x-kom hosting

brak dźwięku

aguska1
utworzono
utworzono (edytowane)

Dzisiaj nagle zaniknął mi dźwięk na komputerze. Bardzo proszę o sprawdzenie logu z combofixa

[log] http://www.wklej.org/id/210573/ [/ log]

Psycholandia
komentarz
komentarz

[color="#FF0000"][quote]1. Aby wygenerować log użyj programu OTListIt2 lub Random's System Information Tool. Warto również zamieścić log z programu GMER lub DDS. Nie umieszczaj logów z programu HiJackThis oraz Sillient Runners.
2. Nie używaj bez potrzeby programu ComboFix (jeżeli nie dostaniesz wyraźnego polecenia). To potężne narzędzie o mocnej sile rażenia i nie właściwie stosowane może przynieść nieoczekiwane skutki.[/quote][/color]
Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338

Gość
komentarz
komentarz

Podaj konfiguracje sprzętową.

darexD
komentarz
komentarz

Może sterowniki ?? starsze ... podaj konf. ... instalowałeś coś ostatnio ?

Psycholandia
komentarz
komentarz

[size="4"][color="#FF0000"]a to czytaliście: http://www.forumpc.pl/index.php?showtopic=134231 ?[/color][/size]

aguska1
komentarz
komentarz (edytowane)

Komputer:
System operacyjny Microsoft Windows XP Professional
Dodatek service pack systemu operacyjnego Dodatek Service Pack 2
DirectX 4.09.00.0904 (DirectX 9.0c)
Nazwa komputera ATDOM
Nazwa użytkownika admin

Płyta główna:
Typ procesora AMD Athlon 64, 2200 MHz (11 x 200) 3500+
Nazwa płyty głównej Nieznane
Mikroukład płyty głównej nVIDIA nForce4, AMD Hammer
Pamięć fizyczna 1024 MB (PC3200 DDR SDRAM)
Typ BIOS'u Award (09/13/05)
Port komunikacyjny Port komunikacyjny (COM1)
Port komunikacyjny Port drukarki ECP (LPT1)

Ekran:
Karta wideo GeForce 6800 GT (256 MB)
Karta wideo NVIDIA GeForce 6800 Series GPU (256 MB)
Akcelerator 3D nVIDIA GeForce 6800 PCI-E Series
Monitor Monitor Plug and Play [NoDB] (HMEYC02851)

Multimedia:
Karta dźwiękowa nVIDIA MCP04 - Audio Codec Interface

Tak 2 tygodnie temu zmieniany był zasilacz na 400 w hipro oraz dokładany dodatkowy dysk hdd seagate 500gb sata, potem za jakieś 3 dni instalowany quek czy coś takiego gra przez nternet, fire fox i msn. Po skanowaniu awastem wyrzuciłam 6 malwarów a jak chciałam przeskanować jeszcze dodatkowo przez arcabit dźwięk zanikł w połowie skanowania. Acha jeszcze przy tym mam problem taki, że po wyłączeniu komputera on sam się włączył.

Psycholandia
komentarz
komentarz

Logi z OTL daj

aguska1
komentarz
komentarz

[log]OTL logfile created on: 2009-11-19 23:38:00 - Run 1
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Program Files
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 562,84 Mb Available Physical Memory | 54,99% Memory free
2,40 Gb Paging File | 1,92 Gb Available in Paging File | 79,97% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,52 Gb Total Space | 7,53 Gb Free Space | 38,56% Space Free | Partition Type: FAT32
Drive D: | 48,83 Gb Total Space | 1,31 Gb Free Space | 2,68% Space Free | Partition Type: NTFS
Drive E: | 117,94 Gb Total Space | 6,62 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Drive F: | 687,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 156,25 Gb Total Space | 156,14 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive H: | 146,48 Gb Total Space | 146,42 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive I: | 163,03 Gb Total Space | 151,07 Gb Free Space | 92,67% Space Free | Partition Type: NTFS

Computer Name: ATDOM
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
PRC - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-08-17 18:07:24 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-08-17 18:07:18 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-08-17 17:58:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-04-08 12:38:14 | 00,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008-08-04 00:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2008-05-06 21:56:44 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2008-05-06 19:42:00 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-05-06 11:28:50 | 01,800,048 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\Update.exe
PRC - [2008-04-17 14:19:02 | 01,017,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2008-04-10 15:14:30 | 01,107,848 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2008-04-10 15:14:26 | 00,337,800 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2008-03-20 12:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2008-02-22 04:25:22 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2008-02-22 04:25:20 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
PRC - [2007-06-13 15:23:50 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006-07-31 11:45:10 | 00,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-07-31 11:42:58 | 00,876,544 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006-02-24 11:58:14 | 00,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005-10-26 16:17:24 | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005-08-10 07:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005-06-08 16:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2005-05-12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2005-05-11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004-11-02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2004-10-13 18:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-03 23:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
MOD - [2006-12-21 14:30:44 | 00,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll
MOD - [2006-08-25 17:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004-08-04 00:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009-08-17 18:07:18 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-08-17 18:07:02 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-08-17 18:04:22 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-08-17 17:58:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-04-29 23:58:14 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008-04-17 14:19:02 | 01,017,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2008-04-10 15:14:26 | 00,337,800 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2006-07-31 13:18:10 | 00,720,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009-08-17 18:06:44 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-08-17 18:05:38 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-08-17 18:04:30 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-08-17 18:03:22 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008-02-01 11:55:52 | 00,042,376 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec)
DRV - [2007-12-10 13:53:28 | 00,081,288 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec)
DRV - [2007-12-10 13:53:28 | 00,066,952 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt)
DRV - [2007-11-13 12:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2005-07-15 10:40:36 | 03,640,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005-06-03 13:47:06 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005-06-03 13:47:04 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005-06-03 13:47:00 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005-06-03 13:46:58 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005-06-03 13:46:52 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus)
DRV - [2005-05-17 10:45:08 | 00,092,800 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005-04-05 20:22:30 | 00,012,928 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-04-05 20:22:28 | 00,033,536 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-03-09 15:53:00 | 00,043,008 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004-11-17 10:09:00 | 02,837,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-10-19 04:50:00 | 00,008,576 | R--- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2004-08-13 03:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-08-03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-07-20 14:19:16 | 00,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2001-08-17 22:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://poczta.interia.pl/
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\S-1-5-21-776561741-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://poczta.interia.pl/"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: G:\Fire fox\components [2009-11-14 12:11:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: G:\Fire fox\plugins [2009-11-14 12:11:44 | 00,000,000 | ---D | M]

[2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com
[2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\i35af83h.default\extensions

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\MICROS~1\OFFICE11\OFFICE11\EXCEL.EXE File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: com.pl ([mks] https in Trusted sites)
O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-01-01 15:06:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-11-19 23:35:43 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2009-11-19 23:21:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009-11-19 23:21:53 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2009-11-19 23:18:52 | 00,000,000 | -HSD | C] -- C:\FOUND.022
[2009-11-19 22:36:36 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe
[2009-11-19 22:16:50 | 00,000,000 | ---D | C] -- C:\FOUND.021
[2009-11-19 18:06:10 | 00,000,000 | ---D | C] -- C:\FOUND.020
[2009-11-18 22:06:18 | 00,000,000 | ---D | C] -- C:\FOUND.019
[2009-11-18 09:28:38 | 00,000,000 | ---D | C] -- C:\FOUND.018
[2009-11-14 12:45:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2009-11-14 12:22:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\id Software
[2009-11-14 12:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Pobieranie
[2009-11-14 12:11:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Mozilla
[2009-11-12 14:28:20 | 00,000,000 | ---D | C] -- C:\FOUND.017
[2009-11-01 12:43:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009-11-01 12:43:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL
[2009-11-01 10:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software
[2009-11-01 09:54:06 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\PrivacIE
[2009-11-01 09:49:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IETldCache
[2009-11-01 09:47:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009-11-01 09:47:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009-11-01 09:47:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009-11-01 09:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009-11-01 09:46:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009-11-01 09:43:39 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009-11-01 09:43:33 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009-11-01 09:43:33 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009-11-01 09:43:32 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009-11-01 09:43:32 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009-11-01 09:43:32 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009-11-01 09:43:31 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009-10-31 19:25:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express
[2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2009-10-26 19:46:08 | 17,037,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe
[2009-09-07 12:32:03 | 16,205,198 | ---- | C] (Mooii) -- C:\Program Files\PhotoScapeSetup_V3.4[www.instalki.pl].exe
[2009-05-26 23:31:21 | 42,911,720 | ---- | C] ( ) -- C:\Program Files\stellarium-0.10.2.exe
[2009-02-13 21:43:41 | 00,579,724 | ---- | C] (DELiX ) -- C:\Program Files\klawiaturka.exe
[2009-01-21 19:52:44 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe
[2008-11-12 20:56:31 | 01,984,790 | ---- | C] (DeVision Comp ) -- C:\Program Files\fssetup.exe
[2008-07-18 16:36:36 | 18,337,936 | ---- | C] (PC Tools ) -- C:\Program Files\sdstart.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2009-11-19 23:20:44 | 00,005,896 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-11-19 23:19:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-11-19 23:19:14 | 00,017,146 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-11-19 23:18:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-11-19 23:17:18 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT
[2009-11-19 23:16:54 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini
[2009-11-19 22:42:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-11-19 22:37:14 | 03,567,301 | R--- | M] () -- C:\Program Files\ComboFix.exe
[2009-11-19 22:35:44 | 00,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe
[2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-19 10:23:40 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-19 10:23:40 | 00,000,042 | ---- | M] () -- C:\Documents and Settings\admin\default.pls
[2009-11-18 20:14:54 | 03,181,836 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-11-17 10:07:18 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-14 12:22:40 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-11-14 12:11:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009-11-14 12:11:48 | 00,000,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-11-14 01:47:58 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009-11-09 11:17:06 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-11-01 12:44:24 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-10-31 21:04:20 | 00,000,429 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\ArcaMicroScan.lnk
[2009-10-27 14:48:30 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\CV.doc
[2009-10-26 19:46:10 | 17,037,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe
[2009-10-25 09:22:00 | 00,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-10-25 06:11:36 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2009-10-21 22:26:24 | 00,000,010 | ---- | M] () -- C:\Documents and Settings\admin\USB001
[2009-10-21 22:21:14 | 00,424,813 | ---- | M] () -- C:\WINDOWS\System32\ags
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-19 23:21:44 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009-11-19 23:21:44 | 00,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009-11-19 23:21:41 | 00,141,016 | R--- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2009-11-19 22:38:30 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009-11-19 22:38:30 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009-11-19 22:36:43 | 03,567,301 | R--- | C] () -- C:\Program Files\ComboFix.exe
[2009-11-14 13:14:36 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-14 13:14:23 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009-11-14 12:11:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-11-14 12:11:46 | 00,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-11-01 10:11:46 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-01 10:11:44 | 02,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-11-01 10:11:44 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-10-27 14:48:28 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\CV.doc
[2009-10-21 22:21:11 | 00,424,813 | ---- | C] () -- C:\WINDOWS\System32\ags
[2009-10-21 21:34:52 | 00,000,010 | ---- | C] () -- C:\Documents and Settings\admin\USB001
[2009-02-19 16:42:20 | 00,091,023 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2009-02-19 16:42:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2009-01-24 14:37:15 | 00,003,399 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009-01-21 20:17:44 | 00,007,966 | ---- | C] () -- C:\Program Files\startuplist.txt
[2009-01-21 19:53:03 | 00,008,519 | ---- | C] () -- C:\Program Files\hijackthis.log
[2009-01-20 15:39:47 | 00,082,053 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\Update_HP_RedboxHprblog_HPSU.log
[2009-01-20 15:39:47 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2008-12-06 13:10:21 | 00,007,005 | ---- | C] () -- C:\Program Files\Eula.txt
[2008-08-21 21:41:21 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008-07-20 15:38:42 | 00,000,657 | ---- | C] () -- C:\WINDOWS\graphedit.INI
[2008-07-20 14:24:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-07-20 14:24:07 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008-07-20 14:24:07 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-07-20 14:24:07 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008-07-20 14:24:06 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-07-20 14:24:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-05-19 18:21:17 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008-05-19 18:03:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-05-14 19:28:05 | 00,042,168 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2008-05-13 22:33:43 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-05-07 16:48:12 | 00,000,952 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2008-05-06 21:57:16 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache
[2008-05-06 21:42:49 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008-05-06 21:36:30 | 00,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2008-02-11 09:39:26 | 00,262,112 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2008-02-11 09:39:18 | 00,245,632 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2008-02-08 13:53:46 | 00,117,912 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2007-07-27 14:49:02 | 00,233,352 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007-07-27 14:49:02 | 00,204,512 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2005-12-05 19:25:22 | 00,146,752 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005-12-05 12:37:10 | 00,113,792 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2005-01-02 11:17:16 | 00,109,056 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005-01-02 10:54:24 | 00,000,869 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2005-01-02 10:54:18 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2005-01-01 23:35:56 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll
[2005-01-01 23:35:56 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2005-01-01 23:35:56 | 00,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2005-01-01 23:30:18 | 03,181,836 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2005-01-01 15:43:04 | 00,000,269 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2005-01-01 15:42:47 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2005-01-01 15:42:46 | 00,005,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2005-01-01 15:42:44 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005-01-01 15:41:39 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini
[2004-12-31 23:40:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001-11-05 14:44:51 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Q3version.ini
[2001-07-21 22:16:20 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 22:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2008-05-06 21:59:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2008-07-18 16:37:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-08-10 18:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TomTom
[2009-08-14 22:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
[2009-11-01 10:11:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software
[2008-05-06 21:59:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Teleca
[2008-05-06 22:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu
[2008-09-12 18:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaBit
[2008-09-14 18:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Canon
[2008-09-29 20:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Search Settings
[2009-03-15 13:32:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaMicroScan
[2009-05-20 22:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Simply Super Software
[2009-05-26 23:32:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Stellarium
[2009-07-26 12:20:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\gtk-2.0
[2009-08-10 18:49:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TomTom
[2009-10-31 19:25:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express
[2009-11-14 12:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\id Software
[2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-11-19 23:19:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ()

:Files
C:\FOUND.022
C:\FOUND.021
C:\FOUND.020
C:\FOUND.019
C:\FOUND.018
C:\FOUND.017

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]


Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]
Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie.


Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

aguska1
komentarz
komentarz

[quote name='Andziorka' date='20 listopad 2009 - 22:42 ' timestamp='1258753341' post='905699']
W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ()

:Files
C:\FOUND.022
C:\FOUND.021
C:\FOUND.020
C:\FOUND.019
C:\FOUND.018
C:\FOUND.017

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]


Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]
Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie.


Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
[/quote]

bardzo proszę o napisanie co i jak po kolei jak dla takiego co nic nie wie bo nie wiem czy mam wkleić skrypt do otl poniżej tego logu co mi powstał czy zastąpić loga tym skryptem i gdzie jest ten run fix?

Psycholandia
komentarz
komentarz

http://img195.imageshack.us/img195/5658/beztytuulrs.png
W okienko [u][b]Custom Scans/Fixes[/b][/u] wklejasz
[code]:Processes
explorer.exe

:OTL
O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ()

:Files
C:\FOUND.022
C:\FOUND.021
C:\FOUND.020
C:\FOUND.019
C:\FOUND.018
C:\FOUND.017

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Później klik na Run Fix. Masz na czerwono w lewym górnym rogu napisane. Komputer się zresetuje i powstanie po resecie nowy log.

aguska1
komentarz
komentarz

takie coś mi wyskoczyło po restarcie:
[log]All processes killed
Error: Unable to interpret <:Processesexplorer.exe:OTLO32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRunO33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ():FilesC:\FOUND.022C:\FOUND.021C:\FOUND.020C:\FOUND.019C:\FOUND.018C:\FOUND.017:Commands[emptytemp][start explorer][Reboot]> in the current context!

OTL by OldTimer - Version 3.1.6.0 log created on 11202009_235039

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
[/log]

może coś źle zrobiłam :((

Psycholandia
komentarz
komentarz

daj nowego loga z OTL

aguska1
komentarz
komentarz

nowy log:
[log]OTL logfile created on: 2009-11-21 12:26:06 - Run 2
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Program Files
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 574,15 Mb Available Physical Memory | 56,10% Memory free
2,40 Gb Paging File | 1,96 Gb Available in Paging File | 81,51% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,52 Gb Total Space | 7,33 Gb Free Space | 37,53% Space Free | Partition Type: FAT32
Drive D: | 48,83 Gb Total Space | 1,31 Gb Free Space | 2,68% Space Free | Partition Type: NTFS
Drive E: | 117,94 Gb Total Space | 6,61 Gb Free Space | 5,60% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 156,25 Gb Total Space | 156,14 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive H: | 146,48 Gb Total Space | 146,42 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive I: | 163,03 Gb Total Space | 146,90 Gb Free Space | 90,11% Space Free | Partition Type: NTFS

Computer Name: ATDOM
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
PRC - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-09-22 17:11:32 | 01,243,088 | ---- | M] (PC Tools) -- C:\Program Files\spyware\Spyware Doctor\pctsTray.exe
PRC - [2009-09-15 12:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashDisp.exe
PRC - [2009-09-15 12:56:44 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashServ.exe
PRC - [2009-09-15 12:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\aswUpdSv.exe
PRC - [2009-04-08 12:38:14 | 00,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008-08-04 00:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2008-05-06 21:56:44 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2008-05-06 19:42:00 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-02-22 04:25:22 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2008-02-22 04:25:20 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
PRC - [2007-06-13 15:23:50 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006-07-31 11:45:10 | 00,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-07-31 11:42:58 | 00,876,544 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006-02-24 11:58:14 | 00,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005-10-26 16:17:24 | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005-08-10 07:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005-06-08 16:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2005-05-12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2005-05-11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004-11-02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2004-10-13 18:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-03 23:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
MOD - [2006-08-25 17:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004-08-04 00:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009-09-15 12:56:44 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashServ.exe -- (avast! Antivirus)
SRV - [2009-09-15 12:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-09-15 12:54:14 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-09-15 12:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-04-29 23:58:14 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2006-07-31 13:18:10 | 00,720,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009-09-23 16:10:06 | 00,207,280 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009-09-15 12:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-09-15 12:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 12:55:20 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-09-15 12:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-09-15 12:54:22 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-09-15 12:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2007-11-13 12:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2005-07-15 10:40:36 | 03,640,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005-06-03 13:47:06 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005-06-03 13:47:04 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005-06-03 13:47:00 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005-06-03 13:46:58 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005-06-03 13:46:52 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus)
DRV - [2005-05-17 10:45:08 | 00,092,800 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005-04-05 20:22:30 | 00,012,928 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-04-05 20:22:28 | 00,033,536 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-03-09 15:53:00 | 00,043,008 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004-11-17 10:09:00 | 02,837,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-10-19 04:50:00 | 00,008,576 | R--- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2004-08-13 03:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-08-03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-07-20 14:19:16 | 00,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2001-08-17 22:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://poczta.interia.pl/
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\S-1-5-21-776561741-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://poczta.interia.pl/"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: G:\Fire fox\components [2009-11-14 12:11:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: G:\Fire fox\plugins [2009-11-14 12:11:44 | 00,000,000 | ---D | M]

[2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com
[2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\i35af83h.default\extensions

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\spyware\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\MICROS~1\OFFICE11\OFFICE11\EXCEL.EXE File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: com.pl ([mks] https in Trusted sites)
O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-01-01 15:06:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-11-21 00:05:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IECompatCache
[2009-11-20 23:46:20 | 00,000,000 | ---D | C] -- C:\_OTL
[2009-11-20 23:37:24 | 00,229,304 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009-11-20 23:37:20 | 00,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009-11-20 23:37:19 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009-11-20 23:37:13 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\PC Tools
[2009-11-20 23:23:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes
[2009-11-20 23:23:22 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-11-20 23:23:20 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-11-20 23:23:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2009-11-20 23:21:30 | 00,000,000 | ---D | C] -- C:\Program Files\malware
[2009-11-20 22:36:38 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009-11-20 22:36:38 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009-11-20 22:36:38 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009-11-20 22:36:38 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009-11-20 22:36:38 | 00,052,368 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009-11-20 22:36:38 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009-11-20 22:36:38 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009-11-20 22:36:38 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009-11-20 22:36:23 | 01,279,968 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009-11-20 22:31:02 | 00,000,000 | ---D | C] -- C:\Program Files\spyware
[2009-11-19 23:35:43 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2009-11-19 23:21:53 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2009-11-19 23:18:52 | 00,000,000 | -HSD | C] -- C:\FOUND.022
[2009-11-19 22:36:36 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe
[2009-11-19 22:16:50 | 00,000,000 | ---D | C] -- C:\FOUND.021
[2009-11-19 18:06:10 | 00,000,000 | ---D | C] -- C:\FOUND.020
[2009-11-18 22:06:18 | 00,000,000 | ---D | C] -- C:\FOUND.019
[2009-11-18 09:28:38 | 00,000,000 | ---D | C] -- C:\FOUND.018
[2009-11-14 12:45:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2009-11-14 12:22:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\id Software
[2009-11-14 12:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Pobieranie
[2009-11-14 12:11:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Mozilla
[2009-11-12 14:28:20 | 00,000,000 | ---D | C] -- C:\FOUND.017
[2009-11-01 12:43:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009-11-01 12:43:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL
[2009-11-01 10:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software
[2009-11-01 09:54:06 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\PrivacIE
[2009-11-01 09:49:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IETldCache
[2009-11-01 09:47:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009-11-01 09:47:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009-11-01 09:47:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009-11-01 09:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009-11-01 09:46:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009-11-01 09:43:39 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009-11-01 09:43:33 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009-11-01 09:43:33 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009-11-01 09:43:32 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009-11-01 09:43:32 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009-11-01 09:43:32 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009-11-01 09:43:31 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009-10-31 19:25:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express
[2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2009-10-26 19:46:08 | 17,037,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe
[2009-09-07 12:32:03 | 16,205,198 | ---- | C] (Mooii) -- C:\Program Files\PhotoScapeSetup_V3.4[www.instalki.pl].exe
[2009-05-26 23:31:21 | 42,911,720 | ---- | C] ( ) -- C:\Program Files\stellarium-0.10.2.exe
[2009-02-13 21:43:41 | 00,579,724 | ---- | C] (DELiX ) -- C:\Program Files\klawiaturka.exe
[2009-01-21 19:52:44 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe
[2008-11-12 20:56:31 | 01,984,790 | ---- | C] (DeVision Comp ) -- C:\Program Files\fssetup.exe
[2008-07-18 16:36:36 | 18,337,936 | ---- | C] (PC Tools ) -- C:\Program Files\sdstart.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-11-21 12:04:00 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-21 12:04:00 | 00,000,042 | ---- | M] () -- C:\Documents and Settings\admin\default.pls
[2009-11-21 09:03:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-11-21 09:03:30 | 00,017,146 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-11-21 09:03:10 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-11-21 00:09:02 | 06,029,312 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT
[2009-11-21 00:08:42 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini
[2009-11-21 00:03:44 | 00,000,122 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Fix.org
[2009-11-20 23:49:34 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009-11-20 23:49:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009-11-20 23:37:18 | 00,001,675 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk
[2009-11-20 23:23:26 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-20 22:36:40 | 00,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-11-20 22:36:40 | 00,001,506 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2009-11-20 19:57:40 | 02,109,648 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2009-11-19 23:20:44 | 00,005,896 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-11-19 22:42:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-11-19 22:37:14 | 03,567,301 | R--- | M] () -- C:\Program Files\ComboFix.exe
[2009-11-19 22:35:44 | 00,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe
[2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-17 10:07:18 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-14 12:22:40 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-11-14 12:11:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009-11-14 12:11:48 | 00,000,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-11-14 01:47:58 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009-11-09 11:17:06 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-11-01 12:44:24 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-10-31 21:04:20 | 00,000,429 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\ArcaMicroScan.lnk
[2009-10-27 14:48:30 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\CV.doc
[2009-10-26 19:46:10 | 17,037,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe
[2009-10-25 09:22:00 | 00,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-10-25 06:11:36 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-21 00:03:42 | 00,000,122 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Fix.org
[2009-11-20 23:49:32 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009-11-20 23:49:32 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009-11-20 23:37:24 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2009-11-20 23:37:20 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2009-11-20 23:37:20 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2009-11-20 23:37:17 | 00,001,675 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk
[2009-11-20 23:37:13 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2009-11-20 23:23:24 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-20 22:36:38 | 00,001,506 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2009-11-20 22:36:23 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009-11-19 23:38:27 | 00,089,010 | ---- | C] () -- C:\Program Files\OTL.Txt
[2009-11-19 23:21:44 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009-11-19 23:21:44 | 00,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009-11-19 23:21:41 | 00,141,016 | R--- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2009-11-19 22:38:30 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009-11-19 22:38:30 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009-11-19 22:36:43 | 03,567,301 | R--- | C] () -- C:\Program Files\ComboFix.exe
[2009-11-14 13:14:36 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-14 13:14:23 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009-11-14 12:11:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-11-14 12:11:46 | 00,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-11-01 10:11:46 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-01 10:11:44 | 02,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-11-01 10:11:44 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-10-27 14:48:28 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\CV.doc
[2009-02-19 16:42:20 | 00,091,023 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2009-02-19 16:42:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2009-01-24 14:37:15 | 00,003,399 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009-01-21 20:17:44 | 00,007,966 | ---- | C] () -- C:\Program Files\startuplist.txt
[2009-01-21 19:53:03 | 00,008,519 | ---- | C] () -- C:\Program Files\hijackthis.log
[2009-01-20 15:39:47 | 00,082,053 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\Update_HP_RedboxHprblog_HPSU.log
[2009-01-20 15:39:47 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2008-12-06 13:10:21 | 00,007,005 | ---- | C] () -- C:\Program Files\Eula.txt
[2008-08-21 21:41:21 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008-07-20 15:38:42 | 00,000,657 | ---- | C] () -- C:\WINDOWS\graphedit.INI
[2008-07-20 14:24:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-07-20 14:24:07 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008-07-20 14:24:07 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-07-20 14:24:07 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008-07-20 14:24:06 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-07-20 14:24:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-05-19 18:21:17 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008-05-19 18:03:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-05-14 19:28:05 | 00,042,168 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2008-05-13 22:33:43 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-05-07 16:48:12 | 00,000,952 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2008-05-06 21:57:16 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache
[2008-05-06 21:42:49 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008-05-06 21:36:30 | 00,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2008-02-11 09:39:26 | 00,262,112 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2008-02-11 09:39:18 | 00,245,632 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2008-02-08 13:53:46 | 00,117,912 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2007-07-27 14:49:02 | 00,233,352 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007-07-27 14:49:02 | 00,204,512 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2005-12-05 19:25:22 | 00,146,752 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005-12-05 12:37:10 | 00,113,792 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2005-01-02 11:17:16 | 00,109,056 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005-01-02 10:54:24 | 00,000,869 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2005-01-02 10:54:18 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2005-01-01 23:35:56 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll
[2005-01-01 23:35:56 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2005-01-01 23:35:56 | 00,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2005-01-01 23:30:18 | 02,109,648 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2005-01-01 15:43:04 | 00,000,269 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2005-01-01 15:42:47 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2005-01-01 15:42:46 | 00,005,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2005-01-01 15:42:44 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005-01-01 15:41:39 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini
[2004-12-31 23:40:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001-11-05 14:44:51 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Q3version.ini
[2001-07-21 22:16:20 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 22:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2008-05-06 21:59:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2008-07-18 16:37:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-08-10 18:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TomTom
[2009-08-14 22:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
[2009-11-01 10:11:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software
[2008-05-06 21:59:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Teleca
[2008-05-06 22:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu
[2008-09-12 18:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaBit
[2008-09-14 18:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Canon
[2008-09-29 20:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Search Settings
[2009-03-15 13:32:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaMicroScan
[2009-05-20 22:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Simply Super Software
[2009-05-26 23:32:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Stellarium
[2009-07-26 12:20:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\gtk-2.0
[2009-08-10 18:49:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TomTom
[2009-10-31 19:25:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express
[2009-11-14 12:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\id Software
[2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-11-21 09:03:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

Psycholandia
komentarz
komentarz

Źle zrobiłaś.
Jeszcze raz po kolei.
Tak wygląda OTL: http://img195.imageshack.us/img195/5658/beztytuulrs.png
Masz tam okienko (sprawdź na powyższym obrazku) [u][b]Custom Scans/Fixes[/b][/u] wklejasz w to okienko poniższy tekst:
[code]:Processes
explorer.exe

:OTL
O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ()

:Files
C:\FOUND.022
C:\FOUND.021
C:\FOUND.020
C:\FOUND.019
C:\FOUND.018
C:\FOUND.017

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Później klik na [u][b]Run Fix[/b][/u]. Masz na czerwono w lewym górnym rogu napisane. Komputer się zresetuje i powstanie po resecie nowy log.

aguska1
komentarz
komentarz

[quote name='Andziorka' date='21 listopad 2009 - 15:57 ' timestamp='1258815475' post='906150']
Źle zrobiłaś.
Jeszcze raz po kolei.
Tak wygląda OTL: http://img195.imageshack.us/img195/5658/beztytuulrs.png
Masz tam okienko (sprawdź na powyższym obrazku) [u][b]Custom Scans/Fixes[/b][/u] wklejasz w to okienko poniższy tekst:
[code]:Processes
explorer.exe

:OTL
O32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ()

:Files
C:\FOUND.022
C:\FOUND.021
C:\FOUND.020
C:\FOUND.019
C:\FOUND.018
C:\FOUND.017

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Później klik na [u][b]Run Fix[/b][/u]. Masz na czerwono w lewym górnym rogu napisane. Komputer się zresetuje i powstanie po resecie nowy log.
[/quote]

Zrobiłam wg instrukcji i po restarcie wyskoczyło mi okienko notatnika nazwa 11222009_122056 z następującą zawartością:
[log]All processes killed
Error: Unable to interpret <:Processesexplorer.exe:OTLO32 - AutoRun File - [2004-05-06 16:06:08 | 00,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]O33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell - "" = AutoRunO33 - MountPoints2\{5f628b82-c558-11de-b982-806d6172696f}\Shell\AutoRun\command - "" = F:\ASUSACPI.exe -- [2004-09-23 11:03:06 | 00,024,576 | R--- | M] ():FilesC:\FOUND.022C:\FOUND.021C:\FOUND.020C:\FOUND.019C:\FOUND.018C:\FOUND.017:Commands[emptytemp][start explorer][Reboot]> in the current context!

OTL by OldTimer - Version 3.1.6.0 log created on 11222009_122056

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
[/log]

Psycholandia
komentarz
komentarz

Daj nowego loga z OTL

aguska1
komentarz
komentarz

[quote name='Andziorka' date='22 listopad 2009 - 12:29 ' timestamp='1258889345' post='906893']
Daj nowego loga z OTL
[/quot

a gdzie się zapisał?

Psycholandia
komentarz
komentarz

Uruchom OTL i nowego wygeneruj

aguska1
komentarz
komentarz

przez run scan?

Psycholandia
komentarz
komentarz

tak

aguska1
komentarz
komentarz

zatem nowy log:
[log]OTL logfile created on: 2009-11-22 12:49:12 - Run 3
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Program Files
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 463,76 Mb Available Physical Memory | 45,31% Memory free
2,40 Gb Paging File | 1,84 Gb Available in Paging File | 76,49% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,52 Gb Total Space | 7,29 Gb Free Space | 37,34% Space Free | Partition Type: FAT32
Drive D: | 48,83 Gb Total Space | 1,31 Gb Free Space | 2,68% Space Free | Partition Type: NTFS
Drive E: | 117,94 Gb Total Space | 6,61 Gb Free Space | 5,60% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 156,25 Gb Total Space | 156,14 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive H: | 146,48 Gb Total Space | 146,42 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive I: | 163,03 Gb Total Space | 146,90 Gb Free Space | 90,11% Space Free | Partition Type: NTFS

Computer Name: ATDOM
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
PRC - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-09-22 17:11:32 | 01,243,088 | ---- | M] (PC Tools) -- C:\Program Files\spyware\Spyware Doctor\pctsTray.exe
PRC - [2009-09-15 12:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashDisp.exe
PRC - [2009-09-15 12:56:44 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashServ.exe
PRC - [2009-09-15 12:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\aswUpdSv.exe
PRC - [2009-04-08 12:38:14 | 00,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008-08-04 00:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2008-08-04 00:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2008-05-06 21:56:44 | 00,155,648 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2008-05-06 19:42:00 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-03-20 12:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2008-02-22 04:25:22 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2008-02-22 04:25:20 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
PRC - [2007-06-13 15:23:50 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-11 03:06:00 | 00,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2007-05-08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006-07-31 11:45:10 | 00,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-07-31 11:42:58 | 00,876,544 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006-02-24 11:58:14 | 00,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005-10-26 16:17:24 | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005-08-10 07:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005-06-08 16:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2005-05-12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2005-05-11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004-11-02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2004-10-13 18:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-03 23:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
MOD - [2006-12-21 14:30:44 | 00,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll
MOD - [2006-08-25 17:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004-08-04 00:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009-09-15 12:56:44 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashServ.exe -- (avast! Antivirus)
SRV - [2009-09-15 12:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-09-15 12:54:14 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-09-15 12:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-04-29 23:58:14 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009-04-08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2006-07-31 13:18:10 | 00,720,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-03-30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004-11-17 10:09:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009-09-23 16:10:06 | 00,207,280 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009-09-15 12:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-09-15 12:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 12:55:20 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-09-15 12:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-09-15 12:54:22 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-09-15 12:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2007-11-13 12:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2005-07-15 10:40:36 | 03,640,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005-06-03 13:47:06 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005-06-03 13:47:04 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005-06-03 13:47:00 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005-06-03 13:46:58 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005-06-03 13:46:52 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus)
DRV - [2005-05-17 10:45:08 | 00,092,800 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005-04-05 20:22:30 | 00,012,928 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-04-05 20:22:28 | 00,033,536 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-03-09 15:53:00 | 00,043,008 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004-11-17 10:09:00 | 02,837,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-10-19 04:50:00 | 00,008,576 | R--- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2004-08-13 03:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-08-03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-07-20 14:19:16 | 00,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2001-08-17 22:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://poczta.interia.pl/
IE - HKU\S-1-5-21-776561741-1336601894-839522115-1003\S-1-5-21-776561741-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://poczta.interia.pl/"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: G:\Fire fox\components [2009-11-14 12:11:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: G:\Fire fox\plugins [2009-11-14 12:11:44 | 00,000,000 | ---D | M]

[2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions
[2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-08-10 18:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com
[2009-11-14 12:12:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\i35af83h.default\extensions

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\spyware\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-776561741-1336601894-839522115-1003..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-776561741-1336601894-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\MICROS~1\OFFICE11\OFFICE11\EXCEL.EXE File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: com.pl ([mks] https in Trusted sites)
O15 - HKU\S-1-5-21-776561741-1336601894-839522115-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-01-01 15:06:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-11-21 00:05:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IECompatCache
[2009-11-20 23:46:20 | 00,000,000 | ---D | C] -- C:\_OTL
[2009-11-20 23:37:24 | 00,229,304 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009-11-20 23:37:20 | 00,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009-11-20 23:37:19 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009-11-20 23:37:13 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2009-11-20 23:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\PC Tools
[2009-11-20 23:23:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Malwarebytes
[2009-11-20 23:23:22 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-11-20 23:23:20 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-11-20 23:23:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2009-11-20 23:21:30 | 00,000,000 | ---D | C] -- C:\Program Files\malware
[2009-11-20 22:36:38 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009-11-20 22:36:38 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009-11-20 22:36:38 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009-11-20 22:36:38 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009-11-20 22:36:38 | 00,052,368 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009-11-20 22:36:38 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009-11-20 22:36:38 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009-11-20 22:36:38 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009-11-20 22:36:23 | 01,279,968 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009-11-20 22:31:02 | 00,000,000 | ---D | C] -- C:\Program Files\spyware
[2009-11-19 23:35:43 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2009-11-19 23:21:53 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2009-11-19 23:18:52 | 00,000,000 | -HSD | C] -- C:\FOUND.022
[2009-11-19 22:36:36 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe
[2009-11-19 22:16:50 | 00,000,000 | ---D | C] -- C:\FOUND.021
[2009-11-19 18:06:10 | 00,000,000 | ---D | C] -- C:\FOUND.020
[2009-11-18 22:06:18 | 00,000,000 | ---D | C] -- C:\FOUND.019
[2009-11-18 09:28:38 | 00,000,000 | ---D | C] -- C:\FOUND.018
[2009-11-14 12:45:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2009-11-14 12:22:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\id Software
[2009-11-14 12:17:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Pobieranie
[2009-11-14 12:11:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Mozilla
[2009-11-12 14:28:20 | 00,000,000 | ---D | C] -- C:\FOUND.017
[2009-11-01 12:43:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009-11-01 12:43:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL
[2009-11-01 10:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software
[2009-11-01 09:54:06 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\PrivacIE
[2009-11-01 09:49:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IETldCache
[2009-11-01 09:47:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009-11-01 09:47:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009-11-01 09:47:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009-11-01 09:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009-11-01 09:46:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009-11-01 09:43:39 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009-11-01 09:43:33 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009-11-01 09:43:33 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009-11-01 09:43:32 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009-11-01 09:43:32 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009-11-01 09:43:32 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009-11-01 09:43:31 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009-10-31 19:25:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express
[2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009-10-30 14:21:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009-10-30 14:21:00 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009-10-30 14:20:54 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2009-10-26 19:46:08 | 17,037,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe
[2009-09-07 12:32:03 | 16,205,198 | ---- | C] (Mooii) -- C:\Program Files\PhotoScapeSetup_V3.4[www.instalki.pl].exe
[2009-05-26 23:31:21 | 42,911,720 | ---- | C] ( ) -- C:\Program Files\stellarium-0.10.2.exe
[2009-02-13 21:43:41 | 00,579,724 | ---- | C] (DELiX ) -- C:\Program Files\klawiaturka.exe
[2009-01-21 19:52:44 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe
[2008-11-12 20:56:31 | 01,984,790 | ---- | C] (DeVision Comp ) -- C:\Program Files\fssetup.exe
[2008-07-18 16:36:36 | 18,337,936 | ---- | C] (PC Tools ) -- C:\Program Files\sdstart.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-11-22 12:23:26 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009-11-22 12:22:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-11-22 12:22:24 | 00,017,146 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-11-22 12:22:06 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-11-22 12:21:36 | 06,029,312 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT
[2009-11-22 12:21:12 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini
[2009-11-22 12:18:06 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-22 12:18:06 | 00,000,042 | ---- | M] () -- C:\Documents and Settings\admin\default.pls
[2009-11-22 11:18:14 | 03,196,014 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-11-21 00:03:44 | 00,000,122 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Fix.org
[2009-11-20 23:49:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009-11-20 23:37:18 | 00,001,675 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk
[2009-11-20 23:23:26 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-20 22:36:40 | 00,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-11-20 22:36:40 | 00,001,506 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2009-11-19 23:34:22 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2009-11-19 23:20:44 | 00,005,896 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-11-19 22:42:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-11-19 22:37:14 | 03,567,301 | R--- | M] () -- C:\Program Files\ComboFix.exe
[2009-11-19 22:35:44 | 00,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF21274.exe
[2009-11-19 15:43:28 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009-11-19 15:43:14 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-17 10:07:18 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-14 12:22:40 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-11-14 12:22:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-11-14 12:11:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009-11-14 12:11:48 | 00,000,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-11-14 01:47:58 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009-11-09 11:17:06 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-11-01 12:44:24 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-10-31 21:04:20 | 00,000,429 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\ArcaMicroScan.lnk
[2009-10-27 14:48:30 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\CV.doc
[2009-10-26 19:46:10 | 17,037,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-PLK.exe
[2009-10-25 09:22:00 | 00,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-10-25 06:11:36 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-21 00:03:42 | 00,000,122 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Fix.org
[2009-11-20 23:49:32 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009-11-20 23:49:32 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009-11-20 23:37:24 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2009-11-20 23:37:20 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2009-11-20 23:37:20 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2009-11-20 23:37:17 | 00,001,675 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk
[2009-11-20 23:37:13 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2009-11-20 23:23:24 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-20 22:36:38 | 00,001,506 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2009-11-20 22:36:23 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009-11-19 23:38:27 | 00,093,640 | ---- | C] () -- C:\Program Files\OTL1.Txt
[2009-11-19 23:21:44 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009-11-19 23:21:44 | 00,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009-11-19 23:21:41 | 00,141,016 | R--- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2009-11-19 22:38:30 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009-11-19 22:38:30 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009-11-19 22:36:43 | 03,567,301 | R--- | C] () -- C:\Program Files\ComboFix.exe
[2009-11-14 13:14:36 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-14 13:14:23 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009-11-14 12:11:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-11-14 12:11:46 | 00,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-11-01 10:11:46 | 00,214,488 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-01 10:11:44 | 02,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009-11-01 10:11:44 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-10-27 14:48:28 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\CV.doc
[2009-02-19 16:42:20 | 00,091,023 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2009-02-19 16:42:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2009-01-24 14:37:15 | 00,003,399 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009-01-21 20:17:44 | 00,007,966 | ---- | C] () -- C:\Program Files\startuplist.txt
[2009-01-21 19:53:03 | 00,008,519 | ---- | C] () -- C:\Program Files\hijackthis.log
[2009-01-20 15:39:47 | 00,082,053 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\Update_HP_RedboxHprblog_HPSU.log
[2009-01-20 15:39:47 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2008-12-06 13:10:21 | 00,007,005 | ---- | C] () -- C:\Program Files\Eula.txt
[2008-08-21 21:41:21 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008-07-20 15:38:42 | 00,000,657 | ---- | C] () -- C:\WINDOWS\graphedit.INI
[2008-07-20 14:24:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-07-20 14:24:07 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008-07-20 14:24:07 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-07-20 14:24:07 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008-07-20 14:24:06 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-07-20 14:24:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-05-19 18:21:17 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008-05-19 18:03:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-05-14 19:28:05 | 00,042,168 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2008-05-13 22:33:43 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-05-07 16:48:12 | 00,000,952 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2008-05-06 21:57:16 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache
[2008-05-06 21:42:49 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008-05-06 21:36:30 | 00,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2008-02-11 09:39:26 | 00,262,112 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2008-02-11 09:39:18 | 00,245,632 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2008-02-08 13:53:46 | 00,117,912 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2007-07-27 14:49:02 | 00,233,352 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007-07-27 14:49:02 | 00,204,512 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2005-12-05 19:25:22 | 00,146,752 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005-12-05 12:37:10 | 00,113,792 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2005-01-02 11:17:16 | 00,109,056 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005-01-02 10:54:24 | 00,000,869 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2005-01-02 10:54:18 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2005-01-01 23:35:56 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll
[2005-01-01 23:35:56 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2005-01-01 23:35:56 | 00,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2005-01-01 23:30:18 | 03,196,014 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2005-01-01 15:43:04 | 00,000,269 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2005-01-01 15:42:47 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2005-01-01 15:42:46 | 00,005,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2005-01-01 15:42:44 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005-01-01 15:41:39 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini
[2004-12-31 23:40:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001-11-05 14:44:51 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Q3version.ini
[2001-07-21 22:16:20 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 22:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2008-05-06 21:59:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2008-07-18 16:37:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-08-10 18:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TomTom
[2009-08-14 22:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
[2009-11-01 10:11:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software
[2008-05-06 21:59:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Teleca
[2008-05-06 22:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu
[2008-09-12 18:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaBit
[2008-09-14 18:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Canon
[2008-09-29 20:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Search Settings
[2009-03-15 13:32:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\ArcaMicroScan
[2009-05-20 22:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Simply Super Software
[2009-05-26 23:32:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Stellarium
[2009-07-26 12:20:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\gtk-2.0
[2009-08-10 18:49:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\TomTom
[2009-10-31 19:25:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Image Zone Express
[2009-11-14 12:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\id Software
[2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-11-22 12:22:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

Psycholandia
komentarz
komentarz

http://www.forumpc.pl/index.php?showtopic=120614 przeskanuj komputer Combofixem i daj loga

aguska1
komentarz
komentarz

oto log z combofixa: [log]ComboFix 09-11-21.03 - admin 2009-11-22 13:06.3.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1023.593 [GMT 1:00]
Uruchomiony z: c:\program files\combofix\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Utworzono nowy punkt przywracania
.

((((((((((((((((((((((((( Pliki utworzone od 2009-10-22 do 2009-11-22 )))))))))))))))))))))))))))))))
.

2009-11-22 12:03 . 2009-11-22 12:03 -------- d-----w- c:\program files\combofix
2009-11-22 09:23 . 2009-11-22 09:23 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2009-11-22 09:23 . 2009-11-22 09:23 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
2009-11-22 09:23 . 2009-11-22 09:23 -------- d-----r- c:\documents and settings\LocalService\Ulubione
2009-11-20 23:05 . 2009-11-20 23:05 -------- d-sh--w- c:\documents and settings\admin\IECompatCache
2009-11-20 22:46 . 2009-11-20 22:46 -------- d-----w- C:\_OTL
2009-11-20 22:37 . 2009-09-24 07:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-11-20 22:37 . 2009-09-23 15:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-11-20 22:37 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-11-20 22:37 . 2009-09-03 08:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-11-20 22:37 . 2009-11-20 22:37 -------- d-----w- c:\program files\Common Files\PC Tools
2009-11-20 22:37 . 2009-11-20 22:37 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\PC Tools
2009-11-20 22:37 . 2009-11-20 22:37 -------- d-----w- c:\documents and settings\admin\Dane aplikacji\PC Tools
2009-11-20 22:23 . 2009-11-20 22:23 -------- d-----w- c:\documents and settings\admin\Dane aplikacji\Malwarebytes
2009-11-20 22:23 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-20 22:23 . 2009-11-20 22:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2009-11-20 22:23 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-20 22:21 . 2009-11-20 22:21 -------- d-----w- c:\program files\malware
2009-11-20 21:36 . 2009-09-15 11:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-20 21:36 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-20 21:36 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-20 21:36 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-20 21:36 . 2009-09-15 11:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-20 21:36 . 2009-09-15 11:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-20 21:36 . 2009-09-15 11:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-20 21:36 . 2009-09-15 11:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-20 21:36 . 2009-09-15 11:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-20 21:31 . 2009-11-20 21:31 -------- d-----w- c:\program files\spyware
2009-11-19 22:35 . 2009-11-19 22:34 529408 ----a-w- c:\program files\OTL.exe
2009-11-19 22:21 . 2009-11-19 22:21 -------- d-----w- c:\program files\Realtek AC97
2009-11-19 22:21 . 2005-07-15 09:40 3640000 ------r- c:\windows\system32\drivers\alcxwdm.sys
2009-11-19 22:21 . 2005-07-12 07:55 81920 ------r- c:\windows\soundman.exe
2009-11-19 22:21 . 2005-05-18 05:38 40960 ------r- c:\windows\system32\ChCfg.exe
2009-11-19 22:21 . 2004-09-07 06:23 156672 ------r- c:\windows\system32\RtlCPAPI.dll
2009-11-19 22:21 . 2005-07-15 08:30 10457600 ------r- c:\windows\system32\RTLCPL.exe
2009-11-19 22:21 . 2005-06-02 08:31 294912 ------r- c:\windows\alcupd.exe
2009-11-19 22:21 . 2005-06-02 08:43 200704 ------r- c:\windows\alcrmv.exe
2009-11-19 22:18 . 2009-11-19 22:18 -------- d-----w- C:\FOUND.022
2009-11-19 21:36 . 2009-11-19 21:35 395776 ----a-w- c:\windows\system32\CF21274.exe
2009-11-19 21:16 . 2009-11-19 21:16 -------- d-----w- C:\FOUND.021
2009-11-19 17:06 . 2009-11-19 17:06 -------- d-----w- C:\FOUND.020
2009-11-18 21:06 . 2009-11-18 21:06 -------- d-----w- C:\FOUND.019
2009-11-18 08:28 . 2009-11-18 08:28 -------- d-----w- C:\FOUND.018
2009-11-14 12:14 . 2009-11-19 14:43 138504 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-14 11:45 . 2009-11-19 14:43 363584 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\baseq3\cgamex86.dll
2009-11-14 11:45 . 2009-11-19 11:10 461888 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\baseq3\qagamex86.dll
2009-11-14 11:45 . 2009-11-14 11:45 -------- d-----w- c:\documents and settings\admin\Ustawienia lokalne\Dane aplikacji\PunkBuster
2009-11-14 11:45 . 2009-11-19 14:43 179264 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\baseq3\uix86.dll
2009-11-14 11:45 . 2009-11-19 14:43 57344 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\pb\pbag.dll
2009-11-14 11:45 . 2009-11-19 14:43 887856 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\pb\pbcl.dll
2009-11-14 11:45 . 2009-11-19 14:43 2628672 ----a-w- c:\documents and settings\admin\Dane aplikacji\id Software\quakelive\home\baseq3\quakelive.dll
2009-11-14 11:22 . 2009-11-14 11:22 -------- d-----w- c:\documents and settings\admin\Dane aplikacji\id Software
2009-11-14 11:11 . 2009-11-14 11:11 0 ----a-w- c:\windows\nsreg.dat
2009-11-14 11:11 . 2009-11-14 11:11 -------- d-----w- c:\documents and settings\admin\Ustawienia lokalne\Dane aplikacji\Mozilla
2009-11-12 13:28 . 2009-11-12 13:28 -------- d-----w- C:\FOUND.017
2009-11-01 11:43 . 2009-11-01 11:43 -------- d--h--w- c:\windows\ie8
2009-11-01 11:43 . 2009-11-01 11:43 -------- d-----w- c:\windows\system32\pl-PL
2009-11-01 09:11 . 2009-11-19 14:43 214488 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-01 09:11 . 2009-11-14 11:22 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-01 09:11 . 2009-11-14 11:22 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2009-11-01 09:11 . 2009-11-01 09:11 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\id Software
2009-11-01 08:54 . 2009-11-01 08:54 -------- d-sh--w- c:\documents and settings\admin\PrivacIE
2009-11-01 08:50 . 2009-11-01 08:50 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-11-01 08:49 . 2009-11-01 08:49 -------- d-sh--w- c:\documents and settings\admin\IETldCache
2009-11-01 08:47 . 2009-11-01 08:47 -------- d-----w- c:\windows\ie8updates
2009-11-01 08:46 . 2009-11-01 08:46 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-01 08:46 . 2009-11-01 08:46 -------- d--h--w- c:\windows\msdownld.tmp
2009-11-01 08:43 . 2009-10-02 04:44 92160 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-11-01 08:43 . 2009-08-29 07:58 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-11-01 08:43 . 2009-08-29 07:58 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2009-11-01 08:43 . 2009-08-29 07:58 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2009-11-01 08:43 . 2009-08-29 07:58 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-11-01 08:43 . 2009-08-29 07:58 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-01 08:43 . 2009-08-29 07:58 11069440 ------w- c:\windows\system32\dllcache\ieframe.dll
2009-10-31 18:25 . 2009-10-31 18:25 -------- d-----w- c:\documents and settings\admin\Dane aplikacji\Image Zone Express
2009-10-30 13:21 . 2004-08-03 23:38 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-10-30 13:21 . 2004-08-03 23:38 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-10-30 13:21 . 2001-10-26 15:57 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-10-30 13:21 . 2001-10-26 15:57 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2009-10-30 13:20 . 2001-08-17 21:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-10-30 13:20 . 2001-08-17 21:02 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2009-10-26 18:46 . 2009-10-26 18:46 17037680 ----a-w- c:\program files\IE8-WindowsXP-x86-PLK.exe

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-22 11:50 . 2009-11-22 11:50 94562 ----a-w- c:\program files\OTL.Txt
2009-11-21 11:27 . 2009-11-19 22:38 93640 ----a-w- c:\program files\OTL1.Txt
2009-10-17 22:18 . 2009-10-17 22:18 -------- d-----w- c:\program files\Conduit
2009-09-07 11:32 . 2009-09-07 11:32 16205198 ----a-w- c:\program files\PhotoScapeSetup_V3.4[www.instalki.pl].exe
2009-08-29 07:58 . 2004-08-03 22:44 916480 ------w- c:\windows\system32\wininet.dll
2009-05-26 22:31 . 2009-05-26 22:31 42911720 ----a-w- c:\program files\stellarium-0.10.2.exe
2009-02-13 20:43 . 2009-02-13 20:43 579724 ----a-w- c:\program files\klawiaturka.exe
2009-01-21 19:17 . 2009-01-21 19:17 7966 ----a-w- c:\program files\startuplist.txt
2009-01-21 19:12 . 2009-01-21 18:53 8519 ----a-w- c:\program files\hijackthis.log
2009-01-21 18:51 . 2009-01-21 18:52 401720 ----a-w- c:\program files\HiJackThis.exe
2008-11-12 19:56 . 2008-11-12 19:56 1984790 ----a-w- c:\program files\fssetup.exe
2008-07-18 15:36 . 2008-07-18 15:36 18337936 ----a-w- c:\program files\sdstart.exe
2006-07-28 07:32 . 2008-12-06 12:10 7005 ----a-w- c:\program files\Eula.txt
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-06 68856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 139264]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-11-17 4624384]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-11-17 86016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-06 155648]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"avast!"="c:\progra~1\ALWILS~1\ashDisp.exe" [2009-09-15 81000]
"ISTray"="c:\program files\spyware\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2004-11-17 921600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Quake III Arena\\quake3.exe"=
"c:\\Program Files\\Nero\\Nero Sipps\\Phone.exe"=
"c:\\Program Files\\Gadu-Gadu\\GG.EXE"=
"e:\\MEDALOF HONOR\\mohpa.exe"=
"d:\\eMule\\emule.exe"=
"c:\\WINDOWS\\System32\\PnkBstrA.exe"=
"c:\\WINDOWS\\System32\\PnkBstrB.exe"=
"g:\\Fire fox\\firefox.exe"=
"c:\\Documents and Settings\\admin\\Pulpit\\ArcaMicroScan\\ArcaMicroScan.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-11-20 207280]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-11-20 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-11-20 20560]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-08 92008]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt --> c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [?]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://poczta.interia.pl/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&ksport do programu Microsoft Excel - d:\micros~1\OFFICE11\OFFICE11\EXCEL.EXE/3000
Trusted Zone: com.pl\mks
DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} - hxxp://slimak.onet.pl/_m/wirusy/ArcaOnline.cab
FF - ProfilePath - c:\documents and settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\i35af83h.default\
FF - prefs.js: browser.startup.homepage - hxxp://poczta.interia.pl/

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
g:\fire fox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-22 13:11
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-776561741-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\iexplore]
@DACL=(02 0000)
"Type"=dword:00000003
"Count"=dword:00000027
"Time"=hex:d8,07,07,00,05,00,12,00,0e,00,24,00,37,00,03,02

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}\ProgID]
@DACL=(02 0000)
@="CntntCntr.CntntDic.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}\TypeLib]
@DACL=(02 0000)
@="{148E1447-C728-48FD-BEEC-A7D06C5FFF58}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}\VersionIndependentProgID]
@DACL=(02 0000)
@="CntntCntr.CntntDic"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Control]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Implemented Categories]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Instance]
@DACL=(02 0000)
"CLSID"="{4D5C8C2A-D075-11D0-B416-00C04FB90376}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\MiscStatus]
@DACL=(02 0000)
@="0"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\ProgID]
@DACL=(02 0000)
@="HBMain.CommBand.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\ToolboxBitmap32]
@DACL=(02 0000)
@="c:\\Program Files\\Zango\\bin\\10.3.70.0\\HostIE.dll, 507"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\TypeLib]
@DACL=(02 0000)
@="{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Version]
@DACL=(02 0000)
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\VersionIndependentProgID]
@DACL=(02 0000)
@="HBMain.CommBand"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}\ProgID]
@DACL=(02 0000)
@="HbCoreSrv.DynamicProp.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}\TypeLib]
@DACL=(02 0000)
@="{60F63095-41EC-11D5-B558-00D0B77F0A6D}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}\VersionIndependentProgID]
@DACL=(02 0000)
@="HbCoreSrv.DynamicProp"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\InprocServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Zango\\bin\\10.3.70.0\\ZangoSAAX.dll"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\ProgID]
@DACL=(02 0000)
@="ZangoAX.UserProfiles.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\TypeLib]
@DACL=(02 0000)
@="{89085678-632D-4deb-BDA0-CD912C63203E}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}\VersionIndependentProgID]
@DACL=(02 0000)
@="ZangoAX.UserProfiles"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\Control]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\MiscStatus]
@DACL=(02 0000)
@="0"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\ProgID]
@DACL=(02 0000)
@="Toolbar.ToolbarCtl.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\TypeLib]
@DACL=(02 0000)
@="{C62A9E79-2B52-439B-AF57-2E60BB06E86C}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\Version]
@DACL=(02 0000)
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}\VersionIndependentProgID]
@DACL=(02 0000)
@="Toolbar.ToolbarCtl"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}\ProgID]
@DACL=(02 0000)
@="Wallpaper.WallpaperManager.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}\TypeLib]
@DACL=(02 0000)
@="{ABEC1835-3181-4ABD-8DDE-875AEC4DF6D2}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{69725738-CD68-4F36-8D02-8C43722EE5DA}\VersionIndependentProgID]
@DACL=(02 0000)
@="Wallpaper.WallpaperManager"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}\ProgID]
@DACL=(02 0000)
@="Srv.CoreServices.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}\TypeLib]
@DACL=(02 0000)
@="{03D7FF6E-9781-40B5-BB7F-94291A361604}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}\VersionIndependentProgID]
@DACL=(02 0000)
@="Srv.CoreServices"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}\ProgID]
@DACL=(02 0000)
@="hbr.HbMain.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}\TypeLib]
@DACL=(02 0000)
@="{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}\VersionIndependentProgID]
@DACL=(02 0000)
@="hbr.HbMain"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}\ProgID]
@DACL=(02 0000)
@="CoreSrv.CoreServices.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}\TypeLib]
@DACL=(02 0000)
@="{0729F461-8054-47DC-8D39-A31B61CC0119}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}\VersionIndependentProgID]
@DACL=(02 0000)
@="CoreSrv.CoreServices"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\InprocServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Zango\\bin\\10.3.70.0\\HostIE.dll"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ProgID]
@DACL=(02 0000)
@="HostIE.Bho.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\TypeLib]
@DACL=(02 0000)
@="{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\VersionIndependentProgID]
@DACL=(02 0000)
@="HostIE.Bho"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\LocalServer32]
@DACL=(02 0000)
@="\"c:\\Program Files\\Zango\\bin\\10.3.70.0\\Weather.exe\""

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\ProgID]
@DACL=(02 0000)
@="WeatherDPA.WeatherController.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\TypeLib]
@DACL=(02 0000)
@="{A56FE01C-77C4-4F5E-8198-E4B72207890A}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9473559B-50FC-4A8A-829B-E152E8D6A307}\VersionIndependentProgID]
@DACL=(02 0000)
@="WeatherDPA.WeatherController"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\Control]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\ProgID]
@DACL=(02 0000)
@="HostOL.MailAnim.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\TypeLib]
@DACL=(02 0000)
@="{8292078F-F6E9-412B-8EB1-360C05C5ECE5}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}\VersionIndependentProgID]
@DACL=(02 0000)
@="HostOL.MailAnim"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}\ProgID]
@DACL=(02 0000)
@="CntntCntr.CntntDisp.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}\TypeLib]
@DACL=(02 0000)
@="{148E1447-C728-48FD-BEEC-A7D06C5FFF58}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}\VersionIndependentProgID]
@DACL=(02 0000)
@="CntntCntr.CntntDisp"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}\ProgID]
@DACL=(02 0000)
@="HostOL.WebmailSend.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}\TypeLib]
@DACL=(02 0000)
@="{8292078F-F6E9-412B-8EB1-360C05C5ECE5}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}\VersionIndependentProgID]
@DACL=(02 0000)
@="HostOL.WebmailSend"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\Control]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\InprocServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Zango\\bin\\10.3.70.0\\ZangoSAAX.dll"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\MiscStatus]
@DACL=(02 0000)
@="0"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\ProgID]
@DACL=(02 0000)
@="ZangoAX.ClientDetector.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\ToolboxBitmap32]
@DACL=(02 0000)
@="c:\\Program Files\\Zango\\bin\\10.3.70.0\\ZangoSAAX.dll, 101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\TypeLib]
@DACL=(02 0000)
@="{89085678-632D-4deb-BDA0-CD912C63203E}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\Version]
@DACL=(02 0000)
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}\VersionIndependentProgID]
@DACL=(02 0000)
@="ZangoAX.ClientDetector"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}\ProgID]
@DACL=(02 0000)
@="Toolbar.HtmlMenuUI.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}\TypeLib]
@DACL=(02 0000)
@="{C62A9E79-2B52-439B-AF57-2E60BB06E86C}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}\VersionIndependentProgID]
@DACL=(02 0000)
@="Toolbar.HtmlMenuUI"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'explorer.exe'(2192)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Czas ukończenia: 2009-11-22 13:13
ComboFix-quarantined-files.txt 2009-11-22 12:13
ComboFix2.txt 2009-04-19 23:02

Przed: 7 748 386 816 bajtów wolnych
Po: 7 917 273 088 bajtów wolnych

- - End Of File - - 9A72032AE167B5BB16A3DF7777703A9D
[/log]

Psycholandia
komentarz
komentarz

1. Do notatnika wklej:

[code]File::
C:\FOUND.022
c:\windows\system32\CF21274.exe
C:\FOUND.021
C:\FOUND.020
C:\FOUND.019
C:\FOUND.018
C:\FOUND.017[/code]

Plik zapisz pod nazwą [b]CFScript.txt[/b] Przeciągnij go i upuść na ikonę programu [b]ComboFix[/b]
Dajesz powstały log po usuwaniu

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.