000,130 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2008-06-27 21:07:37 | 00,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2008-06-27 21:07:37 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2008-06-27 21:07:37 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2008-06-27 21:07:37 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2008-06-27 21:07:37 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2008-06-19 11:12:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2008-05-31 20:09:03 | 00,222,208 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-05-30 17:50:18 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-05-30 13:40:10 | 00,000,040 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini
[2008-05-18 17:13:04 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-05-09 00:12:48 | 00,139,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-05-09 00:12:48 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\PnkBstrK.sys
[2008-05-09 00:01:27 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2008-05-08 22:36:27 | 00,352,256 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2008-05-08 22:36:27 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2008-05-08 22:36:27 | 00,000,711 | ---- | C] () -- C:\WINDOWS\M3JPEG.INI
[2008-05-08 22:36:26 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2008-05-08 22:36:26 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\oggDS.dll
[2008-05-08 22:36:26 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008-05-08 22:16:50 | 00,054,720 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2008-05-08 22:16:27 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini
[2008-05-08 19:03:54 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-05-04 17:08:49 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL
[2007-12-04 18:41:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007-12-04 18:41:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007-12-04 18:41:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007-12-04 18:41:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007-12-04 18:41:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-06-29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006-06-29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-04-18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-03-02 13:00:00 | 00,001,099 | ---- | C] () -- C:\WINDOWS\win.ini
[2006-03-02 13:00:00 | 00,000,277 | ---- | C] () -- C:\WINDOWS\system.ini
[2004-01-09 16:47:56 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\avisynth_c.dll
[2003-04-08 10:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000-07-22 15:49:46 | 00,431,104 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[1996-04-03 20:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-02-08 14:33:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Aleo Software
[2009-11-08 15:28:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\BitTorrent
[2009-04-11 16:00:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Broad Intelligence
[2008-10-20 09:10:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Cool Record Edit Pro
[2009-06-05 13:31:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Cream Software
[2008-05-30 17:50:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\DAEMON Tools
[2008-12-26 18:55:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\DNA
[2008-05-17 09:48:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Documents and Settings
[2009-08-12 09:38:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\EurekaLog
[2009-11-05 21:47:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\FileZilla
[2009-10-04 00:29:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\foobar2000
[2009-06-02 14:38:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Foxit
[2008-10-20 09:07:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Free Sound Recorder
[2009-09-04 13:07:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\fretsonfire
[2008-05-08 19:22:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu
[2009-01-09 19:54:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\GanymedeNet
[2009-10-31 00:01:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\GetRightToGo
[2008-12-06 18:57:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ipla
[2009-02-07 18:58:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\IrfanView
[2008-11-06 15:22:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Leadertech
[2009-01-19 10:00:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Lingoes
[2009-02-10 07:35:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Moje pliki Bitwy o Śródziemie™ II
[2009-05-04 21:40:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mumble
[2009-02-09 18:22:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Nowe Gadu-Gadu
[2008-12-12 16:20:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Opera
[2009-10-19 21:52:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\proDAD
[2009-01-10 19:52:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Publish Providers
[2009-06-17 19:12:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Qrix
[2009-02-16 11:45:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Simply Super Software
[2009-01-10 19:52:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Sony
[2008-08-27 09:50:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Thunderbird
[2009-05-31 18:55:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Tibia
[2009-08-30 09:08:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Ubisoft
[2008-10-17 12:32:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Ulead Systems
[2009-01-11 15:01:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ViStart
[2009-01-11 15:55:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Windows Search
[2009-10-21 21:40:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2009-10-03 14:02:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2008-12-06 18:57:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2008-10-06 19:45:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
[2008-06-27 21:12:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2008-06-27 21:12:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio
[2008-12-29 20:19:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SecTaskMan
[2009-08-26 09:43:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-08-14 12:38:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2009-10-27 11:57:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2006-03-02 13:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-11-10 15:30:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:408F95E5
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:2AD56BE7
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9
< End of report >

[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O4 - HKLM..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE File not found
O4 - HKU\S-1-5-21-484763869-606747145-839522115-1004..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe File not found
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O33 - MountPoints2\{d849ea2b-30f9-11de-a6de-00508dbd4395}\Shell - "" = Autorun
O33 - MountPoints2\{d849ea2b-30f9-11de-a6de-00508dbd4395}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 18:21:39 | 00,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{f364fe6c-1001-11de-a62b-00508dbd4395}\Shell - "" = AutoRun
O33 - MountPoints2\{f364fe6c-1001-11de-a62b-00508dbd4395}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]
Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie.

Wykonaj optymalizację: http://www.forumpc.pl/index.php?showtopic=17478

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.