dinolord456 utworzono 20 marca 2010 utworzono 20 marca 2010 Witam, Otóż mój problem polega na tym, że przy każdym uruchomieniu komputera wyświetla się następujący komunikat: System Windows-Brak dysku Exception Processing Message c0000013 Parameters 75b3bf7c 4 75b3bf7c 75b3bf7c Dany komunikat pomimo licznych prób anulowania bądź kontynuacji nie chce sniknąć. 1) Coś blokuje antywirusa AVG, dokładniej nie można zrobić skanu, aktualizacji ani nawet włączyć program. 2) Antywirus bezustannie wykrywa zagrożenia i nie potrafi ich usunąć. 3) Nie mogę włączyć menadżera zadań, wyskajuje mi takie info (menedżer zadań zostal wyłączony przez administratora) lecz na kompie nie ma innych uzytkowników. Nie mam pojęcia co się dzieje, czy to coś poważnego? Proszę o szybką pomoc. PS: W dziedzinie komputerów jestem ciemny.
Psycholandia komentarz 20 marca 2010 komentarz 20 marca 2010 Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338
dinolord456 komentarz 20 marca 2010 Autor komentarz 20 marca 2010 O to co mi wyszło [log]OTL logfile created on: 2010-03-20 07:47:32 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Home XP\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 39,07 Gb Total Space | 15,87 Gb Free Space | 40,62% Space Free | Partition Type: NTFS Drive D: | 193,82 Gb Total Space | 67,62 Gb Free Space | 34,89% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XP Current User Name: Home XP Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-03-20 07:45:40 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home XP\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-03-14 10:15:20 | 002,059,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe PRC - [2010-03-14 10:15:17 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe PRC - [2010-03-14 10:15:16 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe PRC - [2010-03-14 10:15:13 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe PRC - [2010-03-14 10:14:43 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe PRC - [2010-03-14 10:14:43 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe PRC - [2010-03-14 10:14:42 | 001,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe PRC - [2010-02-18 00:15:31 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-01-15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2010-01-08 01:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Dealio Toolbar\SearchSettings.exe PRC - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe PRC - [2009-12-30 03:35:15 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 13:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmine.exe PRC - [2008-04-15 13:00:00 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe PRC - [2008-04-15 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-15 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-15 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2007-11-26 14:54:22 | 001,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe PRC - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe PRC - [2007-11-26 14:54:02 | 001,057,064 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe PRC - [2007-10-18 15:32:42 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2007-10-18 15:27:50 | 000,455,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe PRC - [2007-07-12 10:03:40 | 000,380,928 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\GamerOSD\GamerOSD.exe PRC - [2007-06-28 17:43:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2007-05-14 03:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2006-12-18 14:34:36 | 000,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2006-07-13 07:12:26 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-03-20 07:45:40 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home XP\Moje dokumenty\Pobieranie\OTL.exe MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-15 13:00:00 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-15 13:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008-04-15 13:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 13:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-15 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 13:00:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-15 13:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-15 13:00:00 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2008-04-15 13:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 13:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-15 13:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 13:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-15 13:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 13:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2008-04-15 13:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-15 13:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 13:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-15 13:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-15 13:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 13:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 13:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-15 13:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 13:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll MOD - [2008-04-15 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-03-14 10:15:13 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2010-03-14 10:14:43 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2009-04-06 16:35:00 | 002,743,325 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) SRV - [2007-07-12 16:30:42 | 000,257,024 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-03-14 10:15:18 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010-03-14 10:15:17 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-03-14 10:14:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-03-11 02:50:46 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-12-17 22:46:29 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-04-15 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-11-26 14:54:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm) DRV - [2007-11-26 14:54:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007-11-26 14:54:02 | 000,118,952 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs) DRV - [2007-07-12 10:03:42 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2007-07-12 10:03:40 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D) DRV - [2007-07-12 10:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2007-07-12 10:03:38 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2007-06-28 17:43:00 | 006,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2007-01-16 02:09:06 | 000,293,888 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2006-07-27 02:49:10 | 000,083,712 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-03-17 10:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2003-09-06 14:37:22 | 000,062,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2003-09-06 13:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003-09-06 13:25:52 | 000,051,744 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2003-09-06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/ IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\URLSearchHook: *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaultthis.engineName: "2Shared Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2447621&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=966134" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "http://google.pl/" FF - prefs.js..extensions.enabledItems: {ef468e5b-5b30-4136-a833-7f2e3a31afdf}:2.5.6.0 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783 FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005 FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.0.2 FF - prefs.js..extensions.enabledItems: npnami@npnami.com:1.3 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.19 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p=" FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-03-14 23:48:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010-02-06 19:21:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-08 11:57:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-14 23:49:07 | 000,000,000 | ---D | M] [2009-11-04 14:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Mozilla\Extensions [2010-03-20 02:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions [2009-11-09 03:37:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-15 01:44:14 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2010-01-26 20:42:31 | 000,000,000 | ---D | M] (2Shared Toolbar) -- C:\Documents and Settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{ef468e5b-5b30-4136-a833-7f2e3a31afdf} [2010-02-11 21:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\npnami@npnami.com [2010-01-20 12:15:54 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\searchplugins\conduit.xml [2010-03-15 01:44:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-02-21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009-10-16 19:45:02 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-10-16 19:45:02 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-10-16 19:45:02 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-10-16 19:45:02 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-10-16 19:45:02 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-10-16 19:45:02 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O3 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [l33t] C:\WINDOWS\system\iexplore.exe File not found O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Dealio Toolbar\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O4 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe File not found O4 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) O4 - Startup: C:\Documents and Settings\Home XP\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\PrxerNsp.dll (Initex Software) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\PrxerDrv.dll (Initex Software) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\PrxerDrv.dll (Initex Software) O15 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..Trusted Domains: internet ([]about in Lokalny intranet) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.48.127.4 194.204.159.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Home XP\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Home XP\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-11-03 16:09:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-11-03 16:53:37 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-03-19 03:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2010-03-16 16:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee [2010-03-15 05:02:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Dane aplikacji\InstallShield [2010-03-14 16:16:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan [2010-03-14 16:16:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee [2010-03-14 16:16:14 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2010-03-14 16:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NOS [2010-03-14 10:15:17 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010-03-13 23:51:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Google [2010-03-13 20:04:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Moje dokumenty\JustCause [2010-03-13 20:03:48 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2010-03-13 20:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield [2010-03-13 15:46:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Dane aplikacji\uTorrent [2010-03-13 15:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2010-03-11 02:50:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Dane aplikacji\Hamachi [2010-03-10 00:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\VALVe [2010-03-09 13:30:35 | 000,000,000 | ---D | C] -- C:\Program Files\Games [2010-03-09 06:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Dane aplikacji\The Creative Assembly [2010-03-08 00:19:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\WINDOWS [2010-03-03 09:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2010-02-23 09:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero [2010-02-23 09:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead [2010-02-23 09:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Ustawienia lokalne\Dane aplikacji\Help [2010-02-23 09:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Dane aplikacji\Help [2010-02-23 09:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-02-23 09:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe [2010-02-13 01:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010-02-12 23:03:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Winferno [2010-02-12 23:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\Winferno [2010-02-06 20:19:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Ustawienia lokalne\Dane aplikacji\AVG Security Toolbar [2010-02-06 19:22:12 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-02-06 19:21:59 | 000,242,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010-02-06 19:21:54 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010-02-06 19:21:53 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010-02-06 19:21:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg [2010-02-06 19:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar [2010-02-06 19:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-02-06 19:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2010-02-06 19:20:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-02-06 19:20:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-02-06 19:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-02-06 19:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-02-03 18:48:44 | 000,073,728 | ---- | C] (Initex Software) -- C:\WINDOWS\System32\PrxerDrv.dll [2010-02-03 18:48:44 | 000,061,440 | ---- | C] (Initex Software) -- C:\WINDOWS\System32\PrxerNsp.dll [2010-02-01 22:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Dane aplikacji\Search Settings [2010-02-01 22:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Dane aplikacji\Dealio [2010-02-01 22:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater [2010-01-26 18:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home XP\Dane aplikacji\skypePM [2010-01-23 00:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\metin2pl [2010-01-22 18:20:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs [2009-12-30 03:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-03-20 07:49:27 | 001,626,112 | ---- | M] () -- C:\WINDOWS\System32\nwiz.exe [2010-03-20 07:48:09 | 001,626,112 | ---- | M] () -- C:\WINDOWS\System32\2d860fed-55c6-49cd-a543-6e8cc3181b3f [2010-03-20 07:05:27 | 007,864,320 | ---- | M] () -- C:\Documents and Settings\Home XP\NTUSER.DAT [2010-03-20 07:04:57 | 057,396,646 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010-03-20 06:29:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job [2010-03-20 06:29:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-20 06:29:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-03-20 06:19:44 | 004,313,946 | -H-- | M] () -- C:\Documents and Settings\Home XP\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-03-20 05:05:09 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-20 04:37:09 | 000,000,269 | ---- | M] () -- C:\WINDOWS\system.ini [2010-03-20 03:10:44 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{531C4D1C-BA08-44B5-B38F-487F5D106819}.job [2010-03-19 12:36:15 | 000,196,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\nStandard.bin [2010-03-19 03:08:27 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Assassin's Creed II.lnk [2010-03-16 16:35:31 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2010-03-15 19:01:49 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Home XP\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-03-15 09:52:21 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2010-03-15 05:10:15 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Assassin's Creed.lnk [2010-03-15 01:44:13 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk [2010-03-14 23:53:30 | 000,000,597 | ---- | M] () -- C:\Documents and Settings\Home XP\Pulpit\Need For Speed Most Wanted.lnk [2010-03-14 10:15:18 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010-03-14 10:15:17 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010-03-14 10:15:17 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010-03-14 10:14:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010-03-13 20:03:48 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2010-03-13 15:46:13 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Home XP\Pulpit\µTorrent.lnk [2010-03-11 02:50:46 | 000,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys [2010-03-10 20:48:04 | 000,000,854 | ---- | M] () -- C:\Documents and Settings\Home XP\Pulpit\Mystery Age The Imperial Staff.lnk [2010-03-10 00:59:39 | 000,001,764 | ---- | M] () -- C:\Documents and Settings\Home XP\Pulpit\Counter-Strike Source.lnk [2010-03-09 15:27:43 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Home XP\ntuser.ini [2010-03-08 19:17:08 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-03-07 10:05:21 | 000,000,112 | -H-- | M] () -- C:\Documents and Settings\Home XP\Moje dokumenty\.picasa.ini [2010-03-03 09:27:51 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-02-28 21:05:55 | 000,000,053 | ---- | M] () -- C:\WINDOWS\disney.ini [2010-02-23 09:38:03 | 000,002,385 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk [2010-02-11 17:32:45 | 000,000,179 | ---- | M] () -- C:\Documents and Settings\Home XP\Dane aplikacji\Current.prx [2010-02-06 19:23:58 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2010-02-06 19:22:00 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk [2010-02-06 19:21:53 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2010-02-06 19:21:48 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2010-02-06 19:21:48 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2010-01-31 17:20:05 | 000,025,672 | ---- | M] () -- C:\Documents and Settings\Home XP\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-01-26 18:37:31 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-01-23 04:57:26 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-03-20 07:48:09 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\2d860fed-55c6-49cd-a543-6e8cc3181b3f [2010-03-19 03:08:27 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Assassin's Creed II.lnk [2010-03-15 05:10:15 | 000,000,687 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Assassin's Creed.lnk [2010-03-15 01:44:13 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BitComet.lnk [2010-03-14 16:16:14 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2010-03-13 15:46:13 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Home XP\Pulpit\µTorrent.lnk [2010-03-10 20:48:04 | 000,000,854 | ---- | C] () -- C:\Documents and Settings\Home XP\Pulpit\Mystery Age The Imperial Staff.lnk [2010-03-10 00:44:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\Home XP\Pulpit\Counter-Strike Source.lnk [2010-03-09 22:25:33 | 000,000,597 | ---- | C] () -- C:\Documents and Settings\Home XP\Pulpit\Need For Speed Most Wanted.lnk [2010-02-28 21:00:29 | 000,000,053 | ---- | C] () -- C:\WINDOWS\disney.ini [2010-02-23 09:38:03 | 000,002,385 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk [2010-02-17 14:57:15 | 000,400,896 | ---- | C] () -- C:\WINDOWS\IsUn0415.exe [2010-02-12 23:00:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\PCConfidential.job [2010-02-06 19:22:00 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk [2010-02-06 19:21:53 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2010-02-06 19:21:48 | 057,396,646 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010-02-06 19:21:48 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2010-02-06 19:21:48 | 000,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2010-02-06 19:21:48 | 000,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2010-02-03 18:48:49 | 000,000,179 | ---- | C] () -- C:\Documents and Settings\Home XP\Dane aplikacji\Current.prx [2010-01-26 18:37:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-01-15 02:23:00 | 000,000,161 | ---- | C] () -- C:\WINDOWS\l33td.ini [2010-01-13 14:41:23 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2010-01-06 11:33:22 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-12-17 22:46:28 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-11-12 05:02:40 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll [2009-11-08 22:15:38 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-11-06 15:42:00 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\Home XP\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-04 13:23:02 | 000,643,142 | ---- | C] () -- C:\WINDOWS\aticlocklib.dll [2009-11-04 13:23:02 | 000,110,592 | ---- | C] () -- C:\WINDOWS\R5ClkLib.dll [2009-11-04 13:23:00 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-11-04 13:23:00 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-11-04 13:23:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll [2009-11-04 13:23:00 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll [2009-11-04 13:23:00 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll [2009-11-04 13:23:00 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll [2009-11-04 13:23:00 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll [2009-11-04 13:23:00 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll [2009-11-04 13:23:00 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll [2009-11-04 13:23:00 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2009-11-04 13:22:59 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll [2009-11-04 10:21:00 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-11-04 10:20:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-11-04 10:20:58 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-11-04 10:20:57 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-11-04 10:20:57 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-11-03 16:35:16 | 000,015,010 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2009-11-03 16:35:06 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009-11-03 16:35:05 | 000,014,682 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-11-03 16:34:49 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2007-06-28 17:43:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007-06-28 17:43:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007-06-28 17:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007-06-28 17:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007-06-28 17:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [color=#E56717]========== LOP Check ==========[/color] [2010-02-11 21:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar [2010-03-20 07:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2009-12-17 22:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-23 09:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-03-04 16:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-12-13 17:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\phenomedia [2010-03-19 17:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-19 03:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2010-02-12 23:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Winferno [2009-12-17 22:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\DAEMON Tools Lite [2010-02-01 22:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Dealio [2010-03-20 03:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\foobar2000 [2010-01-01 23:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\MA [2010-03-08 19:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Nowe Gadu-Gadu [2009-11-05 19:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\OpenFM [2009-11-04 13:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\OpenOffice.org [2010-01-11 16:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\PhotoFrameShow [2010-02-01 22:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Search Settings [2009-11-07 16:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Sony [2009-11-07 15:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Sony Setup [2010-03-09 06:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\The Creative Assembly [2010-03-19 03:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\Ubisoft [2010-03-13 17:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home XP\Dane aplikacji\uTorrent [2010-03-20 06:29:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job [2010-03-20 03:10:44 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{531C4D1C-BA08-44B5-B38F-487F5D106819}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-11-03 16:09:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-11-03 16:04:25 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2008-04-15 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-11-03 16:09:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-11-03 16:09:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-11-03 16:09:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 13:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-03-20 06:29:17 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2009-11-25 22:55:27 | 000,003,436 | -H-- | M] () -- C:\TPhoto.prp [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-15 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys [2008-04-15 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2009-12-22 19:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4 @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:870649A4 < End of report >[/log]
Psycholandia komentarz 20 marca 2010 komentarz 20 marca 2010 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [quote]:Processes explorer.exe :OTL IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\URLSearchHook: *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O3 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [l33t] C:\WINDOWS\system\iexplore.exe File not found O4 - HKU\S-1-5-21-1935655697-413027322-1801674531-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe File not found O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.) :Commands [emptytemp] [start explorer] [Reboot][/quote] Pobierz: http://www.freedrweb.pl/livecd.php nagraj na płytę, reset kompa, podczas uruchamiania wciskaj F11, odpali się program i wykona skanowanie. Wszystko co znajdzie usuń.
dinolord456 komentarz 21 marca 2010 Autor komentarz 21 marca 2010 Wkleiłem w okno OTL ten skrypt i nacisnąłem na Run Fix, po czym zresetował mi się komputer. Pobrałem Dr.Web, nagrałem na płytę CD którą umieściłem w stacji dysków, zrobiłem reset komputera przy którym naciskałem F11. Podczas uruchamiania komputera naciskając F11, nie odpalił mi się żaden program, a problem nie znikną.
dinolord456 komentarz 21 marca 2010 Autor komentarz 21 marca 2010 W biosie mam ustawione tak: 1st Boot Device [SDROM:SM-HL-DT-ST] 2nd Boot Device [HDD:BM-ST3250310AS] 3rd Boot Device [1st FLOPPY DRIVE] Wydaję mi się ze problem tkwi w niewłaściwym nagraniu płytki Dr.Web to obraz płyty, a ja nagrałem to jako dysk z danymi, zamiast nagrać obraz na dysku. Sprawdzę czy mam jakieś czyste CD, i nagram to jak trzeba. Co do tego bootowania wszystko jest ok ?
Psycholandia komentarz 21 marca 2010 komentarz 21 marca 2010 Chyba właśnie źle nagrałeś po prostu, a ustawione w biosie jest ok ^^ Daj znać po skanie.
dinolord456 komentarz 21 marca 2010 Autor komentarz 21 marca 2010 Jeszcze mam takie pytanie, ile czasu moze potrwac ten skan ?
Psycholandia komentarz 21 marca 2010 komentarz 21 marca 2010 To zależy od wielkości dysku. Ale skan ten trwa dość długo.
dinolord456 komentarz 21 marca 2010 Autor komentarz 21 marca 2010 (edytowane) A wiec, wykonalem skan ktory trwal jakies 1:30h. To co tak wykrylo po skanie kliknelem Select all a nastepnie Delete i zamknelem skaner. Wydaje mi sie ze po skanie zrobilem cos nie tak Moge juz wyjac plyte i odpalic komputer normalnie ? A moze musze jeszcze raz robic skan, jezeli tak powiedz mi prosze co mam nacisnac po ukonczeniu tego skanu. EDIT: Nie mam juz dzisiaj sil, jestem na nogach ponad 30 godzin, i doslownie padam na ryj. Jezeli wszystko zrobilem jak trzeba to ok, jezeli cos nie tak zrobie to jutro od nowa.
Psycholandia komentarz 21 marca 2010 komentarz 21 marca 2010 No kliknąłeś, żeby usunął znalezione szkodniki, więc ok. Problem nadal występuje?
dinolord456 komentarz 22 marca 2010 Autor komentarz 22 marca 2010 Dziękuję ci bardzo Natrętne okienko zniknęło, po skanie wszystkie pliki które wykrył Dr... były to pliki (exe) . Pliki te były zarażone przez Win32.Sector.16 oraz Trojan.MulDrop.39229, jeszcze raz dziekuje. Niestety, nadal nie mogę włączyć Menadżera zadań po wciśnięciu kombinacji Alt+Ctrl+Delete. Pojawia mi się o to taki komunikat http://img214.imageshack.us/i/beztytuusyy.jpg/ . Nie znam się, ale wydaje mi się ze to przez tego kontrolera IDE, który włącza mi się przy każdym uruchomieniu komputera. Czy mogę zaradzić coś na to, czy muszę kontaktować się z dostawcą komputera ? Dodam że po wpisaniu [u]regedit[/u] oraz [u]taskmgr[/u] Menadżer mi się nie włącza, i wyskakuje ten sam komunikat.
Psycholandia komentarz 22 marca 2010 komentarz 22 marca 2010 Wykonaj to: http://www.forumpc.pl/index.php?showtopic=56058 jeśli nie pomoże daj loga z Combofixa: http://www.forumpc.pl/index.php?showtopic=153621
dinolord456 komentarz 22 marca 2010 Autor komentarz 22 marca 2010 W tym rzecz że po wpisaniu regedit, wyskakuje mi takie info -> Edycja rejestru została wyłączona przez administratora sieci W takim razie mam zrobić tego loga w Combofix ?
dinolord456 komentarz 22 marca 2010 Autor komentarz 22 marca 2010 A o to i log z ComboFix'a [log]ComboFix 10-03-21.04 - Home XP 2010-03-22 15:32:34.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1530 [GMT 1:00] Uruchomiony z: c:\documents and settings\Home XP\Pulpit\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Dealio Toolbar c:\program files\Dealio Toolbar\FF\chrome.manifest c:\program files\Dealio Toolbar\FF\chrome\content\chevron.js c:\program files\Dealio Toolbar\FF\chrome\content\chevron.xul c:\program files\Dealio Toolbar\FF\chrome\content\login.js c:\program files\Dealio Toolbar\FF\chrome\content\login.xul c:\program files\Dealio Toolbar\FF\chrome\content\parser.js c:\program files\Dealio Toolbar\FF\chrome\content\RssTickerWidget.js c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.js c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.xul c:\program files\Dealio Toolbar\FF\chrome\content\widgichevron.js c:\program files\Dealio Toolbar\FF\chrome\content\widgicomm.js c:\program files\Dealio Toolbar\FF\chrome\content\widgihandling.js c:\program files\Dealio Toolbar\FF\chrome\content\widgilisteners.js c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.js c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.xul c:\program files\Dealio Toolbar\FF\chrome\content\widgiui.js c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\searchbox.dtd c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif c:\program files\Dealio Toolbar\FF\chrome\skin\amazon.gif c:\program files\Dealio Toolbar\FF\chrome\skin\apple.gif c:\program files\Dealio Toolbar\FF\chrome\skin\barnes.gif c:\program files\Dealio Toolbar\FF\chrome\skin\bestbuy.gif c:\program files\Dealio Toolbar\FF\chrome\skin\chevron.gif c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo.gif c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo_hover.gif c:\program files\Dealio Toolbar\FF\chrome\skin\ebay.gif c:\program files\Dealio Toolbar\FF\chrome\skin\icon_settings.gif c:\program files\Dealio Toolbar\FF\chrome\skin\macys.gif c:\program files\Dealio Toolbar\FF\chrome\skin\newegg.gif c:\program files\Dealio Toolbar\FF\chrome\skin\overstock.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search-button-hover.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search-button.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron-hover.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search_amazon.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search_dealio.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search_ebay.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search_yahoo.gif c:\program files\Dealio Toolbar\FF\chrome\skin\searchbox.css c:\program files\Dealio Toolbar\FF\chrome\skin\separator.gif c:\program files\Dealio Toolbar\FF\chrome\skin\target.gif c:\program files\Dealio Toolbar\FF\chrome\skin\walmart.gif c:\program files\Dealio Toolbar\FF\chrome\skin\widgitoolbarplugin.css c:\program files\Dealio Toolbar\FF\components\config.ini c:\program files\Dealio Toolbar\FF\components\dealioToolbarFF.dll c:\program files\Dealio Toolbar\FF\components\IFBHOHelperWidgiToolbar.xpt c:\program files\Dealio Toolbar\FF\components\IFBHOWidgiToolbar.xpt c:\program files\Dealio Toolbar\FF\install.rdf c:\program files\Dealio Toolbar\IE\4.0.2\config.ini c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll c:\program files\Dealio Toolbar\Res\amazon.gif c:\program files\Dealio Toolbar\Res\apple.gif c:\program files\Dealio Toolbar\Res\barnes.gif c:\program files\Dealio Toolbar\Res\bestbuy.gif c:\program files\Dealio Toolbar\Res\dealio_logo.gif c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif c:\program files\Dealio Toolbar\Res\ebay.gif c:\program files\Dealio Toolbar\Res\icon_settings.gif c:\program files\Dealio Toolbar\Res\macys.gif c:\program files\Dealio Toolbar\Res\newegg.gif c:\program files\Dealio Toolbar\Res\overstock.gif c:\program files\Dealio Toolbar\Res\search-button-hover.gif c:\program files\Dealio Toolbar\Res\search-button.gif c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif c:\program files\Dealio Toolbar\Res\search-chevron.gif c:\program files\Dealio Toolbar\Res\search_amazon.gif c:\program files\Dealio Toolbar\Res\search_dealio.gif c:\program files\Dealio Toolbar\Res\search_ebay.gif c:\program files\Dealio Toolbar\Res\search_yahoo.gif c:\program files\Dealio Toolbar\Res\target.gif c:\program files\Dealio Toolbar\Res\walmart.gif c:\program files\Dealio Toolbar\Res\widgets.xml c:\program files\Dealio Toolbar\SeARchsettings.dll c:\program files\Dealio Toolbar\SearchSettings.exe c:\program files\Dealio Toolbar\SearchSettingsRes409.dll c:\program files\Dealio Toolbar\sscfg.ini c:\program files\Dealio Toolbar\SSFF\chrome.manifest c:\program files\Dealio Toolbar\SSFF\chrome\content\plugin.js c:\program files\Dealio Toolbar\SSFF\chrome\content\plugin.xul c:\program files\Dealio Toolbar\SSFF\chrome\content\protection.js c:\program files\Dealio Toolbar\SSFF\chrome\content\utils.js c:\program files\Dealio Toolbar\SSFF\chrome\locale\en-US\searchsettingsplugin.dtd c:\program files\Dealio Toolbar\SSFF\chrome\locale\en-US\searchsettingsplugin.properties c:\program files\Dealio Toolbar\SSFF\chrome\skin\yahoo.xml c:\program files\Dealio Toolbar\SSFF\components\IFBHOSearch.xpt c:\program files\Dealio Toolbar\SSFF\components\IFBHOSearchHelperEngine.xpt c:\program files\Dealio Toolbar\SSFF\components\IFHelperPreferences.xpt c:\program files\Dealio Toolbar\SSFF\components\SearchSettingsFF.dll c:\program files\Dealio Toolbar\SSFF\components\sscfg.ini c:\program files\Dealio Toolbar\SSFF\install.rdf c:\program files\Dealio Toolbar\WidgiHelper.exe c:\windows\system\smss.exe . ((((((((((((((((((((((((( Pliki utworzone od 2010-02-22 do 2010-03-22 ))))))))))))))))))))))))))))))) . 2010-03-22 11:50 . 2010-03-22 11:50 177024 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\FlashGot.exe 2010-03-22 07:28 . 2010-03-22 07:28 -------- d--h--w- c:\windows\Icons 2010-03-22 07:11 . 2010-03-22 07:11 5594624 ----a-w- c:\documents and settings\All Users\Dane aplikacji\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe 2010-03-22 07:06 . 2010-03-22 07:06 2286592 ----a-w- c:\windows\system32\TUKernel.exe 2010-03-22 06:54 . 2010-03-22 06:54 604416 ----a-w- c:\windows\system32\TUProgSt.exe 2010-03-22 06:54 . 2009-04-27 13:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll 2010-03-22 06:54 . 2010-03-22 06:54 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2010-03-22 06:54 . 2010-03-22 06:54 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\TuneUp Software 2010-03-22 06:53 . 2010-03-22 06:54 -------- d-----w- c:\program files\TuneUp Utilities 2009 2010-03-22 06:53 . 2010-03-22 06:53 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TuneUp Software 2010-03-22 06:53 . 2010-03-22 06:53 -------- d-sh--w- c:\documents and settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357} 2010-03-22 05:47 . 2010-03-22 05:47 360584 ----a-w- c:\documents and settings\All Users\Dane aplikacji\avg9\update\backup\avgtdix.sys 2010-03-22 05:47 . 2010-03-22 05:47 28424 ----a-w- c:\documents and settings\All Users\Dane aplikacji\avg9\update\backup\avgmfx86.sys 2010-03-22 05:47 . 2010-03-22 05:47 333192 ----a-w- c:\documents and settings\All Users\Dane aplikacji\avg9\update\backup\avgldx86.sys 2010-03-22 05:46 . 2010-03-22 05:46 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-22 05:44 . 2010-03-22 05:36 1658136 ----a-w- c:\documents and settings\All Users\Dane aplikacji\avg9\update\backup\avgupd.dll 2010-03-22 05:44 . 2010-03-22 05:35 1007896 ----a-w- c:\documents and settings\All Users\Dane aplikacji\avg9\update\backup\avgupd.exe 2010-03-22 05:44 . 2010-03-22 05:35 800536 ----a-w- c:\documents and settings\All Users\Dane aplikacji\avg9\update\backup\avginet.dll 2010-03-22 05:44 . 2010-03-22 05:35 613656 ----a-w- c:\documents and settings\All Users\Dane aplikacji\avg9\update\backup\avgiproxy.exe 2010-03-21 09:35 . 2010-03-21 09:35 -------- d-----w- c:\program files\Lavalys 2010-03-21 08:12 . 2010-03-21 08:13 -------- d-----w- c:\windows\system32\NtmsData 2010-03-21 00:09 . 2010-03-21 00:09 -------- d-----w- C:\_OTL 2010-03-16 15:35 . 2010-03-16 15:35 -------- d-----w- c:\documents and settings\LocalService\Dane aplikacji\McAfee 2010-03-15 22:15 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll 2010-03-15 22:15 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll 2010-03-15 22:15 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll 2010-03-15 22:15 . 2008-07-10 10:01 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2010-03-15 22:15 . 2008-07-10 10:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2010-03-15 22:15 . 2008-07-10 10:00 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2010-03-15 22:15 . 2008-03-05 15:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll 2010-03-15 22:15 . 2008-03-05 15:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll 2010-03-15 22:15 . 2008-03-05 15:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll 2010-03-15 22:15 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll 2010-03-15 22:15 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll 2010-03-15 22:15 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll 2010-03-15 04:02 . 2010-03-15 04:02 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\InstallShield 2010-03-15 00:44 . 2010-03-15 00:44 1036288 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll 2010-03-14 17:16 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2010-03-14 15:16 . 2010-03-14 15:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee Security Scan 2010-03-14 15:16 . 2010-03-14 15:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee 2010-03-14 15:16 . 2010-03-16 15:35 -------- d-----w- c:\program files\McAfee Security Scan 2010-03-14 15:15 . 2010-03-14 22:49 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NOS 2010-03-13 19:03 . 2010-03-13 19:03 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2010-03-13 19:03 . 2010-03-13 19:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\InstallShield 2010-03-13 15:14 . 2010-03-21 04:15 20828160 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\rp\RealPlayerSPGold.exe 2010-03-13 15:14 . 2010-03-21 04:15 37376 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe 2010-03-13 15:12 . 2010-03-21 04:15 143360 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\chr_helper\LaunchHelper.exe 2010-03-13 15:12 . 2010-03-21 04:15 37376 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\chr\ChromeInstaller.exe 2010-03-13 15:10 . 2010-03-21 04:15 73728 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\RUP\vista.exe 2010-03-13 15:10 . 2010-03-13 15:10 64000 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\RUP\inst_config\gcapi_dll.dll 2010-03-13 15:10 . 2010-03-13 15:10 52288 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\RUP\inst_config\gtapi.dll 2010-03-13 15:10 . 2010-03-13 15:10 50688 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\RUP\inst_config\fftbapi.dll 2010-03-13 15:10 . 2010-03-13 15:10 49152 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\RUP\inst_config\CarboniteCompatibility.dll 2010-03-13 15:10 . 2010-03-13 15:10 118784 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Real\Update\setup3.10\RUP\inst_config\compat.dll 2010-03-13 14:46 . 2010-03-22 06:12 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\uTorrent 2010-03-13 14:46 . 2010-03-13 14:46 -------- d-----w- c:\program files\uTorrent 2010-03-11 01:50 . 2010-03-11 01:55 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\Hamachi 2010-03-09 23:36 . 2010-03-09 23:36 -------- d-----w- c:\program files\VALVe 2010-03-09 12:30 . 2010-03-09 12:30 -------- d-----w- c:\program files\Games 2010-03-09 05:55 . 2010-03-09 05:55 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\The Creative Assembly 2010-03-07 23:19 . 2010-03-07 23:19 -------- d-----w- c:\documents and settings\Home XP\WINDOWS 2010-03-01 14:04 . 2010-03-01 14:04 -------- d-----w- c:\windows\system32\wbem\Repository 2010-02-23 08:35 . 2010-03-21 00:00 -------- d-----w- c:\program files\Common Files\Ahead 2010-02-23 08:35 . 2010-02-23 08:35 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Nero 2010-02-23 08:23 . 2010-02-23 08:23 -------- d-----w- c:\documents and settings\Home XP\Ustawienia lokalne\Dane aplikacji\Help 2010-02-23 08:17 . 2010-02-23 08:17 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\LightScribe 2010-02-23 08:16 . 2010-03-20 13:19 -------- d-----w- c:\program files\Common Files\LightScribe . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-22 14:22 . 2010-02-06 18:21 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\avg9 2010-03-22 14:16 . 2009-12-21 19:05 -------- d-----w- c:\program files\BitComet 2010-03-22 07:39 . 2009-11-04 13:48 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\foobar2000 2010-03-22 06:10 . 2009-11-19 20:20 -------- d-----w- c:\program files\Picasa3 2010-03-22 06:08 . 2009-11-14 07:18 -------- d-----w- c:\program files\Google 2010-03-22 06:07 . 2009-11-25 21:53 -------- d-----w- c:\program files\Foto Studio 2010-03-22 05:46 . 2010-02-06 18:21 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-22 05:46 . 2010-02-06 18:21 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-03-22 05:46 . 2010-02-06 18:21 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-21 14:01 . 2009-11-04 09:57 24632 ----a-w- c:\documents and settings\Home XP\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-03-21 05:35 . 2009-11-04 12:23 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin 2010-03-21 05:04 . 2010-01-22 23:18 -------- d-----w- c:\program files\metin2pl 2010-03-21 05:02 . 2009-11-14 07:18 -------- d-----w- c:\program files\IrfanView 2010-03-21 02:00 . 2009-11-30 21:55 -------- d-----w- c:\program files\FrameShow 2010-03-21 02:00 . 2009-12-17 10:53 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP 2010-03-21 00:44 . 2009-11-04 13:46 -------- d-----w- c:\program files\Nowe Gadu-Gadu 2010-03-20 06:25 . 2009-12-17 21:46 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-03-20 04:40 . 2010-02-13 00:55 -------- d-----w- c:\program files\7-Zip 2010-03-19 02:16 . 2009-12-17 21:59 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\Ubisoft 2010-03-19 02:16 . 2009-12-17 21:57 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Ubisoft 2010-03-19 02:09 . 2010-03-19 02:09 -------- d-----w- c:\program files\Ubisoft 2010-03-19 02:09 . 2009-11-03 15:38 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-03-16 14:29 . 2009-11-04 12:27 1 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-03-15 08:52 . 2010-01-13 14:21 10 ----a-w- c:\windows\popcinfo.dat 2010-03-13 22:37 . 2009-12-04 07:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Skype 2010-03-13 22:31 . 2009-11-04 09:22 -------- d-----w- c:\program files\Common Files\Adobe 2010-03-13 20:34 . 2010-02-12 22:00 -------- d-----w- c:\program files\Winferno 2010-03-13 18:53 . 2009-11-03 15:38 -------- d-----w- c:\program files\Common Files\InstallShield 2010-03-11 01:50 . 2009-09-23 08:41 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys 2010-03-08 18:24 . 2009-11-04 13:46 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\Nowe Gadu-Gadu 2010-03-08 18:21 . 2010-01-26 17:37 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\skypePM 2010-03-04 15:34 . 2009-11-05 18:31 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM 2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr 2010-02-12 22:03 . 2010-02-12 22:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Winferno 2010-02-11 20:06 . 2010-02-06 18:21 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\AVG Security Toolbar 2010-02-06 18:21 . 2010-02-06 18:21 -------- d-----w- c:\program files\AVG 2010-02-06 09:57 . 2010-01-03 18:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2010-02-01 21:58 . 2010-02-01 21:58 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\Search Settings 2010-02-01 21:58 . 2010-02-01 21:58 -------- d-----w- c:\documents and settings\Home XP\Dane aplikacji\Dealio 2010-02-01 21:52 . 2010-02-01 21:52 -------- d-----w- c:\windows\system32\config\systemprofile\Dane aplikacji\Application Updater 2010-02-01 21:52 . 2010-02-01 21:52 -------- d-----w- c:\program files\Application Updater 2010-01-26 17:37 . 2010-01-26 17:37 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-01-20 11:15 . 2010-01-26 19:42 52224 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{ef468e5b-5b30-4136-a833-7f2e3a31afdf}\components\FFExternalAlert.dll 2010-01-20 11:15 . 2010-01-26 19:42 101376 ----a-w- c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{ef468e5b-5b30-4136-a833-7f2e3a31afdf}\components\RadioWMPCore.dll 2010-01-04 08:46 . 2009-11-04 09:06 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-31 16:50 . 2008-04-15 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-22 18:39 . 2009-12-22 18:39 922112 ------w- c:\windows\system32\imapi2fs.dll 2009-12-22 18:39 . 2009-12-22 18:39 426496 ------w- c:\windows\system32\imapi2.dll . ------- Sigcheck ------- [-] 2009-12-17 . CD00787894008369F56153B91FC28847 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2009-12-17 . CD00787894008369F56153B91FC28847 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\sp3qfe\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\sp3gdr\tcpip.sys [7] 2008-04-15 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2009-06-04 869888] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-03-21 450560] "BitComet"="c:\program files\BitComet\BitComet.exe" [2010-02-21 2969336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] "ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2010-03-21 380928] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-15 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-15 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-21 192512] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-11-26 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-11-26 1057064] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] c:\documents and settings\Home XP\Menu Start\Programy\Autostart\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="c:\documents and settings\All Users\Dane aplikacji\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-03-22 05:46 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\VALVe\\Counter-Strike Source\\hl2.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\metin2pl\\metin2.bin"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "d:\\Gry\\Metin 2\\KamerMod\\TheDarkmt2.exe"= "d:\\Gry\\Metin 2\\KamerMod\\XLasT.exe"= "d:\\Gry\\Metin 2\\KamerMod\\KXmetin.exe"= "d:\\Gry\\Metin 2\\KamerMod\\brosmt2_spol_by_iplaym2.exe"= "d:\\Gry\\Metin 2\\KamerMod\\dnkmt2_spol_by_lost.exe"= "d:\\Gry\\Metin 2\\xLast\\KXmetin.exe"= "c:\\Program Files\\Analog Devices\\SoundMAX\\smax4.exe"= "c:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"= "c:\\Program Files\\McAfee Security Scan\\2.0.181\\SSScheduler.exe"= "d:\\Gry\\Metin 2\\xLast\\csyt2_spol_by_chomikziom.exe"= "c:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "13290:TCP"= 13290:TCP:BitComet 13290 TCP "13290:UDP"= 13290:UDP:BitComet 13290 UDP "25484:TCP"= 25484:TCP:BitComet 25484 TCP "25484:UDP"= 25484:UDP:BitComet 25484 UDP "42365:TCP"= 42365:TCP:BitComet 42365 TCP "42365:UDP"= 42365:UDP:BitComet 42365 UDP R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-02-06 216200] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-02-06 242696] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-22 916760] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-22 308064] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-12-17 691696] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Zawartość folderu 'Zaplanowane zadania' 2010-03-22 c:\windows\Tasks\Konserwacja 1 kliknięciem.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 14:59] 2010-03-22 c:\windows\Tasks\User_Feed_Synchronization-{531C4D1C-BA08-44B5-B38F-487F5D106819}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://google.atcomet.com/b/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Funkcja Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Pobierz wszystkie VIdeo za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Pobierz za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm LSP: %SystemRoot%\system32\PrxerDrv.dll FF - ProfilePath - c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2447621&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://google.pl/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p= FF - component: c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll FF - component: c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{ef468e5b-5b30-4136-a833-7f2e3a31afdf}\components\FFExternalAlert.dll FF - component: c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\{ef468e5b-5b30-4136-a833-7f2e3a31afdf}\components\RadioWMPCore.dll FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\Home XP\Dane aplikacji\Mozilla\Firefox\Profiles\q7h06dwg.default\extensions\npnami@npnami.com\plugins\npnami.dll FF - plugin: c:\documents and settings\Home XP\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll FF - plugin: c:\program files\Picasa3\npPicasa3.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - USUNIĘTO PUSTE WPISY - - - - BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll HKLM-Run-SearchSettings - c:\program files\Dealio Toolbar\SearchSettings.exe ActiveSetup-{10880D85-AAD9-4558-ABDC-2AB1552D831F} - c:\program files\Common Files\LightScribe\LSRunOnce.exe AddRemove-HyperCam 2 - c:\program files\HyCam2\UnHyCam2.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-22 15:35 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\S-1-5-21-1935655697-413027322-1801674531-1004\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_USERS\S-1-5-21-1935655697-413027322-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DEF06DE5-7608-7AAE-BB69-2ED1F9BE7C5C}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "oaphhnehmhicehamcldngefkpoehng"=hex:61,69,66,6e,69,6a,64,6f,6b,65,6e,6d,68,65, 67,6d,68,63,65,6f,68,6a,6d,65,61,62,6a,6a,67,6f,62,6e,61,6a,68,6c,65,69,6d,\ "iacilmbiecnkmkjkbi"=hex:6b,61,6a,6d,62,64,6f,65,70,6c,61,61,62,64,6a,63,70,63, 62,6b,6b,70,00,00 "haaifkfpddkgemon"=hex:6a,61,67,6d,66,70,62,68,6d,6f,66,68,61,67,6e,67,6f,62, 6e,63,00,00 . Czas ukończenia: 2010-03-22 15:41:28 ComboFix-quarantined-files.txt 2010-03-22 14:41 Przed: 23 417 446 400 bajtów wolnych Po: 23 494 979 584 bajtów wolnych - - End Of File - - 25A368ED46D30BC0EC6B6CDCBA99DA10[/log]
dinolord456 komentarz 22 marca 2010 Autor komentarz 22 marca 2010 Wszystko wróciło do normy (prawie wszystko) Jestem ci naprawdę niezmiernie wdzięczny . Mam jeszcze ostatnie pytanie, we wcześniejszym poście załączyłem screna, jest tam komunikat odnośny instalacji sprzętu. Masz na to jakąś rade, czy po prostu muszę się udać do sklepu gdzie kupowałem komputer .
Psycholandia komentarz 22 marca 2010 komentarz 22 marca 2010 Wybieraj tam, żeby kontynuował instalację, często i u mnie tak jest
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.