aguska1 utworzono 19 listopada 2009 utworzono 19 listopada 2009 (edytowane) Dzisiaj nagle zaniknął mi dźwięk na komputerze. Bardzo proszę o sprawdzenie logu z combofixa [log] http://www.wklej.org/id/210573/ [/ log]
Psycholandia komentarz 19 listopada 2009 komentarz 19 listopada 2009 [color="#FF0000"][quote]1. Aby wygenerować log użyj programu OTListIt2 lub Random's System Information Tool. Warto również zamieścić log z programu GMER lub DDS. Nie umieszczaj logów z programu HiJackThis oraz Sillient Runners. 2. Nie używaj bez potrzeby programu ComboFix (jeżeli nie dostaniesz wyraźnego polecenia). To potężne narzędzie o mocnej sile rażenia i nie właściwie stosowane może przynieść nieoczekiwane skutki.[/quote][/color] Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338
darexD komentarz 20 listopada 2009 komentarz 20 listopada 2009 Może sterowniki ?? starsze ... podaj konf. ... instalowałeś coś ostatnio ?
Psycholandia komentarz 20 listopada 2009 komentarz 20 listopada 2009 [size="4"][color="#FF0000"]a to czytaliście: http://www.forumpc.pl/index.php?showtopic=134231 ?[/color][/size]
aguska1 komentarz 20 listopada 2009 Autor komentarz 20 listopada 2009 (edytowane) Komputer: System operacyjny Microsoft Windows XP Professional Dodatek service pack systemu operacyjnego Dodatek Service Pack 2 DirectX 4.09.00.0904 (DirectX 9.0c) Nazwa komputera ATDOM Nazwa użytkownika admin Płyta główna: Typ procesora AMD Athlon 64, 2200 MHz (11 x 200) 3500+ Nazwa płyty głównej Nieznane Mikroukład płyty głównej nVIDIA nForce4, AMD Hammer Pamięć fizyczna 1024 MB (PC3200 DDR SDRAM) Typ BIOS'u Award (09/13/05) Port komunikacyjny Port komunikacyjny (COM1) Port komunikacyjny Port drukarki ECP (LPT1) Ekran: Karta wideo GeForce 6800 GT (256 MB) Karta wideo NVIDIA GeForce 6800 Series GPU (256 MB) Akcelerator 3D nVIDIA GeForce 6800 PCI-E Series Monitor Monitor Plug and Play [NoDB] (HMEYC02851) Multimedia: Karta dźwiękowa nVIDIA MCP04 - Audio Codec Interface Tak 2 tygodnie temu zmieniany był zasilacz na 400 w hipro oraz dokładany dodatkowy dysk hdd seagate 500gb sata, potem za jakieś 3 dni instalowany quek czy coś takiego gra przez nternet, fire fox i msn. Po skanowaniu awastem wyrzuciłam 6 malwarów a jak chciałam przeskanować jeszcze dodatkowo przez arcabit dźwięk zanikł w połowie skanowania. Acha jeszcze przy tym mam problem taki, że po wyłączeniu komputera on sam się włączył.
aguska1 komentarz 20 listopada 2009 Autor komentarz 20 listopada 2009 [log]OTL logfile created on: 2009-11-19 23:38:00 - Run 1 OTL by OldTimer - Version 3.1.6.0 Folder = C:\Program Files Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 562,84 Mb Available Physical Memory | 54,99% Memory free 2,40 Gb Paging File | 1,92 Gb Available in Paging File | 79,97% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,52 Gb Total Space | 7,53 Gb Free Space | 38,56% Space Free | Partition Type: FAT32 Drive D: | 48,83 Gb Total Space | 1,31 Gb Free Space | 2,68% Space Free | Partition Type: NTFS Drive E: | 117,94 Gb Total Space | 6,62 Gb Free Space | 5,61% Space Free | Partition Type: NTFS Drive F: | 687,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 156,25 Gb Total Space | 156,14 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Drive H: | 146,48 Gb Total Space | 146,42 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Drive I: | 163,03 Gb Total Space | 151,07 Gb Free Space | 92,67% Space Free | Partition Type: NTFS Computer Name: ATDOM Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe PRC - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe PRC - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-08-17 18:07:24 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-08-17 18:07:18 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-08-17 17:58:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-04-08 12:38:14 | 00,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2008-08-04 00:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe PRC - [2008-05-06 21:56:44 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe PRC - [2008-05-06 19:42:00 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008-05-06 11:28:50 | 01,800,048 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\Update.exe PRC - [2008-04-17 14:19:02 | 01,017,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe PRC - [2008-04-10 15:14:30 | 01,107,848 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe PRC - [2008-04-10 15:14:26 | 00,337,800 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe PRC - [2008-03-20 12:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2008-02-22 04:25:22 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe PRC - [2008-02-22 04:25:20 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe PRC - [2007-06-13 15:23:50 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-05-08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-07-31 11:45:10 | 00,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006-07-31 11:42:58 | 00,876,544 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe PRC - [2006-02-24 11:58:14 | 00,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe PRC - [2005-10-26 16:17:24 | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe PRC - [2005-08-10 07:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe PRC - [2005-06-08 16:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe PRC - [2005-05-12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2005-05-11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2004-11-02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2004-10-13 18:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2004-08-03 23:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe MOD - [2006-12-21 14:30:44 | 00,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll MOD - [2006-08-25 17:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004-08-04 00:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB) SRV - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-08-17 18:07:18 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-08-17 18:07:02 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-08-17 18:04:22 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-08-17 17:58:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-04-29 23:58:14 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2008-04-17 14:19:02 | 01,017,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService) SRV - [2008-04-10 15:14:26 | 00,337,800 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService) SRV - [2006-07-31 13:18:10 | 00,720,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state) SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2009-08-17 18:06:44 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009-08-17 18:05:38 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-08-17 18:04:30 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-08-17 18:03:22 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2008-02-01 11:55:52 | 00,042,376 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec) DRV - [2007-12-10 13:53:28 | 00,081,288 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec) DRV - [2007-12-10 13:53:28 | 00,066,952 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt) DRV - [2007-11-13 12:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2005-07-15 10:40:36 | 03,640,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2005-06-03 13:47:06 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2005-06-03 13:47:04 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2005-06-03 13:47:00 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2005-06-03 13:46:58 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2005-06-03 13:46:52 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) DRV - [2005-05-17 10:45:08 | 00,092,800 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-04-05 20:22:30 | 00,012,928 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-04-05 20:22:28 | 00,033,536 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2005-03-09 15:53:00 | 00,043,008 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004-11-17 10:09:00 | 02,837,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004-10-19 04:50:00 | 00,008,576 | R--- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2004-08-13 03:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-07-20 14:19:16 | 00,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2001-08-17 22:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data] IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://poczta.interia.pl/ IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\S-1-5-21-776561741-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://poczta.interia.pl/" FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: G:\Fire fox\components [2009-11-14 12:11:55 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: G:\Fire fox\plugins [2009-11-14 12:11:44 | 00,000,000 | ---D | M] [2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions [2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com [2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\i35af83h.default\extensions O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\MICROS~1\OFFICE11\OFFICE11\EXCEL.EXE File not found O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: com.pl ([mks] https in Trusted sites) O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-01-01 15:06:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] () O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-11-19 23:35:43 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe [2009-11-19 23:21:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2009-11-19 23:21:53 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2009-11-19 23:18:52 | 00,000,000 | -HSD | C] -- C:\FOUND.022 [2009-11-19 22:36:36 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe [2009-11-19 22:16:50 | 00,000,000 | ---D | C] -- C:\FOUND.021 [2009-11-19 18:06:10 | 00,000,000 | ---D | C] -- C:\FOUND.020 [2009-11-18 22:06:18 | 00,000,000 | ---D | C] -- C:\FOUND.019 [2009-11-18 09:28:38 | 00,000,000 | ---D | C] -- C:\FOUND.018 [2009-11-14 12:45:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PunkBuster [2009-11-14 12:22:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\id Software [2009-11-14 12:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Pobieranie [2009-11-14 12:11:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Mozilla [2009-11-12 14:28:20 | 00,000,000 | ---D | C] -- C:\FOUND.017 [2009-11-01 12:43:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2009-11-01 12:43:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2009-11-01 10:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software [2009-11-01 09:54:06 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\PrivacIE [2009-11-01 09:49:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IETldCache [2009-11-01 09:47:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2009-11-01 09:47:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009-11-01 09:47:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2009-11-01 09:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009-11-01 09:46:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp [2009-11-01 09:43:39 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll [2009-11-01 09:43:33 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2009-11-01 09:43:33 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll [2009-11-01 09:43:32 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2009-11-01 09:43:32 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll [2009-11-01 09:43:32 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2009-11-01 09:43:31 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2009-10-31 19:25:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express [2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys [2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys [2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys [2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys [2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [2009-10-26 19:46:08 | 17,037,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe [2009-09-07 12:32:03 | 16,205,198 | ---- | C] (Mooii) -- C:\Program Files\PhotoScapeSetup_V3.4[www.instalki.pl].exe [2009-05-26 23:31:21 | 42,911,720 | ---- | C] ( ) -- C:\Program Files\stellarium-0.10.2.exe [2009-02-13 21:43:41 | 00,579,724 | ---- | C] (DELiX ) -- C:\Program Files\klawiaturka.exe [2009-01-21 19:52:44 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe [2008-11-12 20:56:31 | 01,984,790 | ---- | C] (DeVision Comp ) -- C:\Program Files\fssetup.exe [2008-07-18 16:36:36 | 18,337,936 | ---- | C] (PC Tools ) -- C:\Program Files\sdstart.exe [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe [2009-11-19 23:20:44 | 00,005,896 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini [2009-11-19 23:19:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-11-19 23:19:14 | 00,017,146 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-11-19 23:18:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-11-19 23:17:18 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT [2009-11-19 23:16:54 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini [2009-11-19 22:42:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-11-19 22:37:14 | 03,567,301 | R--- | M] () -- C:\Program Files\ComboFix.exe [2009-11-19 22:35:44 | 00,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-19 10:23:40 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-11-19 10:23:40 | 00,000,042 | ---- | M] () -- C:\Documents and Settings\admin\default.pls [2009-11-18 20:14:54 | 03,181,836 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-11-17 10:07:18 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-14 12:22:40 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-11-14 12:11:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009-11-14 12:11:48 | 00,000,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-11-14 01:47:58 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe [2009-11-09 11:17:06 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-01 12:44:24 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-10-31 21:04:20 | 00,000,429 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\ArcaMicroScan.lnk [2009-10-27 14:48:30 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\CV.doc [2009-10-26 19:46:10 | 17,037,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe [2009-10-25 09:22:00 | 00,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-10-25 06:11:36 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe [2009-10-21 22:26:24 | 00,000,010 | ---- | M] () -- C:\Documents and Settings\admin\USB001 [2009-10-21 22:21:14 | 00,424,813 | ---- | M] () -- C:\WINDOWS\System32\ags [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-11-19 23:21:44 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-11-19 23:21:44 | 00,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2009-11-19 23:21:41 | 00,141,016 | R--- | C] () -- C:\WINDOWS\System32\alsndmgr.wav [2009-11-19 22:38:30 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe [2009-11-19 22:38:30 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2009-11-19 22:36:43 | 03,567,301 | R--- | C] () -- C:\Program Files\ComboFix.exe [2009-11-14 13:14:36 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-14 13:14:23 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2009-11-14 12:11:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-11-14 12:11:46 | 00,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-11-01 10:11:46 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-01 10:11:44 | 02,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2009-11-01 10:11:44 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-10-27 14:48:28 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\CV.doc [2009-10-21 22:21:11 | 00,424,813 | ---- | C] () -- C:\WINDOWS\System32\ags [2009-10-21 21:34:52 | 00,000,010 | ---- | C] () -- C:\Documents and Settings\admin\USB001 [2009-02-19 16:42:20 | 00,091,023 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\PatchUpdate_HP_CounterReport_Update_HPSU.log [2009-02-19 16:42:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini [2009-01-24 14:37:15 | 00,003,399 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2009-01-21 20:17:44 | 00,007,966 | ---- | C] () -- C:\Program Files\startuplist.txt [2009-01-21 19:53:03 | 00,008,519 | ---- | C] () -- C:\Program Files\hijackthis.log [2009-01-20 15:39:47 | 00,082,053 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\Update_HP_RedboxHprblog_HPSU.log [2009-01-20 15:39:47 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini [2008-12-06 13:10:21 | 00,007,005 | ---- | C] () -- C:\Program Files\Eula.txt [2008-08-21 21:41:21 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI [2008-07-20 15:38:42 | 00,000,657 | ---- | C] () -- C:\WINDOWS\graphedit.INI [2008-07-20 14:24:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-07-20 14:24:07 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-07-20 14:24:07 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-07-20 14:24:07 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-07-20 14:24:06 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-07-20 14:24:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-05-19 18:21:17 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2008-05-19 18:03:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-05-14 19:28:05 | 00,042,168 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2008-05-13 22:33:43 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-05-07 16:48:12 | 00,000,952 | ---- | C] () -- C:\WINDOWS\QIII.INI [2008-05-06 21:57:16 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2008-05-06 21:42:49 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-05-06 21:36:30 | 00,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2008-02-11 09:39:26 | 00,262,112 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll [2008-02-11 09:39:18 | 00,245,632 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll [2008-02-08 13:53:46 | 00,117,912 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll [2007-07-27 14:49:02 | 00,233,352 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll [2007-07-27 14:49:02 | 00,204,512 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll [2005-12-05 19:25:22 | 00,146,752 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll [2005-12-05 12:37:10 | 00,113,792 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll [2005-01-02 11:17:16 | 00,109,056 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005-01-02 10:54:24 | 00,000,869 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2005-01-02 10:54:18 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2005-01-01 23:35:56 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll [2005-01-01 23:35:56 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL [2005-01-01 23:35:56 | 00,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2005-01-01 23:30:18 | 03,181,836 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2005-01-01 15:43:04 | 00,000,269 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2005-01-01 15:42:47 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2005-01-01 15:42:46 | 00,005,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2005-01-01 15:42:44 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005-01-01 15:41:39 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini [2004-12-31 23:40:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001-11-05 14:44:51 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Q3version.ini [2001-07-21 22:16:20 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 22:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== LOP Check ==========[/color] [2008-05-06 21:59:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca [2008-07-18 16:37:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-08-10 18:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TomTom [2009-08-14 22:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275} [2009-11-01 10:11:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software [2008-05-06 21:59:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Teleca [2008-05-06 22:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu [2008-09-12 18:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaBit [2008-09-14 18:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Canon [2008-09-29 20:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Search Settings [2009-03-15 13:32:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaMicroScan [2009-05-20 22:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Simply Super Software [2009-05-26 23:32:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Stellarium [2009-07-26 12:20:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\gtk-2.0 [2009-08-10 18:49:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TomTom [2009-10-31 19:25:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express [2009-11-14 12:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\id Software [2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-11-19 23:19:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log]
Psycholandia komentarz 20 listopada 2009 komentarz 20 listopada 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] () :Files C:\FOUND.022 C:\FOUND.021 C:\FOUND.020 C:\FOUND.019 C:\FOUND.018 C:\FOUND.017 :Commands [emptytemp] [start explorer] [Reboot][/code] Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
aguska1 komentarz 20 listopada 2009 Autor komentarz 20 listopada 2009 [quote name='Andziorka' date='20 listopad 2009 - 22:42 ' timestamp='1258753341' post='905699'] W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] () :Files C:\FOUND.022 C:\FOUND.021 C:\FOUND.020 C:\FOUND.019 C:\FOUND.018 C:\FOUND.017 :Commands [emptytemp] [start explorer] [Reboot][/code] Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware) [/quote] bardzo proszę o napisanie co i jak po kolei jak dla takiego co nic nie wie bo nie wiem czy mam wkleić skrypt do otl poniżej tego logu co mi powstał czy zastąpić loga tym skryptem i gdzie jest ten run fix?
Psycholandia komentarz 20 listopada 2009 komentarz 20 listopada 2009 http://img195.imageshack.us/img195/5658/beztytuulrs.png W okienko [u][b]Custom Scans/Fixes[/b][/u] wklejasz [code]:Processes explorer.exe :OTL O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] () :Files C:\FOUND.022 C:\FOUND.021 C:\FOUND.020 C:\FOUND.019 C:\FOUND.018 C:\FOUND.017 :Commands [emptytemp] [start explorer] [Reboot][/code] Później klik na Run Fix. Masz na czerwono w lewym górnym rogu napisane. Komputer się zresetuje i powstanie po resecie nowy log.
aguska1 komentarz 20 listopada 2009 Autor komentarz 20 listopada 2009 takie coś mi wyskoczyło po restarcie: [log]All processes killed Error: Unable to interpret <:Processesexplorer.exe:OTLO32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRunO33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ():FilesC:\FOUND.022C:\FOUND.021C:\FOUND.020C:\FOUND.019C:\FOUND.018C:\FOUND.017:Commands[emptytemp][start explorer][Reboot]> in the current context! OTL by OldTimer - Version 3.1.6.0 log created on 11202009_235039 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] może coś źle zrobiłam (
aguska1 komentarz 21 listopada 2009 Autor komentarz 21 listopada 2009 nowy log: [log]OTL logfile created on: 2009-11-21 12:26:06 - Run 2 OTL by OldTimer - Version 3.1.6.0 Folder = C:\Program Files Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 574,15 Mb Available Physical Memory | 56,10% Memory free 2,40 Gb Paging File | 1,96 Gb Available in Paging File | 81,51% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,52 Gb Total Space | 7,33 Gb Free Space | 37,53% Space Free | Partition Type: FAT32 Drive D: | 48,83 Gb Total Space | 1,31 Gb Free Space | 2,68% Space Free | Partition Type: NTFS Drive E: | 117,94 Gb Total Space | 6,61 Gb Free Space | 5,60% Space Free | Partition Type: NTFS F: Drive not present or media not loaded Drive G: | 156,25 Gb Total Space | 156,14 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Drive H: | 146,48 Gb Total Space | 146,42 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Drive I: | 163,03 Gb Total Space | 146,90 Gb Free Space | 90,11% Space Free | Partition Type: NTFS Computer Name: ATDOM Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe PRC - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe PRC - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-09-22 17:11:32 | 01,243,088 | ---- | M] (PC Tools) -- C:\Program Files\spyware\Spyware Doctor\pctsTray.exe PRC - [2009-09-15 12:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashDisp.exe PRC - [2009-09-15 12:56:44 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashServ.exe PRC - [2009-09-15 12:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\aswUpdSv.exe PRC - [2009-04-08 12:38:14 | 00,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2008-08-04 00:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe PRC - [2008-05-06 21:56:44 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe PRC - [2008-05-06 19:42:00 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008-02-22 04:25:22 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe PRC - [2008-02-22 04:25:20 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe PRC - [2007-06-13 15:23:50 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-05-08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-07-31 11:45:10 | 00,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006-07-31 11:42:58 | 00,876,544 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe PRC - [2006-02-24 11:58:14 | 00,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe PRC - [2005-10-26 16:17:24 | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe PRC - [2005-08-10 07:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe PRC - [2005-06-08 16:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe PRC - [2005-05-12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2005-05-11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2004-11-02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2004-10-13 18:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2004-08-03 23:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe MOD - [2006-08-25 17:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004-08-04 00:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB) SRV - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-09-15 12:56:44 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashServ.exe -- (avast! Antivirus) SRV - [2009-09-15 12:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-09-15 12:54:14 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-09-15 12:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-04-29 23:58:14 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2006-07-31 13:18:10 | 00,720,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state) SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2009-09-23 16:10:06 | 00,207,280 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2009-09-15 12:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-09-15 12:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009-09-15 12:55:20 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-09-15 12:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-09-15 12:54:22 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-09-15 12:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2007-11-13 12:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2005-07-15 10:40:36 | 03,640,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2005-06-03 13:47:06 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2005-06-03 13:47:04 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2005-06-03 13:47:00 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2005-06-03 13:46:58 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2005-06-03 13:46:52 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) DRV - [2005-05-17 10:45:08 | 00,092,800 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-04-05 20:22:30 | 00,012,928 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-04-05 20:22:28 | 00,033,536 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2005-03-09 15:53:00 | 00,043,008 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004-11-17 10:09:00 | 02,837,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004-10-19 04:50:00 | 00,008,576 | R--- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2004-08-13 03:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-07-20 14:19:16 | 00,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2001-08-17 22:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data] IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://poczta.interia.pl/ IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\S-1-5-21-776561741-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://poczta.interia.pl/" FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: G:\Fire fox\components [2009-11-14 12:11:55 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: G:\Fire fox\plugins [2009-11-14 12:11:44 | 00,000,000 | ---D | M] [2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions [2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com [2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\i35af83h.default\extensions O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [ISTray] C:\Program Files\spyware\Spyware Doctor\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\MICROS~1\OFFICE11\OFFICE11\EXCEL.EXE File not found O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: com.pl ([mks] https in Trusted sites) O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-01-01 15:06:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-11-21 00:05:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IECompatCache [2009-11-20 23:46:20 | 00,000,000 | ---D | C] -- C:\_OTL [2009-11-20 23:37:24 | 00,229,304 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys [2009-11-20 23:37:20 | 00,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys [2009-11-20 23:37:19 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys [2009-11-20 23:37:13 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys [2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools [2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\PC Tools [2009-11-20 23:23:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes [2009-11-20 23:23:22 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-11-20 23:23:20 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009-11-20 23:23:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2009-11-20 23:21:30 | 00,000,000 | ---D | C] -- C:\Program Files\malware [2009-11-20 22:36:38 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-11-20 22:36:38 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-11-20 22:36:38 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-11-20 22:36:38 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-11-20 22:36:38 | 00,052,368 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-11-20 22:36:38 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-11-20 22:36:38 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-11-20 22:36:38 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-11-20 22:36:23 | 01,279,968 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-11-20 22:31:02 | 00,000,000 | ---D | C] -- C:\Program Files\spyware [2009-11-19 23:35:43 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe [2009-11-19 23:21:53 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2009-11-19 23:18:52 | 00,000,000 | -HSD | C] -- C:\FOUND.022 [2009-11-19 22:36:36 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe [2009-11-19 22:16:50 | 00,000,000 | ---D | C] -- C:\FOUND.021 [2009-11-19 18:06:10 | 00,000,000 | ---D | C] -- C:\FOUND.020 [2009-11-18 22:06:18 | 00,000,000 | ---D | C] -- C:\FOUND.019 [2009-11-18 09:28:38 | 00,000,000 | ---D | C] -- C:\FOUND.018 [2009-11-14 12:45:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PunkBuster [2009-11-14 12:22:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\id Software [2009-11-14 12:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Pobieranie [2009-11-14 12:11:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Mozilla [2009-11-12 14:28:20 | 00,000,000 | ---D | C] -- C:\FOUND.017 [2009-11-01 12:43:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2009-11-01 12:43:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2009-11-01 10:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software [2009-11-01 09:54:06 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\PrivacIE [2009-11-01 09:49:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IETldCache [2009-11-01 09:47:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2009-11-01 09:47:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009-11-01 09:47:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2009-11-01 09:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009-11-01 09:46:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp [2009-11-01 09:43:39 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll [2009-11-01 09:43:33 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2009-11-01 09:43:33 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll [2009-11-01 09:43:32 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2009-11-01 09:43:32 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll [2009-11-01 09:43:32 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2009-11-01 09:43:31 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2009-10-31 19:25:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express [2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys [2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys [2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys [2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys [2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [2009-10-26 19:46:08 | 17,037,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe [2009-09-07 12:32:03 | 16,205,198 | ---- | C] (Mooii) -- C:\Program Files\PhotoScapeSetup_V3.4[www.instalki.pl].exe [2009-05-26 23:31:21 | 42,911,720 | ---- | C] ( ) -- C:\Program Files\stellarium-0.10.2.exe [2009-02-13 21:43:41 | 00,579,724 | ---- | C] (DELiX ) -- C:\Program Files\klawiaturka.exe [2009-01-21 19:52:44 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe [2008-11-12 20:56:31 | 01,984,790 | ---- | C] (DeVision Comp ) -- C:\Program Files\fssetup.exe [2008-07-18 16:36:36 | 18,337,936 | ---- | C] (PC Tools ) -- C:\Program Files\sdstart.exe [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-11-21 12:04:00 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-11-21 12:04:00 | 00,000,042 | ---- | M] () -- C:\Documents and Settings\admin\default.pls [2009-11-21 09:03:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-11-21 09:03:30 | 00,017,146 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-11-21 09:03:10 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-11-21 00:09:02 | 06,029,312 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT [2009-11-21 00:08:42 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini [2009-11-21 00:03:44 | 00,000,122 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Fix.org [2009-11-20 23:49:34 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009-11-20 23:49:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2009-11-20 23:37:18 | 00,001,675 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk [2009-11-20 23:23:26 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2009-11-20 22:36:40 | 00,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-11-20 22:36:40 | 00,001,506 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk [2009-11-20 19:57:40 | 02,109,648 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe [2009-11-19 23:20:44 | 00,005,896 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini [2009-11-19 22:42:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-11-19 22:37:14 | 03,567,301 | R--- | M] () -- C:\Program Files\ComboFix.exe [2009-11-19 22:35:44 | 00,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-17 10:07:18 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-14 12:22:40 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-11-14 12:11:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009-11-14 12:11:48 | 00,000,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-11-14 01:47:58 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe [2009-11-09 11:17:06 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-01 12:44:24 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-10-31 21:04:20 | 00,000,429 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\ArcaMicroScan.lnk [2009-10-27 14:48:30 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\CV.doc [2009-10-26 19:46:10 | 17,037,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe [2009-10-25 09:22:00 | 00,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-10-25 06:11:36 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-11-21 00:03:42 | 00,000,122 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Fix.org [2009-11-20 23:49:32 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2009-11-20 23:49:32 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2009-11-20 23:37:24 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat [2009-11-20 23:37:20 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat [2009-11-20 23:37:20 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat [2009-11-20 23:37:17 | 00,001,675 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk [2009-11-20 23:37:13 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat [2009-11-20 23:23:24 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2009-11-20 22:36:38 | 00,001,506 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk [2009-11-20 22:36:23 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx [2009-11-19 23:38:27 | 00,089,010 | ---- | C] () -- C:\Program Files\OTL.Txt [2009-11-19 23:21:44 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-11-19 23:21:44 | 00,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2009-11-19 23:21:41 | 00,141,016 | R--- | C] () -- C:\WINDOWS\System32\alsndmgr.wav [2009-11-19 22:38:30 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe [2009-11-19 22:38:30 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2009-11-19 22:36:43 | 03,567,301 | R--- | C] () -- C:\Program Files\ComboFix.exe [2009-11-14 13:14:36 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-14 13:14:23 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2009-11-14 12:11:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-11-14 12:11:46 | 00,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-11-01 10:11:46 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-01 10:11:44 | 02,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2009-11-01 10:11:44 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-10-27 14:48:28 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\CV.doc [2009-02-19 16:42:20 | 00,091,023 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\PatchUpdate_HP_CounterReport_Update_HPSU.log [2009-02-19 16:42:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini [2009-01-24 14:37:15 | 00,003,399 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2009-01-21 20:17:44 | 00,007,966 | ---- | C] () -- C:\Program Files\startuplist.txt [2009-01-21 19:53:03 | 00,008,519 | ---- | C] () -- C:\Program Files\hijackthis.log [2009-01-20 15:39:47 | 00,082,053 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\Update_HP_RedboxHprblog_HPSU.log [2009-01-20 15:39:47 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini [2008-12-06 13:10:21 | 00,007,005 | ---- | C] () -- C:\Program Files\Eula.txt [2008-08-21 21:41:21 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI [2008-07-20 15:38:42 | 00,000,657 | ---- | C] () -- C:\WINDOWS\graphedit.INI [2008-07-20 14:24:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-07-20 14:24:07 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-07-20 14:24:07 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-07-20 14:24:07 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-07-20 14:24:06 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-07-20 14:24:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-05-19 18:21:17 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2008-05-19 18:03:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-05-14 19:28:05 | 00,042,168 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2008-05-13 22:33:43 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-05-07 16:48:12 | 00,000,952 | ---- | C] () -- C:\WINDOWS\QIII.INI [2008-05-06 21:57:16 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2008-05-06 21:42:49 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-05-06 21:36:30 | 00,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2008-02-11 09:39:26 | 00,262,112 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll [2008-02-11 09:39:18 | 00,245,632 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll [2008-02-08 13:53:46 | 00,117,912 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll [2007-07-27 14:49:02 | 00,233,352 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll [2007-07-27 14:49:02 | 00,204,512 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll [2005-12-05 19:25:22 | 00,146,752 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll [2005-12-05 12:37:10 | 00,113,792 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll [2005-01-02 11:17:16 | 00,109,056 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005-01-02 10:54:24 | 00,000,869 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2005-01-02 10:54:18 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2005-01-01 23:35:56 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll [2005-01-01 23:35:56 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL [2005-01-01 23:35:56 | 00,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2005-01-01 23:30:18 | 02,109,648 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2005-01-01 15:43:04 | 00,000,269 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2005-01-01 15:42:47 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2005-01-01 15:42:46 | 00,005,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2005-01-01 15:42:44 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005-01-01 15:41:39 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini [2004-12-31 23:40:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001-11-05 14:44:51 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Q3version.ini [2001-07-21 22:16:20 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 22:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== LOP Check ==========[/color] [2008-05-06 21:59:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca [2008-07-18 16:37:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-08-10 18:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TomTom [2009-08-14 22:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275} [2009-11-01 10:11:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software [2008-05-06 21:59:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Teleca [2008-05-06 22:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu [2008-09-12 18:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaBit [2008-09-14 18:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Canon [2008-09-29 20:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Search Settings [2009-03-15 13:32:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaMicroScan [2009-05-20 22:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Simply Super Software [2009-05-26 23:32:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Stellarium [2009-07-26 12:20:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\gtk-2.0 [2009-08-10 18:49:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TomTom [2009-10-31 19:25:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express [2009-11-14 12:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\id Software [2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-11-21 09:03:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log]
Psycholandia komentarz 21 listopada 2009 komentarz 21 listopada 2009 Źle zrobiłaś. Jeszcze raz po kolei. Tak wygląda OTL: http://img195.imageshack.us/img195/5658/beztytuulrs.png Masz tam okienko (sprawdź na powyższym obrazku) [u][b]Custom Scans/Fixes[/b][/u] wklejasz w to okienko poniższy tekst: [code]:Processes explorer.exe :OTL O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] () :Files C:\FOUND.022 C:\FOUND.021 C:\FOUND.020 C:\FOUND.019 C:\FOUND.018 C:\FOUND.017 :Commands [emptytemp] [start explorer] [Reboot][/code] Później klik na [u][b]Run Fix[/b][/u]. Masz na czerwono w lewym górnym rogu napisane. Komputer się zresetuje i powstanie po resecie nowy log.
aguska1 komentarz 22 listopada 2009 Autor komentarz 22 listopada 2009 [quote name='Andziorka' date='21 listopad 2009 - 15:57 ' timestamp='1258815475' post='906150'] Źle zrobiłaś. Jeszcze raz po kolei. Tak wygląda OTL: http://img195.imageshack.us/img195/5658/beztytuulrs.png Masz tam okienko (sprawdź na powyższym obrazku) [u][b]Custom Scans/Fixes[/b][/u] wklejasz w to okienko poniższy tekst: [code]:Processes explorer.exe :OTL O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] () :Files C:\FOUND.022 C:\FOUND.021 C:\FOUND.020 C:\FOUND.019 C:\FOUND.018 C:\FOUND.017 :Commands [emptytemp] [start explorer] [Reboot][/code] Później klik na [u][b]Run Fix[/b][/u]. Masz na czerwono w lewym górnym rogu napisane. Komputer się zresetuje i powstanie po resecie nowy log. [/quote] Zrobiłam wg instrukcji i po restarcie wyskoczyło mi okienko notatnika nazwa 11222009_122056 z następującą zawartością: [log]All processes killed Error: Unable to interpret <:Processesexplorer.exe:OTLO32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRunO33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ():FilesC:\FOUND.022C:\FOUND.021C:\FOUND.020C:\FOUND.019C:\FOUND.018C:\FOUND.017:Commands[emptytemp][start explorer][Reboot]> in the current context! OTL by OldTimer - Version 3.1.6.0 log created on 11222009_122056 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log]
aguska1 komentarz 22 listopada 2009 Autor komentarz 22 listopada 2009 [quote name='Andziorka' date='22 listopad 2009 - 12:29 ' timestamp='1258889345' post='906893'] Daj nowego loga z OTL [/quot a gdzie się zapisał?
aguska1 komentarz 22 listopada 2009 Autor komentarz 22 listopada 2009 zatem nowy log: [log]OTL logfile created on: 2009-11-22 12:49:12 - Run 3 OTL by OldTimer - Version 3.1.6.0 Folder = C:\Program Files Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 463,76 Mb Available Physical Memory | 45,31% Memory free 2,40 Gb Paging File | 1,84 Gb Available in Paging File | 76,49% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,52 Gb Total Space | 7,29 Gb Free Space | 37,34% Space Free | Partition Type: FAT32 Drive D: | 48,83 Gb Total Space | 1,31 Gb Free Space | 2,68% Space Free | Partition Type: NTFS Drive E: | 117,94 Gb Total Space | 6,61 Gb Free Space | 5,60% Space Free | Partition Type: NTFS F: Drive not present or media not loaded Drive G: | 156,25 Gb Total Space | 156,14 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Drive H: | 146,48 Gb Total Space | 146,42 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Drive I: | 163,03 Gb Total Space | 146,90 Gb Free Space | 90,11% Space Free | Partition Type: NTFS Computer Name: ATDOM Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe PRC - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe PRC - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-09-22 17:11:32 | 01,243,088 | ---- | M] (PC Tools) -- C:\Program Files\spyware\Spyware Doctor\pctsTray.exe PRC - [2009-09-15 12:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashDisp.exe PRC - [2009-09-15 12:56:44 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashServ.exe PRC - [2009-09-15 12:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\aswUpdSv.exe PRC - [2009-04-08 12:38:14 | 00,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2008-08-04 00:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe PRC - [2008-08-04 00:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe PRC - [2008-05-06 21:56:44 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe PRC - [2008-05-06 19:42:00 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008-03-20 12:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2008-02-22 04:25:22 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe PRC - [2008-02-22 04:25:20 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe PRC - [2007-06-13 15:23:50 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-05-11 03:06:00 | 00,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe PRC - [2007-05-08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-07-31 11:45:10 | 00,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006-07-31 11:42:58 | 00,876,544 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe PRC - [2006-02-24 11:58:14 | 00,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe PRC - [2005-10-26 16:17:24 | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe PRC - [2005-08-10 07:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe PRC - [2005-06-08 16:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe PRC - [2005-05-12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2005-05-11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2004-11-02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2004-10-13 18:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2004-08-03 23:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe MOD - [2006-12-21 14:30:44 | 00,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll MOD - [2006-08-25 17:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004-08-04 00:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB) SRV - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-09-15 12:56:44 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashServ.exe -- (avast! Antivirus) SRV - [2009-09-15 12:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-09-15 12:54:14 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-09-15 12:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-04-29 23:58:14 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2006-07-31 13:18:10 | 00,720,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state) SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2009-09-23 16:10:06 | 00,207,280 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2009-09-15 12:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-09-15 12:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009-09-15 12:55:20 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-09-15 12:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-09-15 12:54:22 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-09-15 12:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2007-11-13 12:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2005-07-15 10:40:36 | 03,640,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2005-06-03 13:47:06 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2005-06-03 13:47:04 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2005-06-03 13:47:00 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2005-06-03 13:46:58 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2005-06-03 13:46:52 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) DRV - [2005-05-17 10:45:08 | 00,092,800 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-04-05 20:22:30 | 00,012,928 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-04-05 20:22:28 | 00,033,536 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2005-03-09 15:53:00 | 00,043,008 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004-11-17 10:09:00 | 02,837,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004-10-19 04:50:00 | 00,008,576 | R--- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2004-08-13 03:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-07-20 14:19:16 | 00,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2001-08-17 22:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data] IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://poczta.interia.pl/ IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\S-1-5-21-776561741-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://poczta.interia.pl/" FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: G:\Fire fox\components [2009-11-14 12:11:55 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: G:\Fire fox\plugins [2009-11-14 12:11:44 | 00,000,000 | ---D | M] [2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions [2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com [2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\i35af83h.default\extensions O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [ISTray] C:\Program Files\spyware\Spyware Doctor\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\MICROS~1\OFFICE11\OFFICE11\EXCEL.EXE File not found O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: com.pl ([mks] https in Trusted sites) O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-01-01 15:06:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-11-21 00:05:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IECompatCache [2009-11-20 23:46:20 | 00,000,000 | ---D | C] -- C:\_OTL [2009-11-20 23:37:24 | 00,229,304 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys [2009-11-20 23:37:20 | 00,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys [2009-11-20 23:37:19 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys [2009-11-20 23:37:13 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys [2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools [2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\PC Tools [2009-11-20 23:23:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes [2009-11-20 23:23:22 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-11-20 23:23:20 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009-11-20 23:23:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2009-11-20 23:21:30 | 00,000,000 | ---D | C] -- C:\Program Files\malware [2009-11-20 22:36:38 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-11-20 22:36:38 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-11-20 22:36:38 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-11-20 22:36:38 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-11-20 22:36:38 | 00,052,368 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-11-20 22:36:38 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-11-20 22:36:38 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-11-20 22:36:38 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-11-20 22:36:23 | 01,279,968 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-11-20 22:31:02 | 00,000,000 | ---D | C] -- C:\Program Files\spyware [2009-11-19 23:35:43 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe [2009-11-19 23:21:53 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2009-11-19 23:18:52 | 00,000,000 | -HSD | C] -- C:\FOUND.022 [2009-11-19 22:36:36 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe [2009-11-19 22:16:50 | 00,000,000 | ---D | C] -- C:\FOUND.021 [2009-11-19 18:06:10 | 00,000,000 | ---D | C] -- C:\FOUND.020 [2009-11-18 22:06:18 | 00,000,000 | ---D | C] -- C:\FOUND.019 [2009-11-18 09:28:38 | 00,000,000 | ---D | C] -- C:\FOUND.018 [2009-11-14 12:45:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PunkBuster [2009-11-14 12:22:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\id Software [2009-11-14 12:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Pobieranie [2009-11-14 12:11:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Mozilla [2009-11-12 14:28:20 | 00,000,000 | ---D | C] -- C:\FOUND.017 [2009-11-01 12:43:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2009-11-01 12:43:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2009-11-01 10:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software [2009-11-01 09:54:06 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\PrivacIE [2009-11-01 09:49:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IETldCache [2009-11-01 09:47:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2009-11-01 09:47:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009-11-01 09:47:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2009-11-01 09:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009-11-01 09:46:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp [2009-11-01 09:43:39 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll [2009-11-01 09:43:33 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2009-11-01 09:43:33 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll [2009-11-01 09:43:32 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2009-11-01 09:43:32 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll [2009-11-01 09:43:32 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2009-11-01 09:43:31 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2009-10-31 19:25:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express [2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys [2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys [2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys [2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys [2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [2009-10-26 19:46:08 | 17,037,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe [2009-09-07 12:32:03 | 16,205,198 | ---- | C] (Mooii) -- C:\Program Files\PhotoScapeSetup_V3.4[www.instalki.pl].exe [2009-05-26 23:31:21 | 42,911,720 | ---- | C] ( ) -- C:\Program Files\stellarium-0.10.2.exe [2009-02-13 21:43:41 | 00,579,724 | ---- | C] (DELiX ) -- C:\Program Files\klawiaturka.exe [2009-01-21 19:52:44 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe [2008-11-12 20:56:31 | 01,984,790 | ---- | C] (DeVision Comp ) -- C:\Program Files\fssetup.exe [2008-07-18 16:36:36 | 18,337,936 | ---- | C] (PC Tools ) -- C:\Program Files\sdstart.exe [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-11-22 12:23:26 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009-11-22 12:22:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-11-22 12:22:24 | 00,017,146 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-11-22 12:22:06 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-11-22 12:21:36 | 06,029,312 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT [2009-11-22 12:21:12 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini [2009-11-22 12:18:06 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-11-22 12:18:06 | 00,000,042 | ---- | M] () -- C:\Documents and Settings\admin\default.pls [2009-11-22 11:18:14 | 03,196,014 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-11-21 00:03:44 | 00,000,122 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Fix.org [2009-11-20 23:49:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2009-11-20 23:37:18 | 00,001,675 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk [2009-11-20 23:23:26 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2009-11-20 22:36:40 | 00,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-11-20 22:36:40 | 00,001,506 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe [2009-11-19 23:20:44 | 00,005,896 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini [2009-11-19 22:42:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-11-19 22:37:14 | 03,567,301 | R--- | M] () -- C:\Program Files\ComboFix.exe [2009-11-19 22:35:44 | 00,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-17 10:07:18 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-14 12:22:40 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-11-14 12:11:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009-11-14 12:11:48 | 00,000,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-11-14 01:47:58 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe [2009-11-09 11:17:06 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-01 12:44:24 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-10-31 21:04:20 | 00,000,429 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\ArcaMicroScan.lnk [2009-10-27 14:48:30 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\CV.doc [2009-10-26 19:46:10 | 17,037,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe [2009-10-25 09:22:00 | 00,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-10-25 06:11:36 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-11-21 00:03:42 | 00,000,122 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Fix.org [2009-11-20 23:49:32 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2009-11-20 23:49:32 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2009-11-20 23:37:24 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat [2009-11-20 23:37:20 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat [2009-11-20 23:37:20 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat [2009-11-20 23:37:17 | 00,001,675 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk [2009-11-20 23:37:13 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat [2009-11-20 23:23:24 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2009-11-20 22:36:38 | 00,001,506 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk [2009-11-20 22:36:23 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx [2009-11-19 23:38:27 | 00,093,640 | ---- | C] () -- C:\Program Files\OTL1.Txt [2009-11-19 23:21:44 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-11-19 23:21:44 | 00,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2009-11-19 23:21:41 | 00,141,016 | R--- | C] () -- C:\WINDOWS\System32\alsndmgr.wav [2009-11-19 22:38:30 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe [2009-11-19 22:38:30 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2009-11-19 22:36:43 | 03,567,301 | R--- | C] () -- C:\Program Files\ComboFix.exe [2009-11-14 13:14:36 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-14 13:14:23 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2009-11-14 12:11:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-11-14 12:11:46 | 00,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-11-01 10:11:46 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-01 10:11:44 | 02,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2009-11-01 10:11:44 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-10-27 14:48:28 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\CV.doc [2009-02-19 16:42:20 | 00,091,023 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\PatchUpdate_HP_CounterReport_Update_HPSU.log [2009-02-19 16:42:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini [2009-01-24 14:37:15 | 00,003,399 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2009-01-21 20:17:44 | 00,007,966 | ---- | C] () -- C:\Program Files\startuplist.txt [2009-01-21 19:53:03 | 00,008,519 | ---- | C] () -- C:\Program Files\hijackthis.log [2009-01-20 15:39:47 | 00,082,053 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\Update_HP_RedboxHprblog_HPSU.log [2009-01-20 15:39:47 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini [2008-12-06 13:10:21 | 00,007,005 | ---- | C] () -- C:\Program Files\Eula.txt [2008-08-21 21:41:21 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI [2008-07-20 15:38:42 | 00,000,657 | ---- | C] () -- C:\WINDOWS\graphedit.INI [2008-07-20 14:24:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-07-20 14:24:07 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-07-20 14:24:07 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-07-20 14:24:07 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-07-20 14:24:06 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-07-20 14:24:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-05-19 18:21:17 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2008-05-19 18:03:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-05-14 19:28:05 | 00,042,168 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2008-05-13 22:33:43 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-05-07 16:48:12 | 00,000,952 | ---- | C] () -- C:\WINDOWS\QIII.INI [2008-05-06 21:57:16 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2008-05-06 21:42:49 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-05-06 21:36:30 | 00,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2008-02-11 09:39:26 | 00,262,112 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll [2008-02-11 09:39:18 | 00,245,632 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll [2008-02-08 13:53:46 | 00,117,912 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll [2007-07-27 14:49:02 | 00,233,352 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll [2007-07-27 14:49:02 | 00,204,512 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll [2005-12-05 19:25:22 | 00,146,752 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll [2005-12-05 12:37:10 | 00,113,792 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll [2005-01-02 11:17:16 | 00,109,056 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005-01-02 10:54:24 | 00,000,869 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2005-01-02 10:54:18 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2005-01-01 23:35:56 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll [2005-01-01 23:35:56 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL [2005-01-01 23:35:56 | 00,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2005-01-01 23:30:18 | 03,196,014 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2005-01-01 15:43:04 | 00,000,269 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2005-01-01 15:42:47 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2005-01-01 15:42:46 | 00,005,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2005-01-01 15:42:44 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005-01-01 15:41:39 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini [2004-12-31 23:40:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001-11-05 14:44:51 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Q3version.ini [2001-07-21 22:16:20 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 22:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== LOP Check ==========[/color] [2008-05-06 21:59:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca [2008-07-18 16:37:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-08-10 18:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TomTom [2009-08-14 22:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275} [2009-11-01 10:11:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software [2008-05-06 21:59:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Teleca [2008-05-06 22:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu [2008-09-12 18:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaBit [2008-09-14 18:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Canon [2008-09-29 20:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Search Settings [2009-03-15 13:32:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaMicroScan [2009-05-20 22:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Simply Super Software [2009-05-26 23:32:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Stellarium [2009-07-26 12:20:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\gtk-2.0 [2009-08-10 18:49:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TomTom [2009-10-31 19:25:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express [2009-11-14 12:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\id Software [2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-11-22 12:22:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log]
Psycholandia komentarz 22 listopada 2009 komentarz 22 listopada 2009 http://www.forumpc.pl/index.php?showtopic=120614 przeskanuj komputer Combofixem i daj loga
aguska1 komentarz 22 listopada 2009 Autor komentarz 22 listopada 2009 oto log z combofixa: [log]ComboFix 09-11-21.03 - admin 2009-11-22 13:06.3.1 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1023.593 [GMT 1:00] Uruchomiony z: c:\program files\combofix\ComboFix.exe AV: avast! antivirus 4.8.1356 [VPS 091122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} * Utworzono nowy punkt przywracania . ((((((((((((((((((((((((( Pliki utworzone od 2009-10-22 do 2009-11-22 ))))))))))))))))))))))))))))))) . 2009-11-22 12:03 . 2009-11-22 12:03 -------- d-----w- c:\program files\combofix 2009-11-22 09:23 . 2009-11-22 09:23 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2009-11-22 09:23 . 2009-11-22 09:23 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google 2009-11-22 09:23 . 2009-11-22 09:23 -------- d-----r- c:\documents and settings\LocalService\Ulubione 2009-11-20 23:05 . 2009-11-20 23:05 -------- d-sh--w- c:\documents and settings\admin\IECompatCache 2009-11-20 22:46 . 2009-11-20 22:46 -------- d-----w- C:\_OTL 2009-11-20 22:37 . 2009-09-24 07:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2009-11-20 22:37 . 2009-09-23 15:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2009-11-20 22:37 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-11-20 22:37 . 2009-09-03 08:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2009-11-20 22:37 . 2009-11-20 22:37 -------- d-----w- c:\program files\Common Files\PC Tools 2009-11-20 22:37 . 2009-11-20 22:37 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\PC Tools 2009-11-20 22:37 . 2009-11-20 22:37 -------- d-----w- c:\documents and settings\admin\Dane aplikacji\PC Tools 2009-11-20 22:23 . 2009-11-20 22:23 -------- d-----w- c:\documents and settings\admin\Dane aplikacji\Malwarebytes 2009-11-20 22:23 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-20 22:23 . 2009-11-20 22:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes 2009-11-20 22:23 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-20 22:21 . 2009-11-20 22:21 -------- d-----w- c:\program files\malware 2009-11-20 21:36 . 2009-09-15 11:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-11-20 21:36 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-11-20 21:36 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-11-20 21:36 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-11-20 21:36 . 2009-09-15 11:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-11-20 21:36 . 2009-09-15 11:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-11-20 21:36 . 2009-09-15 11:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-11-20 21:36 . 2009-09-15 11:53 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-11-20 21:36 . 2009-09-15 11:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-11-20 21:31 . 2009-11-20 21:31 -------- d-----w- c:\program files\spyware 2009-11-19 22:35 . 2009-11-19 22:34 529408 ----a-w- c:\program files\OTL.exe 2009-11-19 22:21 . 2009-11-19 22:21 -------- d-----w- c:\program files\Realtek AC97 2009-11-19 22:21 . 2005-07-15 09:40 3640000 ------r- c:\windows\system32\drivers\alcxwdm.sys 2009-11-19 22:21 . 2005-07-12 07:55 81920 ------r- c:\windows\soundman.exe 2009-11-19 22:21 . 2005-05-18 05:38 40960 ------r- c:\windows\system32\ChCfg.exe 2009-11-19 22:21 . 2004-09-07 06:23 156672 ------r- c:\windows\system32\RtlCPAPI.dll 2009-11-19 22:21 . 2005-07-15 08:30 10457600 ------r- c:\windows\system32\RTLCPL.exe 2009-11-19 22:21 . 2005-06-02 08:31 294912 ------r- c:\windows\alcupd.exe 2009-11-19 22:21 . 2005-06-02 08:43 200704 ------r- c:\windows\alcrmv.exe 2009-11-19 22:18 . 2009-11-19 22:18 -------- d-----w- C:\FOUND.022 2009-11-19 21:36 . 2009-11-19 21:35 395776 ----a-w- c:\windows\system32\CF21274.exe 2009-11-19 21:16 . 2009-11-19 21:16 -------- d-----w- C:\FOUND.021 2009-11-19 17:06 . 2009-11-19 17:06 -------- d-----w- C:\FOUND.020 2009-11-18 21:06 . 2009-11-18 21:06 -------- d-----w- C:\FOUND.019 2009-11-18 08:28 . 2009-11-18 08:28 -------- d-----w- C:\FOUND.018 2009-11-14 12:14 . 2009-11-19 14:43 138504 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-11-14 11:45 . 2009-11-19 14:43 363584 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\baseq3\cgamex86.dll 2009-11-14 11:45 . 2009-11-19 11:10 461888 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\baseq3\qagamex86.dll 2009-11-14 11:45 . 2009-11-14 11:45 -------- d-----w- c:\documents and settings\admin\Ustawienia lokalne\Dane aplikacji\PunkBuster 2009-11-14 11:45 . 2009-11-19 14:43 179264 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\baseq3\uix86.dll 2009-11-14 11:45 . 2009-11-19 14:43 57344 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\pb\pbag.dll 2009-11-14 11:45 . 2009-11-19 14:43 887856 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\pb\pbcl.dll 2009-11-14 11:45 . 2009-11-19 14:43 2628672 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\baseq3\quakelive.dll 2009-11-14 11:22 . 2009-11-14 11:22 -------- d-----w- c:\documents and settings\admin\Dane aplikacji\id Software 2009-11-14 11:11 . 2009-11-14 11:11 0 ----a-w- c:\windows\nsreg.dat 2009-11-14 11:11 . 2009-11-14 11:11 -------- d-----w- c:\documents and settings\admin\Ustawienia lokalne\Dane aplikacji\Mozilla 2009-11-12 13:28 . 2009-11-12 13:28 -------- d-----w- C:\FOUND.017 2009-11-01 11:43 . 2009-11-01 11:43 -------- d--h--w- c:\windows\ie8 2009-11-01 11:43 . 2009-11-01 11:43 -------- d-----w- c:\windows\system32\pl-PL 2009-11-01 09:11 . 2009-11-19 14:43 214488 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-11-01 09:11 . 2009-11-14 11:22 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-11-01 09:11 . 2009-11-14 11:22 2373712 ----a-w- c:\windows\system32\pbsvc.exe 2009-11-01 09:11 . 2009-11-01 09:11 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\id Software 2009-11-01 08:54 . 2009-11-01 08:54 -------- d-sh--w- c:\documents and settings\admin\PrivacIE 2009-11-01 08:50 . 2009-11-01 08:50 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-11-01 08:49 . 2009-11-01 08:49 -------- d-sh--w- c:\documents and settings\admin\IETldCache 2009-11-01 08:47 . 2009-11-01 08:47 -------- d-----w- c:\windows\ie8updates 2009-11-01 08:46 . 2009-11-01 08:46 -------- d-----w- c:\program files\Microsoft Silverlight 2009-11-01 08:46 . 2009-11-01 08:46 -------- d--h--w- c:\windows\msdownld.tmp 2009-11-01 08:43 . 2009-10-02 04:44 92160 ------w- c:\windows\system32\dllcache\iecompat.dll 2009-11-01 08:43 . 2009-08-29 07:58 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-11-01 08:43 . 2009-08-29 07:58 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll 2009-11-01 08:43 . 2009-08-29 07:58 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll 2009-11-01 08:43 . 2009-08-29 07:58 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2009-11-01 08:43 . 2009-08-29 07:58 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-11-01 08:43 . 2009-08-29 07:58 11069440 ------w- c:\windows\system32\dllcache\ieframe.dll 2009-10-31 18:25 . 2009-10-31 18:25 -------- d-----w- c:\documents and settings\admin\Dane aplikacji\Image Zone Express 2009-10-30 13:21 . 2004-08-03 23:38 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2009-10-30 13:21 . 2004-08-03 23:38 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys 2009-10-30 13:21 . 2001-10-26 15:57 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2009-10-30 13:21 . 2001-10-26 15:57 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys 2009-10-30 13:20 . 2001-08-17 21:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-10-30 13:20 . 2001-08-17 21:02 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys 2009-10-26 18:46 . 2009-10-26 18:46 17037680 ----a-w- c:\program files\IE8-WindowsXP-x86-PLK.exe . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-22 11:50 . 2009-11-22 11:50 94562 ----a-w- c:\program files\OTL.Txt 2009-11-21 11:27 . 2009-11-19 22:38 93640 ----a-w- c:\program files\OTL1.Txt 2009-10-17 22:18 . 2009-10-17 22:18 -------- d-----w- c:\program files\Conduit 2009-09-07 11:32 . 2009-09-07 11:32 16205198 ----a-w- c:\program files\PhotoScapeSetup_V3.4[www.instalki.pl].exe 2009-08-29 07:58 . 2004-08-03 22:44 916480 ------w- c:\windows\system32\wininet.dll 2009-05-26 22:31 . 2009-05-26 22:31 42911720 ----a-w- c:\program files\stellarium-0.10.2.exe 2009-02-13 20:43 . 2009-02-13 20:43 579724 ----a-w- c:\program files\klawiaturka.exe 2009-01-21 19:17 . 2009-01-21 19:17 7966 ----a-w- c:\program files\startuplist.txt 2009-01-21 19:12 . 2009-01-21 18:53 8519 ----a-w- c:\program files\hijackthis.log 2009-01-21 18:51 . 2009-01-21 18:52 401720 ----a-w- c:\program files\HiJackThis.exe 2008-11-12 19:56 . 2008-11-12 19:56 1984790 ----a-w- c:\program files\fssetup.exe 2008-07-18 15:36 . 2008-07-18 15:36 18337936 ----a-w- c:\program files\sdstart.exe 2006-07-28 07:32 . 2008-12-06 12:10 7005 ----a-w- c:\program files\Eula.txt . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-06 68856] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 139264] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-11-17 4624384] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-11-17 86016] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-06 155648] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "avast!"="c:\progra~1\ALWILS~1\ashDisp.exe" [2009-09-15 81000] "ISTray"="c:\program files\spyware\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2004-11-17 921600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Quake III Arena\\quake3.exe"= "c:\\Program Files\\Nero\\Nero Sipps\\Phone.exe"= "c:\\Program Files\\Gadu-Gadu\\GG.EXE"= "e:\\MEDALOF HONOR\\mohpa.exe"= "d:\\eMule\\emule.exe"= "c:\\WINDOWS\\System32\\PnkBstrA.exe"= "c:\\WINDOWS\\System32\\PnkBstrB.exe"= "g:\\Fire fox\\firefox.exe"= "c:\\Documents and Settings\\admin\\Pulpit\\ArcaMicroScan\\ArcaMicroScan.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8461:TCP"= 8461:TCP:GoD High Port "8462:TCP"= 8462:TCP:GoD Low Port R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-11-20 207280] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-11-20 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-11-20 20560] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-08 92008] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt --> c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [?] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://poczta.interia.pl/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&ksport do programu Microsoft Excel - d:\micros~1\OFFICE11\OFFICE11\EXCEL.EXE/3000 Trusted Zone: com.pl\mks DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} - hxxp://slimak.onet.pl/_m/wirusy/ArcaOnline.cab FF - ProfilePath - c:\documents and settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\i35af83h.default\ FF - prefs.js: browser.startup.homepage - hxxp://poczta.interia.pl/ ---- FIREFOX - SPOSÓB POSTĘPOWANIA ---- g:\fire fox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-22 13:11 Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\EverestDriver] "ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\S-1-5-21-776561741-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\iexplore] @DACL=(02 0000) "Type"=dword:00000003 "Count"=dword:00000027 "Time"=hex:d8,07,07,00,05,00,12,00,0e,00,24,00,37,00,03,02 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}\ProgID] @DACL=(02 0000) @="CntntCntr.CntntDic.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}\TypeLib] @DACL=(02 0000) @="{148E1447-C728-48FD-BEEC-A7D06C5FFF58}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}\VersionIndependentProgID] @DACL=(02 0000) @="CntntCntr.CntntDic" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Control] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Implemented Categories] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Instance] @DACL=(02 0000) "CLSID"="{4D5C8C2A-D075-11D0-B416-00C04FB90376}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\MiscStatus] @DACL=(02 0000) @="0" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\ProgID] @DACL=(02 0000) @="HBMain.CommBand.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\ToolboxBitmap32] @DACL=(02 0000) @="c:\\Program Files\\Zango\\bin\\10.3.70.0\\HostIE.dll, 507" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\TypeLib] @DACL=(02 0000) @="{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Version] @DACL=(02 0000) @="1.0" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\VersionIndependentProgID] @DACL=(02 0000) @="HBMain.CommBand" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}\ProgID] @DACL=(02 0000) @="HbCoreSrv.DynamicProp.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}\TypeLib] @DACL=(02 0000) @="{60F63095-41EC-11D5-B558-00D0B77F0A6D}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}\VersionIndependentProgID] @DACL=(02 0000) @="HbCoreSrv.DynamicProp" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\InprocServer32] @DACL=(02 0000) @="c:\\Program Files\\Zango\\bin\\10.3.70.0\\ZangoSAAX.dll" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\ProgID] @DACL=(02 0000) @="ZangoAX.UserProfiles.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\TypeLib] @DACL=(02 0000) @="{89085678-632D-4deb-BDA0-CD912C63203E}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\VersionIndependentProgID] @DACL=(02 0000) @="ZangoAX.UserProfiles" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\Control] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\MiscStatus] @DACL=(02 0000) @="0" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\ProgID] @DACL=(02 0000) @="Toolbar.ToolbarCtl.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\TypeLib] @DACL=(02 0000) @="{C62A9E79-2B52-439B-AF57-2E60BB06E86C}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\Version] @DACL=(02 0000) @="1.0" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\VersionIndependentProgID] @DACL=(02 0000) @="Toolbar.ToolbarCtl" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}\ProgID] @DACL=(02 0000) @="Wallpaper.WallpaperManager.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}\TypeLib] @DACL=(02 0000) @="{ABEC1835-3181-4ABD-8DDE-875AEC4DF6D2}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}\VersionIndependentProgID] @DACL=(02 0000) @="Wallpaper.WallpaperManager" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}\ProgID] @DACL=(02 0000) @="Srv.CoreServices.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}\TypeLib] @DACL=(02 0000) @="{03D7FF6E-9781-40B5-BB7F-94291A361604}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}\VersionIndependentProgID] @DACL=(02 0000) @="Srv.CoreServices" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}\ProgID] @DACL=(02 0000) @="hbr.HbMain.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}\TypeLib] @DACL=(02 0000) @="{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}\VersionIndependentProgID] @DACL=(02 0000) @="hbr.HbMain" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}\ProgID] @DACL=(02 0000) @="CoreSrv.CoreServices.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}\TypeLib] @DACL=(02 0000) @="{0729F461-8054-47DC-8D39-A31B61CC0119}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}\VersionIndependentProgID] @DACL=(02 0000) @="CoreSrv.CoreServices" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\InprocServer32] @DACL=(02 0000) @="c:\\Program Files\\Zango\\bin\\10.3.70.0\\HostIE.dll" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ProgID] @DACL=(02 0000) @="HostIE.Bho.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\TypeLib] @DACL=(02 0000) @="{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\VersionIndependentProgID] @DACL=(02 0000) @="HostIE.Bho" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\LocalServer32] @DACL=(02 0000) @="\"c:\\Program Files\\Zango\\bin\\10.3.70.0\\Weather.exe\"" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\ProgID] @DACL=(02 0000) @="WeatherDPA.WeatherController.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\TypeLib] @DACL=(02 0000) @="{A56FE01C-77C4-4F5E-8198-E4B72207890A}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\VersionIndependentProgID] @DACL=(02 0000) @="WeatherDPA.WeatherController" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\Control] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\ProgID] @DACL=(02 0000) @="HostOL.MailAnim.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\TypeLib] @DACL=(02 0000) @="{8292078F-F6E9-412B-8EB1-360C05C5ECE5}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\VersionIndependentProgID] @DACL=(02 0000) @="HostOL.MailAnim" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}\ProgID] @DACL=(02 0000) @="CntntCntr.CntntDisp.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}\TypeLib] @DACL=(02 0000) @="{148E1447-C728-48FD-BEEC-A7D06C5FFF58}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}\VersionIndependentProgID] @DACL=(02 0000) @="CntntCntr.CntntDisp" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}\ProgID] @DACL=(02 0000) @="HostOL.WebmailSend.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}\TypeLib] @DACL=(02 0000) @="{8292078F-F6E9-412B-8EB1-360C05C5ECE5}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}\VersionIndependentProgID] @DACL=(02 0000) @="HostOL.WebmailSend" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\Control] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\InprocServer32] @DACL=(02 0000) @="c:\\Program Files\\Zango\\bin\\10.3.70.0\\ZangoSAAX.dll" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\MiscStatus] @DACL=(02 0000) @="0" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\ProgID] @DACL=(02 0000) @="ZangoAX.ClientDetector.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\ToolboxBitmap32] @DACL=(02 0000) @="c:\\Program Files\\Zango\\bin\\10.3.70.0\\ZangoSAAX.dll, 101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\TypeLib] @DACL=(02 0000) @="{89085678-632D-4deb-BDA0-CD912C63203E}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\Version] @DACL=(02 0000) @="1.0" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\VersionIndependentProgID] @DACL=(02 0000) @="ZangoAX.ClientDetector" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}\ProgID] @DACL=(02 0000) @="Toolbar.HtmlMenuUI.1" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}\Programmable] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}\TypeLib] @DACL=(02 0000) @="{C62A9E79-2B52-439B-AF57-2E60BB06E86C}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}\VersionIndependentProgID] @DACL=(02 0000) @="Toolbar.HtmlMenuUI" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'explorer.exe'(2192) c:\windows\system32\WININET.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Czas ukończenia: 2009-11-22 13:13 ComboFix-quarantined-files.txt 2009-11-22 12:13 ComboFix2.txt 2009-04-19 23:02 Przed: 7 748 386 816 bajtów wolnych Po: 7 917 273 088 bajtów wolnych - - End Of File - - 9A72032AE167B5BB16A3DF7777703A9D [/log]
Psycholandia komentarz 22 listopada 2009 komentarz 22 listopada 2009 1. Do notatnika wklej: [code]File:: C:\FOUND.022 c:\windows\system32\CF21274.exe C:\FOUND.021 C:\FOUND.020 C:\FOUND.019 C:\FOUND.018 C:\FOUND.017[/code] Plik zapisz pod nazwą [b]CFScript.txt[/b] Przeciągnij go i upuść na ikonę programu [b]ComboFix[/b] Dajesz powstały log po usuwaniu
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.