x-kom hosting

An error 1006 (000003EE) has occured...

kupikur
utworzono
utworzono

Witam.

Komunikat podany w temacie przerywa instalację programów. Jeśli jest jakaś opcja, aby uchronić przed formatem i przeinstalowaniem systemu to proszę o sugestie:) Podaję logi:

[log]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:18:12, on 21.12.2009
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\NetPanel\NetPanel.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NetPanel] "C:\Program Files\NetPanel\Starter.exe" /path="C:\Program Files\NetPanel"
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223103555000
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O19 - User stylesheet: (file missing)
O23 - Service: Usługa Google Update (gupdate1c9fc6bf0d68c64) (gupdate1c9fc6bf0d68c64) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 5335 bytes



[/log]

[log]

"Silent Runners.vbs", revision 60, http://www.silentrunners.org/
Operating System: Windows XP SP1
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"swg" = ""C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"" ["Google Inc."]
"Skype" = ""C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."]
"SpybotSD TeaTimer" = "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" ["Safer-Networking Ltd."]
"uTorrent" = ""C:\Program Files\uTorrent\uTorrent.exe"" ["BitTorrent, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"AdslTaskBar" = "rundll32.exe stmctrl.dll,TaskBar" [MS]
"IgfxTray" = "C:\WINDOWS\System32\igfxtray.exe" ["Intel Corporation"]
"HotKeysCmds" = "C:\WINDOWS\System32\hkcmd.exe" ["Intel Corporation"]
"NetPanel" = ""C:\Program Files\NetPanel\Starter.exe" /path="C:\Program Files\NetPanel"" [null data]
"VMSnap3" = "C:\WINDOWS\VMSnap3.EXE" ["ZSMCSNAP"]
"Domino" = "C:\WINDOWS\Domino.EXE" ["Vimicro"]

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\
{306D6C21-C1B6-4629-986C-E59E1875B8AF}\(Default) = (no title provided)
\StubPath = ""C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\(Default) = "Skype add-on (mastermind)"
-> {HKLM...CLSID} = "Skype add-on (mastermind)"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll" ["Skype Technologies S.A."]

{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Spybot-S&D IE Protection"
\InProcServer32\(Default) = "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]

{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Free Lunch Design Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Free_Lunch_Design\tbFre0.dll" ["Conduit Ltd."]

{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Notifier BHO"
\InProcServer32\(Default) = "C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll" ["Google Inc."]

{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\(Default) = "IEPluginBHO"
-> {HKLM...CLSID} = "IEPluginBHO Class"
\InProcServer32\(Default) = "C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll" ["GG Network S.A."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

"{E0D79300-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\wzshlext.dll" [null data]

"{E0D79301-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\wzshlext.dll" [null data]

"{E0D79302-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\wzshlext.dll" [null data]

"{72923739-5A47-40A3-9895-25AF0DFBB9E4}" = "Glary Utilities Context Menu Shell Extension"
-> {HKLM...CLSID} = "Glary Utilities Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL" ["Glarysoft Ltd"]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> igfxcui\DLLName = "igfxsrvc.dll" ["Intel Corporation"]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}"
-> {HKLM...CLSID} = "IEProtocolHandler Class"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL" ["Skype Technologies"]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

Glary Utilities\(Default) = "{72923739-5A47-40A3-9895-25AF0DFBB9E4}"
-> {HKLM...CLSID} = "Glary Utilities Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL" ["Glarysoft Ltd"]

WinZip\(Default) = "{E0D79300-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\wzshlext.dll" [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

WinZip\(Default) = "{E0D79300-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\wzshlext.dll" [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinZip\(Default) = "{E0D79301-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\wzshlext.dll" [null data]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

igfxcui\(Default) = "{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}"
-> {HKLM...CLSID} = "GraphicsShellExt Class"
\InProcServer32\(Default) = "C:\WINDOWS\System32\igfxpph.dll" ["Intel Corporation"]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

Glary Utilities\(Default) = "{72923739-5A47-40A3-9895-25AF0DFBB9E4}"
-> {HKLM...CLSID} = "Glary Utilities Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL" ["Glarysoft Ltd"]

WinZip\(Default) = "{E0D79300-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\wzshlext.dll" [null data]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinZip\(Default) = "{E0D79301-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\wzshlext.dll" [null data]


Default executables:
--------------------

<<!>> HKLM\SOFTWARE\Classes\.com\(Default) = "ComFile"


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoDrives" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoDrives" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

"DisableRegistryTools" = (REG_DWORD) dword:0x00000000
{unrecognized setting}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"


Enabled Scheduled Tasks:
------------------------

"GlaryInitialize" -> launches: "C:\Program Files\Glary Utilities\initialize.exe" ["Glarysoft Ltd"]
"GoogleUpdateTaskMachineCore" -> launches: "C:\Program Files\Google\Update\GoogleUpdate.exe /c" ["Google Inc."]
"GoogleUpdateTaskMachineUA" -> launches: "C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler" ["Google Inc."]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 17
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\

"{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC}"
-> {HKLM...CLSID} = "Free Lunch Design Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Free_Lunch_Design\tbFre0.dll" ["Conduit Ltd."]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "Google Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "Google Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]

"{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC}"
-> {HKLM...CLSID} = "Free Lunch Design Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Free_Lunch_Design\tbFre0.dll" ["Conduit Ltd."]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
"{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC}" = "Free Lunch Design Toolbar"
-> {HKLM...CLSID} = "Free Lunch Design Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Free_Lunch_Design\tbFre0.dll" ["Conduit Ltd."]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]

Explorer Bars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

HKLM\SOFTWARE\Classes\CLSID\{32004B8A-44A9-43E7-84E9-808838809519}\(Default) = "Google Side Bar"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]

HKLM\SOFTWARE\Classes\CLSID\{65325A88-96A2-48E8-9731-60905A59F78C}\(Default) = "Free Lunch Design Findbar"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "C:\Program Files\Free_Lunch_Design\tbFre0.dll" ["Conduit Ltd."]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{5067A26B-1337-4436-8AFE-EE169C2DA79F}\
"MenuText" = "Skype add-on for Internet Explorer"
"CLSIDExtension" = "{77BF5300-1474-4EC7-9980-D32B190E9B07}"
-> {HKLM...CLSID} = "Skype add-on (button)"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll" ["Skype Technologies S.A."]

{77BF5300-1474-4EC7-9980-D32B190E9B07}\
"ButtonText" = "Skype"
"CLSIDExtension" = "{77BF5300-1474-4EC7-9980-D32B190E9B07}"
-> {HKLM...CLSID} = "Skype add-on (button)"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll" ["Skype Technologies S.A."]

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\
"MenuText" = "Spybot - Search && Destroy Configuration"
"CLSIDExtension" = "{53707962-6F74-2D53-2644-206D7942484F}"
-> {HKLM...CLSID} = "Spybot-S&D IE Protection"
\InProcServer32\(Default) = "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]


Miscellaneous IE Hijack Points
------------------------------

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}" = (no title provided)
-> {HKLM...CLSID} = "Free Lunch Design Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Free_Lunch_Design\tbFre0.dll" ["Conduit Ltd."]


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
Canon BJ Language Monitor i250\Driver = "CNMLM50.DLL" ["CANON INC."]


---------- (launch time: 2009-12-21 13:23:44)
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 144 seconds.
---------- (total run time: 476 seconds)

[/log]



Z góry dziękuję za pomoc

Mateusz J.
komentarz
komentarz

Czy błąd wyskakuje przy każdej próbie zainstalowanie programów?
Tzn. czy np. programy z płyty da się zainstalować? Czy tylko te ściągnięte mają jakąś komplikację?

Zainstaluj Service Pack 2.

Daj log z OTL (Patrz Regulamin działu), te logi, które pokazałeś zawierają mało informacji.

kupikur
komentarz
komentarz

[quote name='jesiona' date='21 grudzień 2009 - 20:43 ' timestamp='1261424594' post='926952']
Czy błąd wyskakuje przy każdej próbie zainstalowanie programów?
Tzn. czy np. programy z płyty da się zainstalować? Czy tylko te ściągnięte mają jakąś komplikację?

Zainstaluj Service Pack 2.

Daj log z OTL (Patrz Regulamin działu), te logi, które pokazałeś zawierają mało informacji.
[/quote]


Niektóre programy się instalują bez problemu(równiez pobierane z netu). Np. Glary Utylities, Opera, ale próbowałem zainstalować anty wirusa AVG oraz Avast i wtedy działy się te szopki.

Podaję te logi

[log]

OTL logfile created on: 22.12.2009 14:44:26 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\
Windows XP Professional Edition Dodatek Service Pack. 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy

510,00 Mb Total Physical Memory | 279,00 Mb Available Physical Memory | 55,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,61 Gb Total Space | 3,41 Gb Free Space | 18,30% Space Free | Partition Type: NTFS
Drive D: | 146,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 9,31 Gb Total Space | 1,85 Gb Free Space | 19,81% Space Free | Partition Type: FAT32
Drive F: | 9,21 Gb Total Space | 0,20 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive G: | 18,71 Gb Total Space | 0,08 Gb Free Space | 0,43% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BARTOSZ
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2009.12.22 14:42:18 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2009.12.22 07:43:02 | 00,454,656 | ---- | M] () -- C:\Program Files\NetPanel\NetPanel.exe
PRC - [2009.11.20 19:01:18 | 00,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009.05.08 19:14:06 | 00,292,136 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
PRC - [2005.06.21 16:48:18 | 00,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2005.06.21 16:44:34 | 00,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2002.09.23 13:00:00 | 01,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.09.23 13:00:00 | 00,519,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2002.09.23 13:00:00 | 00,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2002.09.23 13:00:00 | 00,091,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2002.09.23 13:00:00 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2002.09.23 13:00:00 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2002.09.23 13:00:00 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2002.09.23 13:00:00 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2002.09.23 13:00:00 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2002.09.23 13:00:00 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2009.12.22 14:42:18 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
MOD - [2002.09.23 13:00:00 | 08,365,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2002.09.23 13:00:00 | 01,169,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2002.09.23 13:00:00 | 00,958,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2002.09.23 13:00:00 | 00,945,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2002.09.23 13:00:00 | 00,921,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
MOD - [2002.09.23 13:00:00 | 00,676,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2002.09.23 13:00:00 | 00,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2002.09.23 13:00:00 | 00,569,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2002.09.23 13:00:00 | 00,561,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2002.09.23 13:00:00 | 00,530,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2002.09.23 13:00:00 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2002.09.23 13:00:00 | 00,323,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2002.09.23 13:00:00 | 00,250,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2002.09.23 13:00:00 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2002.09.23 13:00:00 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2002.09.23 13:00:00 | 00,168,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2002.09.23 13:00:00 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2002.09.23 13:00:00 | 00,113,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2002.09.23 13:00:00 | 00,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2002.09.23 13:00:00 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2002.09.23 13:00:00 | 00,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2002.09.23 13:00:00 | 00,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2002.09.23 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2002.09.23 13:00:00 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009.07.04 06:54:45 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9fc6bf0d68c64) Usługa Google Update (gupdate1c9fc6bf0d68c64)
SRV - [2009.06.06 11:55:41 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2002.09.23 13:00:00 | 00,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\mspmspsv.dll -- (WmdmPmSp)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009.09.11 20:47:27 | 00,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006.08.31 03:30:18 | 00,392,058 | R--- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303) X-calibur USB PC Camera (Vimicro301 Neptune)
DRV - [2006.05.25 14:28:44 | 00,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2006.04.25 03:57:42 | 00,428,160 | R--- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter303.sys -- (vmfilter303)
DRV - [2005.06.21 17:12:34 | 00,807,998 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2003.08.12 13:51:00 | 00,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003.08.04 13:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2002.12.19 17:48:48 | 00,539,008 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2002.11.12 10:02:20 | 00,099,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1000325.sys -- (E1000) Intel(R)
DRV - [2002.10.15 00:00:00 | 00,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(R)
DRV - [2002.10.15 00:00:00 | 00,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
DRV - [2002.09.23 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002.08.29 01:32:44 | 00,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2002.08.29 00:32:32 | 00,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2002.04.01 13:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2001.08.17 20:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001.08.17 20:20:18 | 00,334,208 | ---- | M] (Yamaha Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ds1wdm.sys -- (ds1) Sterownik karty Yamaha DS1 Audio (WDM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (IEHlprObj Class) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetPanel\IEHelper.dll ()
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.EXE (Vimicro)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [NetPanel] C:\Program Files\NetPanel\Starter.exe ()
O4 - HKLM..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE (ZSMCSNAP)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: ([]msn in Mój komputer)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223103555000 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 217.172.224.92
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.04 06:47:42 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.02.13 05:28:46 | 00,000,043 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.12.25 00:39:32 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009.12.22 14:42:18 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2009.12.21 16:13:52 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009.12.21 16:12:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\moje
[2009.12.21 14:16:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009.12.21 13:23:09 | 00,000,000 | ---D | C] -- C:\Silent Runners
[2009.12.21 13:17:47 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009.12.21 13:17:32 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\HJTInstall.exe
[2009.12.21 12:49:26 | 85,541,448 | ---- | C] (AVG Technologies) -- C:\avg_free_stf_eu_90_716a1803.exe
[2009.12.21 12:33:19 | 11,650,440 | ---- | C] (Opera Software ASA ) -- C:\Opera_1010_in_Setup.exe
[2009.12.21 11:45:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GlarySoft
[2009.12.21 11:44:55 | 00,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2009.12.21 11:43:05 | 07,690,576 | ---- | C] (Glarysoft Ltd ) -- C:\gusetupnew.exe
[2009.12.14 15:10:14 | 00,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2009.12.14 15:10:14 | 00,036,864 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2009.12.14 15:10:14 | 00,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2009.12.14 15:07:39 | 00,000,000 | ---D | C] -- C:\dell
[2009.12.14 15:00:22 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009.12.14 14:59:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009.07.04 06:54:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2008.10.04 06:53:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008.10.04 06:53:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008.10.04 06:47:10 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008.10.04 06:47:10 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009.12.22 14:42:18 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2009.12.22 14:17:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009.12.22 08:20:43 | 00,000,132 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2009.12.22 08:17:01 | 00,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.12.22 07:43:08 | 00,000,326 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2009.12.22 07:42:43 | 03,932,160 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2009.12.22 07:42:43 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.22 07:42:41 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.22 00:29:01 | 00,000,190 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2009.12.22 00:28:55 | 02,110,694 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009.12.21 21:38:32 | 00,000,525 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Lekcja.rtf
[2009.12.21 21:36:53 | 00,008,859 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\taka moja ksiązka.rtf
[2009.12.21 14:10:56 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.12.21 14:10:39 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009.12.21 14:00:37 | 03,859,344 | R--- | M] () -- C:\ComboFix.exe
[2009.12.21 13:23:09 | 00,002,472 | ---- | M] () -- C:\WINDOWS\winzip32.ini
[2009.12.21 13:22:07 | 00,108,568 | ---- | M] () -- C:\Silent Runners.zip
[2009.12.21 13:17:47 | 00,001,739 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk
[2009.12.21 13:17:33 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\HJTInstall.exe
[2009.12.21 12:53:08 | 85,541,448 | ---- | M] (AVG Technologies) -- C:\avg_free_stf_eu_90_716a1803.exe
[2009.12.21 12:40:48 | 41,387,464 | ---- | M] () -- C:\setuppol.exe
[2009.12.21 12:38:15 | 00,000,597 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2009.12.21 12:33:19 | 11,650,440 | ---- | M] (Opera Software ASA ) -- C:\Opera_1010_in_Setup.exe
[2009.12.21 11:45:00 | 00,000,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Glary Utilities.lnk
[2009.12.21 11:43:04 | 07,690,576 | ---- | M] (Glarysoft Ltd ) -- C:\gusetupnew.exe
[2009.12.20 08:59:14 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.12.18 20:08:18 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009.12.17 20:22:17 | 00,000,254 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\genetick.rtf
[2009.12.15 17:45:34 | 00,000,280 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Dokument.rtf
[2009.12.09 22:54:07 | 00,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009.12.07 19:58:57 | 12,984,218 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\nie słuchać (fajnie wyszło).wav
[2009.12.06 18:10:55 | 00,000,877 | ---- | M] () -- C:\WINDOWS\win.ini
[2009.12.05 08:57:32 | 08,230,130 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\nawet nawet.wav
[2009.12.01 17:10:54 | 00,000,496 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Stardialer .lnk
[2009.11.28 10:33:07 | 00,000,033 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\sledzik.css
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009.12.21 14:01:30 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009.12.21 14:00:25 | 03,859,344 | R--- | C] () -- C:\ComboFix.exe
[2009.12.21 13:22:07 | 00,108,568 | ---- | C] () -- C:\Silent Runners.zip
[2009.12.21 13:17:47 | 00,001,739 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk
[2009.12.21 12:40:48 | 41,387,464 | ---- | C] () -- C:\setuppol.exe
[2009.12.21 11:45:02 | 00,000,326 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2009.12.21 11:45:00 | 00,000,680 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Glary Utilities.lnk
[2009.12.17 20:35:21 | 00,000,525 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Lekcja.rtf
[2009.12.17 20:22:17 | 00,000,254 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\genetick.rtf
[2009.12.14 15:08:39 | 00,002,743 | ---- | C] () -- C:\WINDOWS\System32\net8254x.din
[2009.12.14 14:45:11 | 00,001,316 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009.12.07 19:58:56 | 12,984,218 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\nie słuchać (fajnie wyszło).wav
[2009.12.05 08:57:32 | 08,230,130 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\nawet nawet.wav
[2009.12.01 17:10:54 | 00,000,496 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Stardialer .lnk
[2009.11.28 10:33:07 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\sledzik.css
[2009.11.22 20:23:52 | 00,000,511 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do Dtty3202.exe.lnk
[2009.09.11 15:07:34 | 00,632,025 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2009.06.03 07:22:33 | 00,000,053 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.06.03 07:22:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009.05.10 08:14:31 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.04.24 09:00:55 | 00,002,472 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2009.04.15 16:10:08 | 00,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009.04.10 07:24:37 | 00,000,814 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2009.04.10 07:23:16 | 00,001,342 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2009.04.10 07:11:37 | 00,000,141 | ---- | C] () -- C:\WINDOWS\I_VIEW32.INI
[2009.03.25 19:37:15 | 00,000,572 | ---- | C] () -- C:\WINDOWS\VFPC.INI
[2009.03.16 13:36:48 | 04,162,622 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2009.03.16 13:36:44 | 01,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2009.03.16 13:36:42 | 01,078,954 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2009.03.16 13:36:40 | 01,347,346 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2009.03.16 13:36:38 | 01,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2009.03.16 13:36:38 | 01,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2009.03.16 13:36:38 | 01,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2009.03.16 13:36:38 | 00,916,422 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2009.03.16 13:36:34 | 00,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2009.03.16 13:36:28 | 00,179,125 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2009.03.16 13:36:20 | 00,133,095 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2009.03.16 13:36:16 | 00,087,093 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2009.03.16 13:36:12 | 00,046,002 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2008.12.19 19:13:35 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.14 19:40:30 | 00,000,035 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2008.12.14 16:44:54 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS50.DLL
[2008.10.04 07:31:02 | 00,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2008.10.04 07:31:00 | 00,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2008.10.04 07:15:14 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2005.10.14 10:56:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 10:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 10:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 10:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 10:56:50 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 10:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.09.23 13:00:00 | 00,011,264 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll

[color=#E56717]========== LOP Check ==========[/color]

[2009.03.28 08:44:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EBookSys
[2009.12.21 11:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GlarySoft
[2009.08.19 18:24:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu
[2009.08.01 08:22:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM
[2009.09.11 06:08:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2009.09.08 07:03:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PowerChallenge
[2009.12.22 10:48:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2009.09.12 07:48:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2008.12.28 17:57:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive
[2009.08.31 06:42:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Odlotowa Farma
[2009.08.01 08:22:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009.01.02 09:57:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\The Learning Company
[2009.12.22 07:43:08 | 00,000,326 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]


[log]

OTL Extras logfile created on: 22.12.2009 14:44:26 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\
Windows XP Professional Edition Dodatek Service Pack. 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy

510,00 Mb Total Physical Memory | 279,00 Mb Available Physical Memory | 55,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,61 Gb Total Space | 3,41 Gb Free Space | 18,30% Space Free | Partition Type: NTFS
Drive D: | 146,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 9,31 Gb Total Space | 1,85 Gb Free Space | 19,81% Space Free | Partition Type: FAT32
Drive F: | 9,21 Gb Total Space | 0,20 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive G: | 18,71 Gb Total Space | 0,08 Gb Free Space | 0,43% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BARTOSZ
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{623446F8-D2D4-4942-9CA2-9D71ED8B24E9}" = Football Generation
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7521C56D-A276-4568-A693-2C23C6A9C04F}" = Open Kart Demo
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8B53527D-BBB2-43A5-91D7-9ED772FD737F}" = Skype web features
"{9984DF60-1C5B-11D3-ACA1-908A4FC10801}" = Intel Application Accelerator
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CANONBJ_Deinstall_CNMCP50.DLL" = Canon i250
"CDex" = CDex extraction audio
"Colin McRae Rally" = Colin McRae Rally
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0
"Exodia XepiX_is1" = Exodia XepiX 1.0
"Freaky Tuner_is1" = Freaky Tuner 1.0
"Free_Lunch_Design Toolbar" = Free_Lunch_Design Toolbar
"Funny Racer_is1" = Funny Racer v1.0
"Glary Utilities_is1" = Glary Utilities 2.18.0.786
"HijackThis" = HijackThis 2.0.2
"Icy Tower v1.4_is1" = Icy Tower v1.4
"NetPanel" = NetPanel
"PetRacer" = Pet Racer Demo
"PROSet" = Intel(R) PRO Ethernet Adapter and Software
"SpeedThief" = SpeedThief (remove only)
"StmAdsl" = ADSL Modem
"Superbike 2000 Demo" = Superbike 2000 Demo
"Toca2" = Toca2
"uTorrent" = µTorrent
"Virtua Fighter PC" = Virtua Fighter(TM) PC
"Winamp" = Winamp (remove only)
"WinZip" = WinZip

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Power Loader" = Power Challenge Game Plugin

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 10.01.2009 12:24:49 | Computer Name = BARTOSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd taxi usa.exe, wersja 0.0.0.0, moduł powodujący
błąd taxi usa.exe, wersja 0.0.0.0, adres błędu 0x000644b1.

Error - 17.01.2009 02:15:51 | Computer Name = BARTOSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd ral.exe, wersja 0.0.0.0, moduł powodujący
błąd ral.exe, wersja 0.0.0.0, adres błędu 0x00010820.

Error - 23.01.2009 13:47:41 | Computer Name = BARTOSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 8.0.0.4487, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 23.01.2009 13:49:10 | Computer Name = BARTOSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 8.0.0.4487, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 24.01.2009 14:24:30 | Computer Name = BARTOSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca START.EXE, wersja 1.2.1.33, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 26.01.2009 14:58:56 | Computer Name = BARTOSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd kartdemo.exe, wersja 1.0.1.0, moduł powodujący
błąd binkw32.dll, wersja 1.0.21.0, adres błędu 0x00023383.

Error - 30.01.2009 06:03:02 | Computer Name = BARTOSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd mxvsatv.exe, wersja 0.0.0.0, moduł powodujący
błąd mxvsatv.exe, wersja 0.0.0.0, adres błędu 0x00047857.

Error - 30.01.2009 06:03:28 | Computer Name = BARTOSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd mxvsatv.exe, wersja 0.0.0.0, moduł powodujący
błąd mxvsatv.exe, wersja 0.0.0.0, adres błędu 0x00047857.

Error - 30.01.2009 14:21:34 | Computer Name = BARTOSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd mxvsatv.exe, wersja 0.0.0.0, moduł powodujący
błąd mxvsatv.exe, wersja 0.0.0.0, adres błędu 0x00047857.

Error - 30.01.2009 14:26:31 | Computer Name = BARTOSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd mxvsatv.exe, wersja 0.0.0.0, moduł powodujący
błąd mxvsatv.exe, wersja 0.0.0.0, adres błędu 0x00047857.

[ System Events ]
Error - 09.01.2009 02:45:55 | Computer Name = BARTOSZ | Source = Cdrom | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0.

Error - 09.01.2009 02:46:05 | Computer Name = BARTOSZ | Source = Cdrom | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0.

Error - 09.01.2009 02:46:14 | Computer Name = BARTOSZ | Source = Cdrom | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0.

Error - 09.01.2009 02:46:23 | Computer Name = BARTOSZ | Source = Cdrom | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0.

Error - 09.01.2009 02:46:32 | Computer Name = BARTOSZ | Source = Cdrom | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0.

Error - 09.01.2009 02:46:41 | Computer Name = BARTOSZ | Source = Cdrom | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0.

Error - 09.01.2009 02:46:50 | Computer Name = BARTOSZ | Source = Cdrom | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0.

Error - 09.01.2009 02:46:59 | Computer Name = BARTOSZ | Source = Cdrom | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0.

Error - 09.01.2009 10:57:38 | Computer Name = BARTOSZ | Source = IdeChnDr | ID = 262153
Description = Urządzenie \Device\Ide\IdeDeviceP0T0L0 nie odpowiedziało w ramach
ustalonego limitu czasu.

Error - 13.01.2009 04:15:09 | Computer Name = BARTOSZ | Source = System Error | ID = 1003
Description = Kod błędu 000000c2, parametr 1 00000007, parametr 2 00000cd4, parametr
3 04140414, parametr 4 e11f6388.


< End of report >

[/log]

Gość
komentarz
komentarz (edytowane)

Uruchom OTL i w oknie [b]Custom Scans/Fixes[/b] wklej to:
[code]
:OTL
IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.micr...D0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O32 - AutoRun File - [2006.02.13 05:28:46 | 00,000,043 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]

:Files
C:\RECYCLER
C:\WINDOWS\temp
C:\Silent Runners
C:\HJTInstall.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\ComboFix.exe
C:\Silent Runners.zip
C:\setuppol.exe
C:\WINDOWS\PEV.exe
C:\WINDOWS\MBR.exe
C:\Documents and Settings\Administrator\Dane aplikacji\PowerChallenge
C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive
C:\Documents and Settings\All Users\Dane aplikacji\Odlotowa Farma
C:\Documents and Settings\All Users\Dane aplikacji\The Learning Company
C:\Program Files\Free_Lunch_Design

:Commands
[emptytemp]
[resethosts]
[Reboot]
[/code]
Kliknij w [b][color=red]Run Fix[/b][/color] i zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem wywołaj opcję [b][color=blue]Run Scan[/b][/color].
Pokaż nowy log OTL.txt oraz log z czyszczenia.


.

kupikur
komentarz
komentarz

[quote name='KamilJB' date='22 grudzień 2009 - 15:59 ' timestamp='1261493945' post='927388']
Uruchom OTL i w oknie [b]Custom Scans/Fixes[/b] wklej to:
[code]
:OTL
IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.micr...D0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O32 - AutoRun File - [2006.02.13 05:28:46 | 00,000,043 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]

:Files
C:\RECYCLER
C:\WINDOWS\temp
C:\Silent Runners
C:\HJTInstall.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\ComboFix.exe
C:\Silent Runners.zip
C:\setuppol.exe
C:\WINDOWS\PEV.exe
C:\WINDOWS\MBR.exe
C:\Documents and Settings\Administrator\Dane aplikacji\PowerChallenge
C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive
C:\Documents and Settings\All Users\Dane aplikacji\Odlotowa Farma
C:\Documents and Settings\All Users\Dane aplikacji\The Learning Company
C:\Program Files\Free_Lunch_Design

:Commands
[emptytemp]
[resethosts]
[Reboot]
[/code]
Kliknij w [b][color=red]Run Fix[/b][/color] i zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem wywołaj opcję [b][color=blue]Run Scan[/b][/color].
Pokaż nowy log OTL.txt oraz log z czyszczenia.


.
[/quote]


Podaję wynik czyszczenia:

[log]

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\ deleted successfully.
C:\Program Files\Free_Lunch_Design\tbFre0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\ not found.
File C:\Program Files\Free_Lunch_Design\tbFre0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\ not found.
File C:\Program Files\Free_Lunch_Design\tbFre0.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC}\ not found.
File C:\Program Files\Free_Lunch_Design\tbFre0.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC}\ not found.
File C:\Program Files\Free_Lunch_Design\tbFre0.dll not found.
Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\fhg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {33564D57-0000-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\WMV9VCM.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-0000-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {33564D57-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wmv9dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
File move failed. D:\Autorun.inf scheduled to be moved on reboot.
========== FILES ==========
C:\RECYCLER\S-1-5-21-1202660629-1972579041-682003330-500 folder moved successfully.
C:\RECYCLER folder moved successfully.
C:\WINDOWS\temp folder moved successfully.
C:\Silent Runners folder moved successfully.
C:\HJTInstall.exe moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GlaryInitialize.job moved successfully.
C:\ComboFix.exe moved successfully.
C:\Silent Runners.zip moved successfully.
C:\setuppol.exe moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
C:\WINDOWS\MBR.exe moved successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\PowerChallenge folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper\temp folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper\content folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive\Demo gry Mój brat niedźwiedź\System\Save\Slot0 folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive\Demo gry Mój brat niedźwiedź\System\Save folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive\Demo gry Mój brat niedźwiedź\System folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive\Demo gry Mój brat niedźwiedź folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Odlotowa Farma\profiles folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Odlotowa Farma folder moved successfully.
Folder move failed. C:\Documents and Settings\All Users\Dane aplikacji\The Learning Company\Batman scheduled to be moved on reboot.
C:\Documents and Settings\All Users\Dane aplikacji\The Learning Company folder moved successfully.
C:\Program Files\Free_Lunch_Design folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 1925 bytes
->Temporary Internet Files folder emptied: 96348558 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: furaa
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49286 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1677641 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 94,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.1.19.0 log created on 12232009_115058

Files\Folders moved on Reboot...
File move failed. D:\Autorun.inf scheduled to be moved on reboot.
File\Folder C:\Documents and Settings\All Users\Dane aplikacji\The Learning Company\Batman not found!

Registry entries deleted on Reboot...

[/log]

i kolejny

[log]

OTL logfile created on: 23.12.2009 11:58:33 - Run 2
OTL by OldTimer - Version 3.1.19.0 Folder = C:\
Windows XP Professional Edition Dodatek Service Pack. 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy

510,00 Mb Total Physical Memory | 169,00 Mb Available Physical Memory | 33,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,61 Gb Total Space | 3,48 Gb Free Space | 18,71% Space Free | Partition Type: NTFS
Drive D: | 146,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 9,31 Gb Total Space | 1,85 Gb Free Space | 19,81% Space Free | Partition Type: FAT32
Drive F: | 9,21 Gb Total Space | 0,20 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive G: | 18,71 Gb Total Space | 0,08 Gb Free Space | 0,42% Space Free | Partition Type: FAT32
Drive H: | 1,90 Gb Total Space | 1,47 Gb Free Space | 77,42% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: BARTOSZ
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2009.12.23 11:53:14 | 00,454,656 | ---- | M] () -- C:\Program Files\NetPanel\NetPanel.exe
PRC - [2009.12.22 14:42:18 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2009.11.20 19:01:18 | 00,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009.07.04 06:54:45 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009.03.05 15:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.07.18 21:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2006.08.30 03:58:38 | 00,049,152 | R--- | M] (ZSMCSNAP) -- C:\WINDOWS\VMSnap3.EXE
PRC - [2006.06.28 10:54:06 | 00,049,152 | R--- | M] (Vimicro) -- C:\WINDOWS\Domino.EXE
PRC - [2005.06.21 16:48:18 | 00,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2005.06.21 16:44:34 | 00,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2002.09.23 13:00:00 | 01,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.09.23 13:00:00 | 00,519,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2002.09.23 13:00:00 | 00,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2002.09.23 13:00:00 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
PRC - [2002.09.23 13:00:00 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2002.09.23 13:00:00 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2002.09.23 13:00:00 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2002.09.23 13:00:00 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2002.09.23 13:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2002.09.23 13:00:00 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2002.09.23 13:00:00 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2009.12.22 14:42:18 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
MOD - [2002.09.23 13:00:00 | 08,365,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2002.09.23 13:00:00 | 01,169,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2002.09.23 13:00:00 | 00,958,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2002.09.23 13:00:00 | 00,945,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2002.09.23 13:00:00 | 00,921,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
MOD - [2002.09.23 13:00:00 | 00,676,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2002.09.23 13:00:00 | 00,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2002.09.23 13:00:00 | 00,569,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2002.09.23 13:00:00 | 00,561,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2002.09.23 13:00:00 | 00,530,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2002.09.23 13:00:00 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2002.09.23 13:00:00 | 00,323,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2002.09.23 13:00:00 | 00,250,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2002.09.23 13:00:00 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2002.09.23 13:00:00 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2002.09.23 13:00:00 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2002.09.23 13:00:00 | 00,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2002.09.23 13:00:00 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2002.09.23 13:00:00 | 00,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2002.09.23 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2002.09.23 13:00:00 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009.07.04 06:54:45 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9fc6bf0d68c64) Usługa Google Update (gupdate1c9fc6bf0d68c64)
SRV - [2009.06.06 11:55:41 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2002.09.23 13:00:00 | 00,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\mspmspsv.dll -- (WmdmPmSp)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009.09.11 20:47:27 | 00,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006.08.31 03:30:18 | 00,392,058 | R--- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303) X-calibur USB PC Camera (Vimicro301 Neptune)
DRV - [2006.05.25 14:28:44 | 00,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2006.04.25 03:57:42 | 00,428,160 | R--- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter303.sys -- (vmfilter303)
DRV - [2005.06.21 17:12:34 | 00,807,998 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2003.08.12 13:51:00 | 00,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003.08.04 13:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2002.12.19 17:48:48 | 00,539,008 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2002.11.12 10:02:20 | 00,099,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1000325.sys -- (E1000) Intel(R)
DRV - [2002.10.15 00:00:00 | 00,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(R)
DRV - [2002.10.15 00:00:00 | 00,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
DRV - [2002.09.23 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002.08.29 01:32:44 | 00,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2002.08.29 00:32:32 | 00,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2002.04.01 13:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2001.08.17 20:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001.08.17 20:20:18 | 00,334,208 | ---- | M] (Yamaha Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ds1wdm.sys -- (ds1) Sterownik karty Yamaha DS1 Audio (WDM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: (98 bytes) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (IEHlprObj Class) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetPanel\IEHelper.dll ()
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.EXE (Vimicro)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [NetPanel] C:\Program Files\NetPanel\Starter.exe ()
O4 - HKLM..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE (ZSMCSNAP)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: ([]msn in Mój komputer)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223103555000 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 217.172.224.92
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.04 06:47:42 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.02.13 05:28:46 | 00,000,043 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.12.25 00:39:32 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009.12.23 11:53:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\TEMP
[2009.12.23 11:51:33 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009.12.23 11:50:58 | 00,000,000 | ---D | C] -- C:\_OTL
[2009.12.22 14:42:18 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2009.12.21 16:12:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\moje
[2009.12.21 13:17:47 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009.12.21 12:49:26 | 85,541,448 | ---- | C] (AVG Technologies) -- C:\avg_free_stf_eu_90_716a1803.exe
[2009.12.21 12:33:19 | 11,650,440 | ---- | C] (Opera Software ASA ) -- C:\Opera_1010_in_Setup.exe
[2009.12.21 11:45:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GlarySoft
[2009.12.21 11:44:55 | 00,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2009.12.21 11:43:05 | 07,690,576 | ---- | C] (Glarysoft Ltd ) -- C:\gusetupnew.exe
[2009.12.14 15:10:14 | 00,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2009.12.14 15:10:14 | 00,036,864 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2009.12.14 15:10:14 | 00,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2009.12.14 15:07:39 | 00,000,000 | ---D | C] -- C:\dell
[2009.12.14 15:00:22 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009.12.14 14:59:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009.07.04 06:54:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2008.10.04 06:53:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008.10.04 06:53:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008.10.04 06:47:10 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008.10.04 06:47:10 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009.12.23 11:52:58 | 03,932,160 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2009.12.23 11:52:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.23 11:52:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.23 11:51:45 | 00,000,190 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2009.12.23 11:51:34 | 00,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2009.12.23 11:44:19 | 00,000,132 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2009.12.23 11:17:02 | 03,558,922 | ---- | M] () -- C:\Dla Ciebie - Focus.mp3
[2009.12.23 11:08:34 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009.12.23 09:58:41 | 02,108,722 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009.12.22 16:23:39 | 00,008,911 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\taka moja ksiązka.rtf
[2009.12.22 14:42:18 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2009.12.21 21:38:32 | 00,000,525 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Lekcja.rtf
[2009.12.21 14:10:56 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.12.21 13:23:09 | 00,002,472 | ---- | M] () -- C:\WINDOWS\winzip32.ini
[2009.12.21 13:17:47 | 00,001,739 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk
[2009.12.21 12:53:08 | 85,541,448 | ---- | M] (AVG Technologies) -- C:\avg_free_stf_eu_90_716a1803.exe
[2009.12.21 12:38:15 | 00,000,597 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2009.12.21 12:33:19 | 11,650,440 | ---- | M] (Opera Software ASA ) -- C:\Opera_1010_in_Setup.exe
[2009.12.21 11:45:00 | 00,000,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Glary Utilities.lnk
[2009.12.21 11:43:04 | 07,690,576 | ---- | M] (Glarysoft Ltd ) -- C:\gusetupnew.exe
[2009.12.20 08:59:14 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.12.17 20:22:17 | 00,000,254 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\genetick.rtf
[2009.12.15 17:45:34 | 00,000,280 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Dokument.rtf
[2009.12.06 18:10:55 | 00,000,877 | ---- | M] () -- C:\WINDOWS\win.ini
[2009.12.01 17:10:54 | 00,000,496 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Stardialer .lnk
[2009.11.28 10:33:07 | 00,000,033 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\sledzik.css
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009.12.23 11:17:02 | 03,558,922 | ---- | C] () -- C:\Dla Ciebie - Focus.mp3
[2009.12.21 13:17:47 | 00,001,739 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk
[2009.12.21 11:45:00 | 00,000,680 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Glary Utilities.lnk
[2009.12.17 20:35:21 | 00,000,525 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Lekcja.rtf
[2009.12.17 20:22:17 | 00,000,254 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\genetick.rtf
[2009.12.14 15:08:39 | 00,002,743 | ---- | C] () -- C:\WINDOWS\System32\net8254x.din
[2009.12.14 14:45:11 | 00,001,316 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009.12.01 17:10:54 | 00,000,496 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Stardialer .lnk
[2009.11.28 10:33:07 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\sledzik.css
[2009.09.11 15:07:34 | 00,632,025 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2009.06.03 07:22:33 | 00,000,053 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.06.03 07:22:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009.05.10 08:14:31 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.04.24 09:00:55 | 00,002,472 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2009.04.15 16:10:08 | 00,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009.04.10 07:24:37 | 00,000,814 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2009.04.10 07:23:16 | 00,001,342 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2009.04.10 07:11:37 | 00,000,141 | ---- | C] () -- C:\WINDOWS\I_VIEW32.INI
[2009.03.25 19:37:15 | 00,000,572 | ---- | C] () -- C:\WINDOWS\VFPC.INI
[2009.03.16 13:36:48 | 04,162,622 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2009.03.16 13:36:44 | 01,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2009.03.16 13:36:42 | 01,078,954 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2009.03.16 13:36:40 | 01,347,346 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2009.03.16 13:36:38 | 01,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2009.03.16 13:36:38 | 01,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2009.03.16 13:36:38 | 01,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2009.03.16 13:36:38 | 00,916,422 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2009.03.16 13:36:34 | 00,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2009.03.16 13:36:28 | 00,179,125 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2009.03.16 13:36:20 | 00,133,095 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2009.03.16 13:36:16 | 00,087,093 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2009.03.16 13:36:12 | 00,046,002 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2008.12.19 19:13:35 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.14 19:40:30 | 00,000,035 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2008.12.14 16:44:54 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS50.DLL
[2008.10.04 07:31:02 | 00,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2008.10.04 07:31:00 | 00,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2008.10.04 07:15:14 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2005.10.14 10:56:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 10:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 10:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 10:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 10:56:50 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 10:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.09.23 13:00:00 | 00,011,264 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll

[color=#E56717]========== LOP Check ==========[/color]

[2009.03.28 08:44:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EBookSys
[2009.12.21 11:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GlarySoft
[2009.08.19 18:24:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu
[2009.08.01 08:22:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM
[2009.09.11 06:08:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2009.12.23 11:54:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2009.08.01 08:22:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[color=#E56717]========== Purity Check ==========[/color]


< End of report >

[/log]

pozdr.

Gość
komentarz
komentarz

Czysto.

Odpal OTL i wywołaj go z opcji [b]CleanUp[/b].

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.