Zabxjca utworzono 15 stycznia 2010 utworzono 15 stycznia 2010 (edytowane) Witam! Ponieważ mam pewien problem opisany w tym temacie: http://www.forumpc.pl/index.php?showtopic=140680 Proszę o sprawdzenie logów: [log] OTL logfile created on: 2010-01-04 20:39:31 - Run 1 OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 123,00 Mb Available Physical Memory | 24,00% Memory free 1,00 Gb Paging File | 0,00 Gb Available in Paging File | 17,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 21,49 Gb Total Space | 1,52 Gb Free Space | 7,06% Space Free | Partition Type: NTFS Drive D: | 88,36 Gb Total Space | 2,92 Gb Free Space | 3,31% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ZABXJCA Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (All) ========== PRC - [2010-01-04 20:38:07 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2009-12-18 01:31:52 | 01,551,712 | ---- | M] (Nullsoft) -- D:\Program Files\Winamp\winamp.exe PRC - [2009-12-18 01:30:48 | 00,039,424 | ---- | M] (Nullsoft) -- D:\Program Files\Winamp\winampa.exe PRC - [2009-10-29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2009-09-07 09:24:36 | 00,923,208 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2009-08-31 17:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- D:\Program Files\Nowe Gadu-Gadu\gg.exe PRC - [2009-08-31 15:56:26 | 00,077,824 | ---- | M] () -- D:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe PRC - [2009-08-24 13:17:44 | 01,123,400 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2009-08-24 13:17:42 | 01,045,576 | ---- | M] (G DATA Software AG) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe PRC - [2009-08-24 13:17:42 | 00,397,896 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe PRC - [2009-08-03 13:49:26 | 01,538,352 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe PRC - [2009-07-30 12:33:30 | 01,244,760 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe PRC - [2009-07-27 03:03:58 | 00,300,616 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe PRC - [2009-06-11 10:24:35 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-06-11 10:24:35 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-04-09 19:10:54 | 00,970,240 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe PRC - [2009-02-26 09:49:18 | 00,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2008-12-29 11:40:30 | 00,687,560 | ---- | M] (DT Soft Ltd) -- D:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2007-07-27 20:24:48 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2007-07-13 23:42:04 | 00,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-04-16 14:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2007-03-23 00:57:28 | 00,035,840 | ---- | M] () -- D:\Program Files\Advanced Registry Doctor\RegManServ.exe PRC - [2006-11-24 00:06:38 | 00,487,424 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe PRC - [2006-11-13 14:17:38 | 00,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe PRC - [2006-10-13 08:11:16 | 00,983,040 | R--- | M] (Obigo AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe PRC - [2006-03-30 08:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe PRC - [2004-09-29 09:37:26 | 00,028,672 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe PRC - [2004-09-29 01:16:44 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2004-08-04 01:44:30 | 00,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 01:44:30 | 00,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 01:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-04 01:44:28 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-04 01:44:28 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 01:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2004-08-04 01:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 01:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 01:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 01:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 01:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 01:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 01:44:22 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 01:44:20 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 01:44:20 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 01:44:18 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2003-11-27 02:34:50 | 00,385,024 | ---- | M] (WirelessLan Technology, Corp.) -- C:\Program Files\WLAN\WConfig\WConfig.exe PRC - [2001-02-23 09:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe ========== Modules (All) ========== MOD - [2010-01-04 20:38:07 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe MOD - [2007-07-28 02:15:16 | 00,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2007-07-27 20:31:00 | 01,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2007-07-27 20:30:34 | 00,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2007-07-27 20:30:20 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2007-07-27 20:26:02 | 00,582,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2007-07-27 20:25:14 | 01,285,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2007-07-27 20:24:02 | 00,297,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2007-07-14 02:39:30 | 12,901,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-07-13 23:54:58 | 00,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2007-07-10 14:06:54 | 00,642,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2007-05-11 10:51:24 | 01,271,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-08-25 09:51:14 | 01,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x- ww_ac3f9c03\comctl32.dll MOD - [2004-08-04 01:44:32 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 01:44:16 | 00,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 01:44:14 | 00,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-04 01:44:14 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 01:44:12 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 01:44:10 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 01:44:10 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 01:44:10 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 01:44:08 | 00,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-04 01:44:08 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 01:44:08 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 01:44:06 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll MOD - [2004-08-04 01:44:00 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-04 01:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 01:43:52 | 00,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 01:43:48 | 00,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-04 01:42:58 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (Findbasic Service) SRV - [2009-11-03 11:14:16 | 00,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-10-29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2009-08-24 13:17:42 | 01,045,576 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2009-08-24 13:17:42 | 00,397,896 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2009-08-03 13:49:26 | 01,538,352 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe -- (GDFwSvc) SRV - [2009-07-30 12:33:30 | 01,244,760 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe -- (AVKWCtl) SRV - [2009-07-27 03:03:58 | 00,300,616 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan) SRV - [2009-06-11 10:24:35 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2007-11-07 08:58:18 | 03,004,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90) SRV - [2007-03-23 00:57:28 | 00,035,840 | ---- | M] () [Auto | Running] -- D:\Program Files\Advanced Registry Doctor\RegManServ.exe -- (RegManServ) SRV - [2007-02-10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006-03-30 08:15:44 | 00,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2005-11-14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-09-29 06:15:00 | 00,516,096 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart) SRV - [2004-09-29 01:16:44 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2004-08-04 01:44:02 | 00,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\irmon.dll -- (Irmon) ========== Driver Services (SafeList) ========== DRV - [2009-11-02 11:49:45 | 00,068,976 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD) DRV - [2009-11-02 11:27:33 | 00,053,320 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV - [2009-11-02 11:26:42 | 00,034,632 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre) DRV - [2009-11-02 11:25:30 | 00,051,784 | ---- | M] (G DATA Software AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor) DRV - [2009-11-02 11:25:30 | 00,022,528 | ---- | M] (G DATA Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDNdisIc.sys -- (GDNdisIc) DRV - [2009-11-02 11:25:25 | 00,027,720 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDBehave.sys -- (GDBehave) DRV - [2009-09-25 13:39:00 | 00,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-09-25 13:39:00 | 00,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-09-23 10:41:58 | 00,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-09-13 13:40:43 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2009-05-25 18:50:34 | 00,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2009-04-28 21:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2009-04-27 19:39:08 | 00,079,888 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2009-04-18 20:21:30 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-10-14 00:03:46 | 00,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vncmirror.sys -- (vncmirror) DRV - [2008-09-24 09:40:22 | 04,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008-09-04 06:28:22 | 00,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2008-09-04 06:27:54 | 00,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2008-09-04 06:27:28 | 00,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus) DRV - [2008-08-14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs) DRV - [2008-02-22 18:53:00 | 00,016,168 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GearAspiWDM) DRV - [2007-07-28 02:15:52 | 00,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112) DRV - [2007-07-28 02:15:50 | 00,087,936 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus) DRV - [2007-07-27 20:47:02 | 00,035,840 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2007-04-18 14:06:30 | 00,022,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mac606.sys -- (Mac606) DRV - [2006-11-30 14:14:22 | 00,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45unic.sys -- (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM) DRV - [2006-11-30 14:14:14 | 00,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45obex.sys -- (se45obex) DRV - [2006-11-30 14:14:10 | 00,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mgmt.sys -- (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM) DRV - [2006-11-30 14:14:10 | 00,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45nd5.sys -- (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS) DRV - [2006-11-30 14:14:04 | 00,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mdm.sys -- (se45mdm) DRV - [2006-11-30 14:14:04 | 00,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mdfl.sys -- (se45mdfl) DRV - [2006-11-30 14:13:56 | 00,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM) DRV - [2006-11-01 05:01:56 | 00,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3) DRV - [2004-10-05 09:38:16 | 00,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2004-10-05 09:38:12 | 00,033,280 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004-09-29 01:22:22 | 00,800,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004-09-20 23:09:10 | 00,186,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv) DRV - [2003-10-31 08:47:30 | 00,061,056 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2400.sys -- (RT2400PCI) DRV - [2003-09-06 14:37:22 | 00,062,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2003-09-06 13:27:06 | 00,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003-09-06 13:25:52 | 00,051,744 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2003-09-06 13:22:08 | 00,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003-04-15 09:16:48 | 00,008,236 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\Gigabyte\ET5\MARKFUN.W32 -- (MarkFun_NT) DRV - [2001-08-18 00:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2001-08-17 22:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-343818398-746137067-682003330-500\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) IE - HKU\S-1-5-21-343818398-746137067-682003330-500\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.) IE - HKU\S-1-5-21-343818398-746137067-682003330-500\S-1-5-21-343818398-746137067-682003330-500\ Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaultthis.engineName: "Ez_Themes Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast- chromesbox-en-us&query=" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=196149" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5 FF - prefs.js..extensions.enabledItems: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}:4.0 FF - prefs.js..extensions.enabledItems: {2e736c18-1da3-4482-a3ad-c0d490e48204}:1.5.48.2 FF - prefs.js..extensions.enabledItems: {C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0 FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: search@searchsettings.com:1.2.2 FF - prefs.js..extensions.enabledItems: {12e4c684-c03e-4e4d-85bc-0c065e7a9489}:5.23.2.10 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=196149&p=" FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-03 16:21:26 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-03 16:21:26 | 00,000,000 | ---D | M] [2009-04-15 19:02:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2010-01-03 19:00:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\btkkld86.default\extensions [2010-01-03 19:00:22 | 00,000,000 | ---D | M] (SHOUTcast Radio Toolbar) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\btkkld86.default\extensions\{12e4c684- c03e-4e4d-85bc-0c065e7a9489} [2009-07-27 12:38:43 | 00,000,000 | ---D | M] (Ez Themes Toolbar) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\btkkld86.default\extensions\{2e736c18- 1da3-4482-a3ad-c0d490e48204} [2009-11-11 11:46:19 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\btkkld86.default\extensions\{E9A1DEE0- C623-4439-8932-001E7D17607D} [2009-11-11 11:47:32 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\btkkld86.default\searchplugins\ask.xml [2009-01-15 19:13:46 | 00,000,880 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\btkkld86.default\searchplugins\conduit. xml [2010-01-03 19:00:56 | 00,001,184 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\btkkld86.default\searchplugins\winamp- search.xml [2010-01-03 19:00:51 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-05-20 17:11:31 | 00,000,000 | ---D | M] (Dealio Toolbar Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} [2009-11-02 11:26:06 | 00,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2009-09-23 14:18:40 | 00,000,000 | ---D | M] (Findbasic) -- C:\Program Files\Mozilla Firefox\extensions\{C3F23840-B14B-4B61-AAEF-6BCC3621FA63} [2009-09-03 06:17:26 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com [2009-10-05 09:37:42 | 00,364,544 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\hjmressacdxwlzk.dll [2009-12-18 01:31:54 | 00,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2009-12-20 15:24:37 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-12-20 15:24:37 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-07-27 12:36:26 | 00,002,393 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\findbasic114.xml [2009-07-27 12:39:30 | 00,002,393 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\findbasic115.xml [2009-09-03 06:11:57 | 00,002,393 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\findbasic121.xml [2009-09-23 14:18:40 | 00,002,393 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\findbasic125.xml [2009-12-20 15:24:37 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-12-20 15:24:37 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-12-20 15:24:37 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-12-20 15:24:37 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\Webfilter\AvkWebIE.dll (G Data Software AG) O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (no name) - {8037d0c6-58fe-6293-4a58-53ff50ee3ff1} - No CLSID value found. O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (SHOUTcast Loader) - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) O2 - BHO: (precisead search enhancer) - {CEB284BD-FE09-111E-BEAA-FB012152536F} - C:\Program Files\Mozilla Firefox\components\hjmressacdxwlzk.dll () O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (BrowserHelper Class) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\system32\nzdd.dll (RealNetworks, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\Webfilter\AvkWebIE.dll (G Data Software AG) O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (SHOUTcast Radio Toolbar) - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-343818398-746137067-682003330-500\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [vsxasqrftosolq] C:\WINDOWS\System32\hhsxgmjgtzjfwpye.dll File not found O4 - HKLM..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe (Nullsoft) O4 - HKU\.DEFAULT..\Run: [] File not found O4 - HKU\.DEFAULT..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKU\S-1-5-18..\Run: [] File not found O4 - HKU\S-1-5-18..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKU\S-1-5-21-343818398-746137067-682003330-500..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-343818398-746137067-682003330-500..\Run: [Free Download Manager] D:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG) O4 - HKU\S-1-5-21-343818398-746137067-682003330-500..\Run: [fsm] File not found O4 - HKU\S-1-5-21-343818398-746137067-682003330-500..\Run: [Nowe Gadu-Gadu] D:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-343818398-746137067-682003330-500..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RealDownload.lnk = C:\Program Files\Real\RealDownload\Realdownload.exe (RealNetworks, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\WConfig.lnk = C:\Program Files\WLAN\WConfig\WConfig.exe (WirelessLan Technology, Corp.) F3 - HKU\S-1-5-21-343818398-746137067-682003330-500 WinNT: Load - (C:\WINDOWS\svchost.exe) - C:\WINDOWS\svchost.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer: NoDesktop = 0 O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - D:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Pobierz w Free Download Manager - D:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - D:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - D:\Program Files\Free Download Manager\dlselected.htm () O9 - Extra Button: WebCloner - {ADFCCE65-DF10-46fd-B04A-53CCBE2A0795} - D:\Program Files\ProductsFoundry\WebCloner Standard 2.7\webcloner.exe File not found O9 - Extra 'Tools' menuitem : &WebCloner - {ADFCCE65-DF10-46fd-B04A-53CCBE2A0795} - D:\Program Files\ProductsFoundry\WebCloner Standard 2.7\webcloner.exe File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.34.112.55 193.34.112.18 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Bieżąca strona główna) - about:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-04-14 20:45:03 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{6cc2a4fd-292d-11de-b5b0-943793e90834}\Shell - "" = AutoRun O33 - MountPoints2\{6cc2a4fd-292d-11de-b5b0-943793e90834}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-04-14 20:44:38 | 00,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation) NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2010-01-04 20:37:29 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-01-03 21:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-01-03 16:44:07 | 00,000,000 | ---D | C] -- C:\Program Files\SHOUTcast Radio Toolbar [2010-01-03 16:44:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar [2010-01-03 16:18:52 | 00,044,944 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [2010-01-03 16:18:51 | 00,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010-01-03 16:18:51 | 00,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010-01-03 16:18:50 | 00,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe [2010-01-03 16:18:49 | 00,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe [2010-01-03 16:18:48 | 00,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2010-01-03 16:18:47 | 00,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2010-01-03 16:18:46 | 01,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2010-01-03 16:18:43 | 00,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010-01-03 16:18:40 | 00,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010-01-03 16:18:39 | 00,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010-01-03 16:18:38 | 00,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010-01-03 16:18:36 | 00,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010-01-03 16:18:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp [2010-01-03 15:21:59 | 11,299,336 | ---- | C] (Nullsoft, Inc.) -- C:\Documents and Settings\Administrator\Pulpit\winamp557_full_emusic-7plus_pl-pl.exe [2010-01-01 19:50:42 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2010-01-01 19:45:55 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Device Emulator [2010-01-01 19:41:08 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Mobile 5.0 SDK R2 [2010-01-01 19:04:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PreEmptive Solutions [2010-01-01 18:44:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\symbols [2010-01-01 18:34:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010-01-01 18:34:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules [2010-01-01 18:34:50 | 00,000,000 | ---D | C] -- C:\Program Files\HTML Help Workshop [2010-01-01 18:34:50 | 00,000,000 | ---D | C] -- C:\Program Files\CE Remote Tools [2010-01-01 18:34:49 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0 [2010-01-01 18:34:27 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2010-01-01 18:29:47 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Web Designer Tools [2010-01-01 18:27:48 | 00,000,000 | RH-D | C] -- C:\MSOCache [2010-01-01 16:16:59 | 00,000,000 | ---D | C] -- C:\Program Files\xerox [2010-01-01 16:16:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2010-01-01 16:16:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2010-01-01 16:16:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2010-01-01 16:16:56 | 00,000,000 | ---D | C] -- C:\Program Files\netmeeting [2010-01-01 16:16:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent [2010-01-01 16:16:56 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2010-01-01 14:50:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GHISLER [2009-12-31 15:55:50 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\sfc_os.dll [2009-12-31 15:45:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Software Informer [2009-12-31 15:45:34 | 00,000,000 | ---D | C] -- C:\Program Files\Software Informer [2009-12-31 15:45:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2009-12-31 15:44:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2009-12-26 23:22:54 | 00,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player [2009-12-26 23:18:51 | 00,000,000 | ---D | C] -- C:\My Music [2009-12-26 23:18:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\RichFX [2009-12-26 23:18:26 | 01,150,976 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\nzdd.dll [2009-12-26 23:18:16 | 00,000,000 | ---D | C] -- C:\My Download Files [2009-12-26 23:17:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2009-12-26 23:17:05 | 00,000,000 | ---D | C] -- C:\Program Files\Real [2009-12-26 23:17:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real [2009-12-15 23:20:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\restore [2009-12-15 17:08:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\hps [2009-12-09 18:14:34 | 00,000,000 | ---D | C] -- C:\Program Files\FT32B2 [2009-12-07 20:55:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Karaoke [2009-12-07 20:52:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Ściągnięte Karaoke [2009-12-07 20:52:43 | 00,000,000 | ---D | C] -- C:\Program Files\illiminable [2009-12-07 20:52:42 | 00,000,000 | ---D | C] -- C:\Program Files\OpenAL [2009-12-07 20:52:41 | 00,413,696 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2009-12-07 20:52:41 | 00,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2009-04-18 13:08:28 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-04-17 07:28:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-04-15 19:18:49 | 00,163,840 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll [2009-04-14 20:49:22 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-04-14 20:49:22 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Administrator\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Administrator\Moje dokumenty\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-01-04 20:38:07 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-01-04 16:35:32 | 00,000,071 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\listen.pls [2010-01-03 16:21:43 | 00,000,556 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-01-03 16:21:36 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-01-03 15:59:28 | 11,299,336 | ---- | M] (Nullsoft, Inc.) -- C:\Documents and Settings\Administrator\Pulpit\winamp557_full_emusic-7plus_pl-pl.exe [2010-01-03 15:53:44 | 02,179,836 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\shoutcast-dsp-1-9-0-windows.exe [2010-01-02 18:18:44 | 04,933,437 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ws.mp3 [2010-01-01 21:21:45 | 00,063,384 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-01-01 21:19:53 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-01-01 21:19:51 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-01-01 21:19:49 | 00,247,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-01-01 18:23:15 | 00,003,011 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2010-01-01 16:16:57 | 00,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-01-01 14:59:43 | 00,000,917 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Fifa 98 - Road To World Cup.lnk [2010-01-01 14:46:05 | 00,000,913 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gothic II Złota Edycja.lnk [2010-01-01 02:13:06 | 00,000,624 | ---- | M] () -- C:\WINDOWS\win.ini [2009-12-31 15:45:10 | 00,000,554 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk [2009-12-31 13:57:22 | 00,001,146 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Advanced Registry Doctor.lnk [2009-12-31 13:57:22 | 00,000,988 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Registry Toolkit.lnk [2009-12-29 22:07:12 | 00,000,292 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2009-12-29 22:06:31 | 02,112,948 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-12-26 23:18:43 | 00,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RealDownload.lnk [2009-12-26 23:18:26 | 01,150,976 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\nzdd.dll [2009-12-25 18:03:41 | 00,035,328 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-25 16:23:38 | 00,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat [2009-12-25 16:10:53 | 00,000,724 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Gothic PL.lnk [2009-12-24 20:57:41 | 00,000,983 | ---- | M] () -- C:\WINDOWS\wbocx.ini [2009-12-23 18:19:29 | 00,000,556 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hitman - Codename 47.lnk [2009-12-22 17:04:56 | 00,016,283 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\ePSXeCutor.reg [2009-12-15 19:17:09 | 00,000,594 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RunPOL.lnk [2009-12-15 18:40:00 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\folwark rozprawka.doc [2009-12-15 16:03:10 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Rossmann Fotoswiat.lnk [2009-12-14 20:03:22 | 01,805,824 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\bal.doc [2009-12-13 16:27:16 | 00,000,455 | ---- | M] () -- C:\WINDOWS\system.ini [2009-12-13 16:26:10 | 00,002,829 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Dsj.pif [2009-12-11 20:32:30 | 00,064,974 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\transfer_new_091207_224432.pdf [2009-12-11 20:32:30 | 00,064,501 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\transfer_new_091207_224028.pdf [2009-12-07 20:52:42 | 00,413,696 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2009-12-07 20:52:41 | 00,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2009-12-07 20:52:37 | 00,000,871 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Uruchom Karaoke for Fun - Polski MuzykoPak 80.lnk [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Administrator\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Administrator\Moje dokumenty\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-01-03 16:21:43 | 00,000,556 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-01-03 15:47:45 | 02,179,836 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\shoutcast-dsp-1-9-0-windows.exe [2010-01-03 12:12:27 | 00,000,071 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\listen.pls [2010-01-02 18:03:30 | 04,933,437 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ws.mp3 [2010-01-01 14:46:00 | 00,000,913 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gothic II Złota Edycja.lnk [2009-12-31 15:45:10 | 00,000,554 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk [2009-12-31 13:57:22 | 00,001,146 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Advanced Registry Doctor.lnk [2009-12-31 13:57:22 | 00,000,988 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Registry Toolkit.lnk [2009-12-26 23:18:43 | 00,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RealDownload.lnk [2009-12-26 23:14:25 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2009-12-25 16:23:38 | 00,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2009-12-25 16:10:49 | 00,000,724 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Gothic PL.lnk [2009-12-23 18:19:29 | 00,000,556 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hitman - Codename 47.lnk [2009-12-22 17:04:56 | 00,016,283 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\ePSXeCutor.reg [2009-12-17 18:35:06 | 00,019,296 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\bohema_tekst.xml [2009-12-17 18:35:05 | 04,457,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\bohema_melodia.ogg [2009-12-17 18:35:04 | 06,155,624 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\bohema_podklad.ogg [2009-12-17 18:30:55 | 00,033,482 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\swinia_tekst.xml [2009-12-17 18:30:54 | 05,660,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\swinia_melodia.ogg [2009-12-17 18:30:51 | 09,002,681 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\swinia_podklad.ogg [2009-12-17 18:30:15 | 00,022,647 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\aniola_tekst.xml [2009-12-17 18:30:14 | 04,231,915 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\aniola_melodia.ogg [2009-12-17 18:30:13 | 06,490,195 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\aniola_podklad.ogg [2009-12-15 19:17:09 | 00,000,594 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RunPOL.lnk [2009-12-15 18:40:00 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\folwark rozprawka.doc [2009-12-15 16:03:10 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Rossmann Fotoswiat.lnk [2009-12-14 20:03:22 | 01,805,824 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\bal.doc [2009-12-13 16:26:09 | 00,002,829 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Dsj.pif [2009-12-11 20:32:30 | 00,064,974 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\transfer_new_091207_224432.pdf [2009-12-11 20:32:28 | 00,064,501 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\transfer_new_091207_224028.pdf [2009-12-09 22:14:45 | 00,029,684 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\dni_tekst.xml [2009-12-09 22:14:44 | 05,989,447 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\dni_melodia.ogg [2009-12-09 22:14:43 | 09,089,957 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\dni_podklad.ogg [2009-12-09 20:58:22 | 00,029,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\oczy_tekst.xml [2009-12-09 20:58:21 | 05,184,709 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\oczy_melodia.ogg [2009-12-09 20:58:19 | 08,549,801 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\oczy_podklad.ogg [2009-12-09 20:48:45 | 00,025,216 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\pokaz_tekst.xml [2009-12-09 20:48:44 | 05,889,967 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\pokaz_melodia.ogg [2009-12-09 20:48:43 | 08,223,926 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\pokaz_podklad.ogg [2009-12-09 20:44:59 | 00,018,130 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\ciemno_tekst.xml [2009-12-09 20:44:58 | 04,663,465 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\ciemno_melodia.ogg [2009-12-09 20:44:57 | 07,497,793 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\ciemno_podklad.ogg [2009-12-09 18:14:42 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\Mac606.sys [2009-12-09 18:14:40 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\Hidhlp.dll [2009-12-09 18:14:40 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\iFT32B2.dll [2009-12-07 21:04:40 | 00,000,871 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Uruchom Karaoke for Fun - Polski MuzykoPak 80.lnk [2009-12-07 20:52:19 | 01,253,376 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2009-12-07 20:52:19 | 01,032,192 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2009-12-07 20:52:19 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll [2009-12-07 20:52:19 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2009-11-02 11:27:56 | 00,002,596 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Config.nt.bak [2009-11-02 11:27:56 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Autoexec.nt.bak [2009-11-02 11:27:55 | 00,000,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\hosts.bak [2009-09-26 11:20:32 | 00,003,452 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2009-09-26 11:20:32 | 00,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\3AFEACE4BD.sys [2009-09-25 13:39:00 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-09-25 13:39:00 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-08-11 18:58:40 | 00,000,316 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2009-08-11 18:55:10 | 00,003,011 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2009-07-25 09:23:30 | 00,058,341 | ---- | C] () -- C:\WINDOWS\System32\u_hjmressacdxwlzk.dll.exe [2009-07-06 18:51:00 | 00,058,743 | ---- | C] () -- C:\WINDOWS\System32\hjmressacdxwlzk.dll-uninst.exe [2009-07-06 14:41:32 | 00,001,459 | ---- | C] () -- C:\WINDOWS\kaillera.ini [2009-06-19 22:49:06 | 00,000,077 | ---- | C] () -- C:\WINDOWS\ZC DVD Creator Platinum.INI [2009-06-18 15:24:07 | 01,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll [2009-05-25 18:50:34 | 00,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys [2009-05-09 15:13:08 | 00,000,024 | ---- | C] () -- C:\WINDOWS\mgboss_reg.ini [2009-05-05 19:02:08 | 00,000,861 | ---- | C] () -- C:\WINDOWS\disney.ini [2009-04-28 16:11:04 | 00,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-04-26 14:16:27 | 00,000,651 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-04-20 14:37:18 | 00,035,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-04-18 20:21:29 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-04-15 20:05:51 | 00,000,983 | ---- | C] () -- C:\WINDOWS\wbocx.ini [2009-04-15 19:56:01 | 00,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-04-15 19:07:33 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [1998-06-09 23:00:00 | 00,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL ========== LOP Check ========== [2009-09-26 09:57:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems [2009-11-03 12:10:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Audacity [2009-11-11 11:57:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Azureus [2009-04-17 19:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Blender Foundation [2009-05-13 21:02:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Bullzip [2009-08-10 15:59:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ChomikBox [2009-10-29 22:13:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Cream Software [2009-04-18 20:28:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools [2009-05-02 20:22:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2009-10-03 09:28:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro [2009-08-21 14:16:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\dBpoweramp [2009-05-20 17:45:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Dealio [2010-01-01 21:59:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2009-04-15 20:42:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu [2009-11-25 16:22:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\LG Electronics [2009-11-22 09:03:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu [2009-10-19 20:52:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM [2009-05-12 13:26:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2009-05-16 21:46:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Poser 7 [2009-07-08 14:29:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Radmin [2009-05-20 17:45:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Search Settings [2009-05-16 16:16:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sierra [2010-01-01 21:21:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Software Informer [2009-10-07 09:11:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Teleca [2010-01-01 15:07:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\XnView [2009-11-11 11:47:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus [2009-04-18 20:28:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-09-25 14:26:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Pro [2009-11-15 03:45:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Findbasic [2009-12-31 15:44:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2009-11-03 02:58:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA [2009-10-19 21:00:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-01-01 19:04:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PreEmptive Solutions [2010-01-03 16:44:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar [2009-05-02 11:39:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca [2009-12-09 19:00:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2009-10-31 10:47:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru ========== Purity Check ========== ========== Custom Scans ========== < %systemdrive%\*.* > [2009-04-14 20:45:03 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-04-14 20:42:00 | 00,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-22 01:13:54 | 00,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-04-14 20:45:03 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-05-20 17:43:06 | 00,000,281 | ---- | M] () -- C:\debugInstaller.txt [2009-10-21 11:16:24 | 00,000,002 | ---- | M] () -- C:\example.txt [2009-04-14 20:45:03 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2009-04-14 20:45:03 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 23:38:34 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 23:59:54 | 00,250,624 | RHS- | M] () -- C:\ntldr [2010-01-03 13:20:43 | 85,563,8016 | -HS- | M] () -- C:\pagefile.sys < End of report > [/log] Pomoże ktoś?
Mateusz J. komentarz 15 stycznia 2010 komentarz 15 stycznia 2010 Uruchom OTL i w oknie Custom Scans/Fixes wklej[code] :OTL PRC - [2009-04-09 19:10:54 | 00,970,240 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe IE - HKU\S-1-5-21-343818398-746137067-682003330-500\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.) [2009-05-20 17:11:31 | 00,000,000 | ---D | M] (Dealio Toolbar Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (no name) - {8037d0c6-58fe-6293-4a58-53ff50ee3ff1} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-343818398-746137067-682003330-500\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\Run: [] File not found O4 - HKU\.DEFAULT..\Run: [] File not found O4 - HKU\S-1-5-18..\Run: [] File not found O4 - HKU\S-1-5-21-343818398-746137067-682003330-500..\Run: [fsm] File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found F3 - HKU\S-1-5-21-343818398-746137067-682003330-500 WinNT: Load - (C:\WINDOWS\svchost.exe) - C:\WINDOWS\svchost.exe File not found O9 - Extra Button: WebCloner - {ADFCCE65-DF10-46fd-B04A-53CCBE2A0795} - D:\Program Files\ProductsFoundry\WebCloner Standard 2.7\webcloner.exe File not found :Files C:\Documents and Settings\Administrator\Dane aplikacji\Search Settings C:\Program Files\Search Settings C:\Documents and Settings\Administrator\Dane aplikacji\Dealio C:\Program Files\Dealio Toolbar C:\Program Files\AskBarDis :Commands [emptytemp] [Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera. Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli. Pokaż drugi plik Extract z OTL, który się utworzył. Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753 Raport na forum.
Zabxjca komentarz 16 stycznia 2010 Autor komentarz 16 stycznia 2010 Log z Extract OTL: [log]All processes killed ========== OTL ========== No active process named SearchSettings.exe was found! Registry value HKEY_USERS\S-1-5-21-343818398-746137067-682003330-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully. File C:\Program Files\Search Settings\kb128\SearchSettings.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found. File C:\Program Files\Search Settings\kb128\SearchSettings.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully. C:\Program Files\Search Settings\SearchSettings.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ deleted successfully. File C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll not found. Folder C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found. File C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. C:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8037d0c6-58fe-6293-4a58-53ff50ee3ff1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8037d0c6-58fe-6293-4a58-53ff50ee3ff1}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully. File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found. Registry value HKEY_USERS\S-1-5-21-343818398-746137067-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found. File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ not found. Registry value HKEY_USERS\S-1-5-21-343818398-746137067-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\\fsm deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully. Registry value HKEY_USERS\S-1-5-21-343818398-746137067-682003330-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\WINDOWS\svchost.exe deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{ADFCCE65-DF10-46fd-B04A-53CCBE2A0795}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADFCCE65-DF10-46fd-B04A-53CCBE2A0795}\ not found. ========== FILES ========== File\Folder C:\Documents and Settings\Administrator\Dane aplikacji\Search Settings not found. C:\Program Files\Search Settings\temp folder moved successfully. C:\Program Files\Search Settings\res folder moved successfully. C:\Program Files\Search Settings\FF\components folder moved successfully. C:\Program Files\Search Settings\FF\chrome\skin folder moved successfully. C:\Program Files\Search Settings\FF\chrome\locale\en-US folder moved successfully. C:\Program Files\Search Settings\FF\chrome\locale folder moved successfully. C:\Program Files\Search Settings\FF\chrome\content folder moved successfully. C:\Program Files\Search Settings\FF\chrome folder moved successfully. C:\Program Files\Search Settings\FF folder moved successfully. C:\Program Files\Search Settings folder moved successfully. File\Folder C:\Documents and Settings\Administrator\Dane aplikacji\Dealio not found. C:\Program Files\Dealio Toolbar\Res folder moved successfully. C:\Program Files\Dealio Toolbar\IE\4.0.2 folder moved successfully. C:\Program Files\Dealio Toolbar\IE folder moved successfully. C:\Program Files\Dealio Toolbar\FF\components folder moved successfully. C:\Program Files\Dealio Toolbar\FF\chrome\skin folder moved successfully. C:\Program Files\Dealio Toolbar\FF\chrome\locale\EN-US folder moved successfully. C:\Program Files\Dealio Toolbar\FF\chrome\locale folder moved successfully. C:\Program Files\Dealio Toolbar\FF\chrome\content folder moved successfully. C:\Program Files\Dealio Toolbar\FF\chrome folder moved successfully. C:\Program Files\Dealio Toolbar\FF folder moved successfully. C:\Program Files\Dealio Toolbar folder moved successfully. C:\Program Files\AskBarDis\bar\Settings folder moved successfully. C:\Program Files\AskBarDis\bar\History folder moved successfully. C:\Program Files\AskBarDis\bar\Cache folder moved successfully. C:\Program Files\AskBarDis\bar\bin folder moved successfully. C:\Program Files\AskBarDis\bar folder moved successfully. C:\Program Files\AskBarDis folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 544618033 bytes ->Temporary Internet Files folder emptied: 13407013 bytes ->Java cache emptied: 26566226 bytes ->FireFox cache emptied: 72118798 bytes ->Opera cache emptied: 55144840 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 1089302 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2114584 bytes %systemroot%\System32 .tmp files removed: 885796 bytes Windows Temp folder emptied: 636366718 bytes RecycleBin emptied: 197368 bytes Total Files Cleaned = 1 290,00 mb OTL by OldTimer - Version 3.1.21.0 log created on 01162010_190108 Files\Folders moved on Reboot... C:\WINDOWS\temp\Perflib_Perfdata_4e4.dat moved successfully. Registry entries deleted on Reboot... [/log]
Ania Łapińska komentarz 16 stycznia 2010 komentarz 16 stycznia 2010 Gdzie nowy log ze skanowania? [center][/center]
Zabxjca komentarz 17 stycznia 2010 Autor komentarz 17 stycznia 2010 Aj... Tu są logi z Malwarebytes: [log]Malwarebytes' Anti-Malware 1.44 Wersja bazy definicji: 3576 Windows 5.1.2600 Dodatek Service Pack 2 Internet Explorer 7.0.5730.11 2010-01-17 08:59:06 mbam-log-2010-01-17 (08-58-51).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowane obiekty: 298044 Upłynęło: 6 hour(s), 5 minute(s), 44 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 27 Zainfekowane wartości rejestru: 1 Zainfekowane pliki rejestru: 3 Zainfekowane foldery: 0 Zainfekowane pliki: 8 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\gnucdna.core (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{2850bdc7-2330-4e31-9fa0-88268846539a} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{0be385a3-85a5-4722-b677-68dae891ff21} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{272c0d60-0561-4c83-b3db-eb0a71f9d2eb} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{284477e4-a7cb-4055-9e1b-0ea7cba28945} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{70ca4938-6a0f-4641-a9a9-c936e4c1e7de} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{7468213e-010e-4ec6-a17d-642e909ba7ec} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{89dc33a2-f86f-42a1-8b5f-d4d1943efc9c} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{a916af3c-976d-4358-8736-95bea0b5fd2c} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{b86f4810-19a9-4050-9ac9-b5cf60b5799a} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{bb5b7e14-f8b4-4365-a24d-f4965c33e1ee} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{be45f056-e005-437b-be88-23acf70b0b6a} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{c13d4627-02f5-4b03-897a-bf6a90022dd2} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{c636f1fc-6ae4-4e6a-90ab-6d61d821a0dd} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{cb971ac0-6408-40da-a540-92f9f256f51f} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{d5694dfe-43b6-4e05-aa29-8c556c968973} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{e2032ec2-a9ac-4ed7-9bdb-ebecacf076f2} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{ebab4a71-8c34-461a-b57d-dd041d439555} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{f06fea43-0cc3-4bf6-a85b-5efb1c07aa4b} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\Interface\{fc94a0f7-9c7c-4ae2-9106-5c212332b209} (Adware.WhenU) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{f02c0ae1-d796-42c9-81e1-084d88f79b8e} (Adware.WhenU) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\576303e6-ebd8-fac1-6d26-2913d6d235c1 (Adware.AdRotator) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ltpqrzduesbad (Adware.AdRotator) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8ae71fe7-6e9d-a330-aff8-1a8a82396c34} (Adware.AdRotator) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ceb284bd-fe09-111e-beaa-fb012152536f} (Adware.AdRotator) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{ceb284bd-fe09-111e-beaa-fb012152536f} (Adware.AdRotator) -> No action taken. Zainfekowane wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vsxasqrftosolq (Trojan.Agent) -> No action taken. Zainfekowane pliki rejestru: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> No action taken. Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: C:\WINDOWS\system32\GnucDNA.dll (Adware.WhenU) -> No action taken. C:\WINDOWS\system32\576303e6-ebd8-fac1-6d26-2913d6d235c1.exe (Adware.AdRotator) -> No action taken. C:\WINDOWS\system32\ltpqrzduesbad.exe (Adware.AdRotator) -> No action taken. C:\WINDOWS\system32\u_hjmressacdxwlzk.dll.exe (Adware.AdRotator) -> No action taken. D:\Program Files\Advanced Registry Doctor\RdvChk.exe (Spyware.OnlineGames) -> No action taken. D:\Program Files\Image-Line\FL Studio 8\fruityloops.studio.producer.edition.xxl.v8.0.0-NoPE.exe (Trojan.Downloader) -> No action taken. C:\WINDOWS\system32\hjmressacdxwlzk.dll-uninst.exe (Adware.AdRotator) -> No action taken. C:\Program Files\Mozilla Firefox\components\hjmressacdxwlzk.dll (Adware.AdRotator) -> No action taken. [/log]
Ania Łapińska komentarz 17 stycznia 2010 komentarz 17 stycznia 2010 Usuń to co znalazł MBAM i powinno być OK. [center][/center]
Ania Łapińska komentarz 20 stycznia 2010 komentarz 20 stycznia 2010 Daj log z ComboFixa. [center][/center]
Mateusz J. komentarz 10 lutego 2010 komentarz 10 lutego 2010 ComboFix to inne narzędzie: http://www.forumpc.pl/index.php?showtopic=120614
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.