ice12 utworzono 17 marca 2010 utworzono 17 marca 2010 Witam, wczoraj było wszystko elegencko, lecz dzisiaj właczam kompa i zauważam, że pasek autostartu się zawiesza. Wszystko na pulpicie działa (programy, all) Pasek muli ok. 5/7 min potem wszystko wraca do normy. Działa wszystko. Wiecie jak temu zapobiec ?
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338
ice12 komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Log z OTL: [log]OTL logfile created on: 2010-03-17 19:24:49 - Run 1 OTL by OldTimer - Version 3.1.37.2 Folder = C:\Documents and Settings\Admin\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 147,00 Mb Available Physical Memory | 29,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 32,35 Gb Free Space | 43,41% Space Free | Partition Type: NTFS Drive D: | 389,93 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: OEM Current User Name: Admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-03-17 19:23:21 | 000,556,032 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-03-11 23:14:00 | 011,792,992 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-02-27 12:24:33 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.17\GoogleCrashHandler.exe PRC - [2010-02-18 17:26:27 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-12-31 11:57:25 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-04-24 18:41:55 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-04-24 18:41:55 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-04-02 11:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe PRC - [2009-04-02 11:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe PRC - [2009-03-02 19:30:14 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 13:00:00 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe PRC - [2008-04-15 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-15 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 13:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-15 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2006-11-17 05:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006-05-03 17:43:46 | 000,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-04-05 13:08:48 | 000,151,552 | ---- | M] (Panda Software) -- C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\Pavfires.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-03-17 19:23:21 | 000,556,032 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Moje dokumenty\Pobieranie\OTL.exe MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-03 20:58:45 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-15 13:00:00 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-15 13:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008-04-15 13:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 13:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-15 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 13:00:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-15 13:00:00 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-15 13:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 13:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 13:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-15 13:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-15 13:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 13:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-15 13:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 13:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 13:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-15 13:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2006-05-03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2003-09-04 18:05:00 | 000,077,824 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\SSSensor.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-12-31 11:57:25 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc) SRV - [2009-12-31 11:57:21 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009-04-27 14:21:36 | 000,028,928 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2009-04-02 11:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (askupgrade) SRV - [2009-04-02 11:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (askservice) SRV - [2009-02-19 13:51:55 | 000,021,476 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Panda Software\Panda Antivirus Platinum\PAVSRV.CFG -- (PAVSRV) SRV - [2004-04-05 13:08:48 | 000,151,552 | ---- | M] (Panda Software) [Auto | Running] -- C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\Pavfires.exe -- (PAVFIRES) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Disabled | Running] -- -- (epfwtdir) DRV - File not found [Kernel | Disabled | Running] -- -- (ehdrv) DRV - File not found [File_System | Disabled | Running] -- -- (eamon) DRV - [2009-10-23 17:40:59 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (staropen) DRV - [2009-05-08 16:09:04 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-04-15 13:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008-04-15 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2008-04-15 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2007-03-08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2006-05-03 17:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2003-10-03 16:17:06 | 000,060,160 | ---- | M] (Panda Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\Drivers\pavdrv51.sys -- (PAVDRV) DRV - [2003-09-04 18:05:00 | 000,055,888 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys -- (Teefer) DRV - [2003-09-04 18:05:00 | 000,018,515 | ---- | M] (Sygate Technologies, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys -- (wpsdrvnt) DRV - [2003-09-04 18:05:00 | 000,011,914 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys -- (wg3n) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-448539723-602162358-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-448539723-602162358-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-448539723-602162358-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-448539723-602162358-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-448539723-602162358-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Ask" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Ask" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 0 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0 FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=10615&gct=&gc=1&q=" FF - prefs.js..network.proxy.http: "localhost" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.socks: "localhost" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "localhost" FF - prefs.js..network.proxy.ssl_port: 9666 FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010-03-06 11:33:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-07 11:27:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-09 17:47:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-06-25 18:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Extensions [2010-03-16 16:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\0cs308s5.default\extensions [2010-03-06 16:55:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\0cs308s5.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2009-12-04 16:04:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\0cs308s5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) [2009-12-04 16:04:36 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\0cs308s5.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}(2) [2010-01-09 13:04:01 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\0cs308s5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-02-18 20:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\0cs308s5.default\extensions\firefox@tvunetworks.com [2009-10-01 19:28:52 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\0cs308s5.default\searchplugins\ask.xml [2010-03-17 19:20:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-07-17 09:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2006-11-16 01:49:56 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll [2009-08-15 20:16:55 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-08-15 20:16:55 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-08-15 20:16:55 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-08-15 20:16:55 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-08-15 20:16:56 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-08-15 20:16:56 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-02-18 20:31:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Skype add-on (mastermind)) - {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-448539723-602162358-1606980848-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-448539723-602162358-1606980848-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-448539723-602162358-1606980848-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe (Panda Software) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-448539723-602162358-1606980848-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-21-448539723-602162358-1606980848-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [ARCABIT_UNINSTALL] c:\temp\avfix.exe (ArcaBit) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-448539723-602162358-1606980848-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-448539723-602162358-1606980848-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-448539723-602162358-1606980848-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-448539723-602162358-1606980848-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067a26b-1337-4436-8afe-ee169c2da79f} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77bf5300-1474-4ec7-9980-d32b190e9b07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234883573262 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.com/webapps/download/AutoDL?BundleId=29223 (Java Plug-in 1.6.0_13) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-02-17 13:49:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-10-15 12:22:12 | 000,000,182 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{d29240dd-fcf6-11dd-9dee-806d6172696f}\Shell\ArcaVirMenu\command - "" = D:\ArcaVirMenu.exe -- [2009-10-22 10:43:29 | 000,748,112 | R--- | M] (ArcaBit) O33 - MountPoints2\{d29240dd-fcf6-11dd-9dee-806d6172696f}\Shell\AutoRun\command - "" = D:\ArcaVirMenu.exe -- [2009-10-22 10:43:29 | 000,748,112 | R--- | M] (ArcaBit) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-02-17 13:49:00 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software) NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^Admin^Menu Start^Programy^Autostart^OpenOffice.org 2.0.2.lnk - C:\Program Files\OpenOffice.org 2.0.2\program\quickstart.exe - () MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe - (McAfee, Inc.) MsConfig - StartUpReg: [b]APVXDWIN[/b] - hkey= - key= - C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE (Panda Software International) MsConfig - StartUpReg: [b]ares[/b] - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) MsConfig - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NBJ[/b] - hkey= - key= - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG) MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]RaidTool[/b] - hkey= - key= - C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies) MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: ip6fw.sys - Driver SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdpwd.sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: tdpipe.sys - Driver SafeBootNet: tdtcp.sys - Driver SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-03-17 19:18:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\A6448DEA02A34BDEA2C39C431ABCF2D2.TMP [2010-03-17 19:03:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010-03-17 17:57:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-03-17 17:16:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\ESET [2010-03-17 15:23:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent [2010-03-17 15:23:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010-03-17 15:06:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-03-16 21:31:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010-03-16 21:31:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010-03-16 21:31:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010-03-16 21:31:34 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010-03-16 21:30:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-03-16 21:10:34 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-03-16 20:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2010-03-15 22:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\AIDA32 - Enterprise System Information [2010-03-15 21:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2010-03-14 19:35:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Malwarebytes [2010-03-14 19:35:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-14 19:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-03-14 19:35:22 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-14 19:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-03-14 18:50:46 | 000,085,713 | ---- | C] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys [2010-03-14 14:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-03-14 14:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2010-03-12 21:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-12 21:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10 [2010-03-12 21:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2010-03-09 17:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010-03-09 17:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-03-06 16:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\TVU Networks [2010-02-23 16:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2010-02-20 19:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Moyea [2010-02-20 16:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle [2010-02-20 14:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast [2010-02-18 20:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TVU Networks [2010-02-18 20:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\TVU Networks [2010-02-18 20:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\LocalLow [2010-02-18 20:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\LocalLow [2010-02-18 20:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\TVUPlayer [2010-02-18 20:28:45 | 000,000,000 | ---D | C] -- C:\ppmaterecord [2010-02-18 20:28:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\PPMate [2010-02-18 20:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Synacast [2010-02-18 20:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\PPMate [2010-02-17 16:40:49 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI [2010-02-17 16:20:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\SecuROM [2010-02-11 20:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\FIFA 07 [2010-02-11 20:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\EA SPORTS [2010-02-09 17:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\PhotoFiltre [2010-01-29 10:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\IDM [2010-01-29 10:32:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\DMCache [2010-01-29 10:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-01-19 11:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Gif Animator Extension [2010-01-19 11:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\Easy GIF Animator [2009-11-20 16:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-02-27 12:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2009-02-27 08:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2009-02-17 13:52:54 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-02-17 13:52:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2009-02-17 13:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-03-17 19:00:20 | 000,000,530 | ---- | M] () -- C:\WINDOWS\tasks\Konserwacja 1 kliknięciem.job [2010-03-17 18:59:48 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Konfiguracja.lnk [2010-03-17 18:59:48 | 000,000,163 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\neostrada tp.url [2010-03-17 18:44:08 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-03-17 18:44:07 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-17 18:44:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-17 18:44:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-03-17 18:44:01 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2010-03-17 18:43:01 | 017,039,360 | ---- | M] () -- C:\Documents and Settings\Admin\ntuser.dat [2010-03-17 18:43:01 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini [2010-03-17 18:35:31 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-03-17 17:24:55 | 000,000,254 | ---- | M] () -- C:\WINDOWS\system.ini [2010-03-17 14:58:54 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-03-16 21:57:46 | 000,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini [2010-03-16 20:47:24 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2010-03-16 19:27:34 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-03-16 17:14:43 | 000,030,011 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\gmer.bat [2010-03-15 22:04:32 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\AIDA32.lnk [2010-03-15 21:54:21 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\EVEREST Home Edition.lnk [2010-03-14 21:16:47 | 006,234,482 | ---- | M] () -- C:\WINDOWS\System32\LFDBD [2010-03-14 20:26:19 | 016,662,528 | ---- | M] () -- C:\WINDOWS\System32\ENDELZRCVHGI [2010-03-14 19:35:32 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-14 18:51:57 | 000,000,250 | ---- | M] () -- C:\WINDOWS\gmer.ini [2010-03-14 18:50:46 | 000,085,713 | ---- | M] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys [2010-03-14 18:50:45 | 000,819,200 | ---- | M] () -- C:\WINDOWS\gmer.dll [2010-03-14 18:50:45 | 000,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd [2010-03-14 15:38:16 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\CCleaner.lnk [2010-03-13 18:22:12 | 002,107,264 | -H-- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-03-12 21:16:29 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-03-12 21:16:29 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-03-10 15:08:03 | 000,205,712 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-09 17:51:26 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010-03-09 17:49:04 | 000,000,653 | ---- | M] () -- C:\WINDOWS\win.ini [2010-03-06 18:03:04 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Admin\PUTTY.RND [2010-03-06 16:28:40 | 000,017,424 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-02-28 17:24:04 | 000,050,917 | ---- | M] () -- C:\Documents and Settings\Admin\.recently-used.xbel [2010-02-23 16:12:33 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GIMP 2.lnk [2010-02-21 20:51:49 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-17 16:20:37 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2010-01-23 18:14:05 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\Mój komputer.lnk [2010-01-21 17:53:09 | 000,001,591 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk [2010-01-21 17:40:17 | 000,000,211 | -HS- | M] () -- C:\boot.ini [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-03-17 18:59:48 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Konfiguracja.lnk [2010-03-17 18:59:48 | 000,000,163 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\neostrada tp.url [2010-03-16 21:57:46 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2010-03-16 21:31:35 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-03-16 21:31:35 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-03-16 21:31:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-03-16 21:31:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-03-16 21:31:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-03-16 20:47:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini [2010-03-16 18:10:06 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2010-03-16 17:02:56 | 000,030,011 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\gmer.bat [2010-03-15 22:04:32 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\AIDA32.lnk [2010-03-15 22:04:04 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\gmer.exe [2010-03-15 21:54:20 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\EVEREST Home Edition.lnk [2010-03-14 20:52:43 | 006,234,482 | ---- | C] () -- C:\WINDOWS\System32\LFDBD [2010-03-14 20:22:51 | 016,662,528 | ---- | C] () -- C:\WINDOWS\System32\ENDELZRCVHGI [2010-03-14 19:35:31 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-14 18:51:01 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini [2010-03-14 18:50:45 | 000,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd [2010-03-14 18:50:44 | 000,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll [2010-03-14 18:50:43 | 000,757,760 | ---- | C] () -- C:\WINDOWS\gmer.exe [2010-03-14 15:38:16 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\CCleaner.lnk [2010-03-14 13:27:39 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\rbuwzv.dat [2010-03-12 21:16:29 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-03-12 21:16:29 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-03-09 17:51:24 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-03-06 16:36:15 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Admin\PUTTY.RND [2010-02-28 17:24:04 | 000,050,917 | ---- | C] () -- C:\Documents and Settings\Admin\.recently-used.xbel [2010-02-23 16:12:33 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GIMP 2.lnk [2010-01-23 18:14:05 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\Mój komputer.lnk [2010-01-21 17:53:09 | 000,001,591 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk [2010-01-19 10:13:29 | 017,039,360 | ---- | C] () -- C:\Documents and Settings\Admin\ntuser.dat [2009-10-23 17:43:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-10-23 17:27:36 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-07-10 15:50:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\adf153e1.sys [2009-07-06 15:22:31 | 142,415,424 | ---- | C] () -- C:\Program Files\Encoded_audio_1.mp2 [2009-07-06 15:22:30 | 000,001,261 | ---- | C] () -- C:\Program Files\Encoded_audio_1.log [2009-07-06 15:22:18 | 000,000,002 | ---- | C] () -- C:\Program Files\MADPlay_log.txt [2009-07-06 15:18:49 | 1139,323,436 | ---- | C] () -- C:\Program Files\Encoded_audio_1.mp2.wav [2009-07-06 15:18:06 | 095,095,800 | ---- | C] () -- C:\Program Files\Extracted_audio_1.mpa [2009-07-06 15:18:03 | 000,005,599 | ---- | C] () -- C:\Program Files\DVD.INI [2009-07-06 15:18:03 | 000,002,832 | ---- | C] () -- C:\Program Files\dvd2svcd project file.d2s [2009-07-06 15:18:03 | 000,002,767 | ---- | C] () -- C:\Program Files\DVD2SVCD.INI [2009-07-06 15:18:03 | 000,000,810 | ---- | C] () -- C:\Program Files\AVISYNTH.INI [2009-07-06 15:18:03 | 000,000,012 | ---- | C] () -- C:\Program Files\dvd2svcd chapters file.ini [2009-06-12 10:26:09 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-05-19 19:04:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll [2009-05-17 18:39:31 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll [2009-05-08 15:56:55 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-04-24 16:59:40 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Grappler.ini [2009-04-24 16:59:01 | 000,012,800 | ---- | C] () -- C:\WINDOWS\ioctrl.dll [2009-04-18 13:05:00 | 000,000,612 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini [2009-04-18 13:04:18 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2009-03-28 16:51:04 | 000,000,772 | ---- | C] () -- C:\WINDOWS\wordpad.ini [2009-03-06 18:40:38 | 000,002,408 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2009-02-27 22:06:06 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-02-27 08:26:19 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-02-17 16:08:29 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe [2009-02-17 16:03:22 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-02-17 16:03:20 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-02-17 16:03:20 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-02-17 16:03:19 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-02-17 16:03:18 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-02-17 16:03:18 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-02-17 16:00:40 | 000,007,751 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2009-02-17 14:57:02 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2007-05-18 02:39:54 | 009,854,976 | ---- | C] () -- C:\WINDOWS\System32\atioglx2.dll [2007-05-18 02:14:21 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\atiok3x2.dll [2004-01-09 16:47:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\avisynth_c.dll [2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2000-07-22 15:49:46 | 000,431,104 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll [color=#E56717]========== LOP Check ==========[/color] [2009-12-05 12:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\.BitTornado [2010-03-08 21:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Any Video Converter [2009-10-01 14:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Azureus [2009-10-01 13:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\BitTorrent [2009-05-08 16:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\DAEMON Tools Lite [2010-01-29 10:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\DMCache [2009-07-07 10:19:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\FinalBurner Video DVD [2009-04-17 18:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu [2010-03-13 14:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10 [2009-05-17 18:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\GetRightToGo [2010-02-28 17:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\gtk-2.0 [2010-01-29 10:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\IDM [2009-05-08 16:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Leadertech [2010-02-20 19:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Moyea [2009-03-28 16:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\NCH Swift Sound [2009-12-20 10:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Nowe Gadu-Gadu [2009-07-17 08:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\OpenFM [2010-02-09 17:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\PhotoFiltre [2010-02-18 20:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\PPMate [2009-03-07 17:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Recordpad [2009-12-31 12:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\runic games [2009-10-25 20:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Samsung [2009-12-31 11:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\TuneUp Software [2010-01-12 20:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\VSO [2009-02-21 10:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus [2009-05-08 16:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-03-17 15:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-12-31 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fighters [2010-03-12 21:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2009-03-09 22:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound [2010-03-13 14:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-02-19 17:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2010-01-14 16:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-07-19 19:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2009-12-31 11:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2009-04-17 09:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VideoMach [2010-01-15 17:09:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{2A082487-0FFF-4FD5-BE3C-DE59C1ECC4E0} [2009-12-31 11:54:24 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357} [2010-03-17 19:00:20 | 000,000,530 | ---- | M] () -- C:\WINDOWS\Tasks\Konserwacja 1 kliknięciem.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-02-17 13:49:37 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-02-17 13:44:09 | 000,000,211 | -HS- | M] () -- C:\BOOT.BKK [2010-01-21 17:40:17 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2008-04-15 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-10-23 18:39:57 | 000,000,074 | ---- | M] () -- C:\CMLoader.log [2010-03-17 17:27:42 | 000,021,009 | ---- | M] () -- C:\ComboFix.txt [2009-02-17 13:49:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-02-19 15:12:12 | 000,000,277 | ---- | M] () -- C:\debugInstaller.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007-11-07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007-11-07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007-11-07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2010-03-17 18:44:01 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2007-11-07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007-11-07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007-11-07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007-11-07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007-11-07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007-11-07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007-11-07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007-11-07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007-11-07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007-11-07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2009-02-17 13:49:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-02-17 13:49:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 13:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-03-17 18:44:00 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys [2009-03-22 21:01:14 | 000,086,976 | ---- | M] () -- C:\R0322__21_00_59.mp3 [2009-03-22 21:01:48 | 000,245,376 | ---- | M] () -- C:\R0322__21_01_31.mp3 [2009-03-28 16:41:41 | 000,200,160 | ---- | M] () -- C:\R0328__16_41_35.mp3 [2009-03-28 16:41:51 | 000,200,160 | ---- | M] () -- C:\R0328__16_41_45.mp3 [2009-03-28 16:42:28 | 000,265,404 | ---- | M] () -- C:\R0328__16_42_21.mp3 [2009-03-28 16:43:07 | 000,241,371 | ---- | M] () -- C:\R0328__16_43_01.mp3 [2010-03-17 18:59:50 | 000,000,159 | ---- | M] () -- C:\Setup.log [2006-04-17 21:49:54 | 345,666,499 | ---- | M] () -- C:\Star Wars Battlefront 2.exe [2007-11-07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007-11-07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007-11-07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008-04-15 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 514 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report > [/log]
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [quote]:Processes explorer.exe :OTL FF - prefs.js..browser.search.defaultenginename: "Ask" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Ask" O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-448539723-602162358-1606980848-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\RunOnce: [ARCABIT_UNINSTALL] c:\temp\avfix.exe (ArcaBit) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.) O32 - AutoRun File - [2009-10-15 12:22:12 | 000,000,182 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{d29240dd-fcf6-11dd-9dee-806d6172696f}\Shell\ArcaVirMenu\command - "" = D:\ArcaVirMenu.exe -- [2009-10-22 10:43:29 | 000,748,112 | R--- | M] (ArcaBit) O33 - MountPoints2\{d29240dd-fcf6-11dd-9dee-806d6172696f}\Shell\AutoRun\command - "" = D:\ArcaVirMenu.exe -- [2009-10-22 10:43:29 | 000,748,112 | R--- | M] (ArcaBit) :Files C:\Program Files\AskBarDis c:\temp\avfix.exe :Commands [emptytemp] [start explorer] [Reboot][/quote] Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
ice12 komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Z malware: [log]Malwarebytes' Anti-Malware 1.44 Wersja bazy definicji: 3510 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 6.0.2900.5512 2010-03-17 21:04:27 mbam-log-2010-03-17 (21-04-27).txt Typ skanowania: Pełne skanowanie (C:\|) Przeskanowane obiekty: 190409 Upłynęło: 1 hour(s), 4 minute(s), 8 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 0 Zainfekowane wartości rejestru: 0 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 3 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: (Nie wykryto groźnych plików) Zainfekowane wartości rejestru: (Nie wykryto groźnych plików) Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: C:\System Volume Information\_restore{259D02DF-91E8-4674-9B74-80F258E5473E}\RP379\A0177947.sys (Malware.Trace) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{259D02DF-91E8-4674-9B74-80F258E5473E}\RP381\A0179270.sys (Malware.Trace) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{259D02DF-91E8-4674-9B74-80F258E5473E}\RP381\A0179909.sys (Malware.Trace) -> Quarantined and deleted successfully. [/log]
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 Wykonaj: http://support.microsoft.com/kb/310405/pl + Uruchom OTL i kliknij CleanUP. Czysto. Dodatkowo wykonaj optymalizację: http://www.forumpc.pl/index.php?showtopic=17478 i napisz czy komputer działa lepiej.
ice12 komentarz 18 marca 2010 Autor komentarz 18 marca 2010 Zrobiłem to wszystko i komp trochę szybciej chodzi, lecz pasek dalej na poczatku sie zawiesza ok. 5min.
Psycholandia komentarz 18 marca 2010 komentarz 18 marca 2010 Uruchom OTL i klik CleanUP. Jeśli chodzi o wirusy jest czysto. Zainstaluj tą poprawkę: http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en
ice12 komentarz 18 marca 2010 Autor komentarz 18 marca 2010 To co może być przyczyną tego ? Jeśli nie wirusy? które sa czyste.
Psycholandia komentarz 18 marca 2010 komentarz 18 marca 2010 Słaby zasilacz, przegrzewający się sprzęt, zaśmiecony Windows..
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.