Danci utworzono 28 sierpnia 2010 utworzono 28 sierpnia 2010 Zamieszczam ten log, gdyż wszystkie moje konta email zostały skradzione. Wydaje mi się, że może być to winą keyloggera, dlatego wstawiam go tutaj. Proszę o sprawdzenie. [log]OTL logfile created on: 2010-08-28 12:38:47 - Run 8 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Dawid\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18943) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 46,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 5,04 Gb Free Space | 10,32% Space Free | Partition Type: NTFS Drive D: | 547,34 Gb Total Space | 366,20 Gb Free Space | 66,91% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KOMPUTER-DAWIDA Current User Name: Dawid Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-28 12:37:29 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dawid\Downloads\OTL.exe PRC - [2010-08-27 10:56:24 | 000,080,384 | ---- | M] () -- D:\Programy\Tlen7\tlen7.exe PRC - [2010-07-23 04:15:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Programy\Mozilla Firefox\firefox.exe PRC - [2010-07-23 04:15:35 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Programy\Mozilla Firefox\plugin-container.exe PRC - [2010-03-25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009-09-18 16:52:03 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2009-08-31 10:37:03 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files (x86)\Thomson\ST330\service\st330service.exe PRC - [2009-08-31 10:37:03 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files (x86)\Thomson\ST330\diagnostics\diagnostics.exe PRC - [2009-07-21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- D:\Programy\Avira\AntiVir Desktop\avguard.exe PRC - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-05-13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- D:\Programy\Avira\AntiVir Desktop\sched.exe PRC - [2009-03-02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- D:\Programy\Avira\AntiVir Desktop\avgnt.exe PRC - [2008-01-21 04:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [psvc] PRC - [2007-01-02 22:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2006-12-10 22:52:38 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-12-10 22:51:08 | 000,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe PRC - [2006-12-03 01:14:03 | 000,310,784 | ---- | M] (http://autoconnect.prv.pl) -- D:\Programy\AutoConnect\AutoConnect.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-28 12:37:29 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dawid\Downloads\OTL.exe MOD - [2010-07-26 17:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-06-15 16:54:11 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-04-23 14:15:39 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-04-11 08:26:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-04-10 23:28:26 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-04-10 23:28:26 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-04-10 23:28:26 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-04-10 23:28:26 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-04-10 23:28:26 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-04-10 23:28:26 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-04-10 23:28:26 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-04-10 23:28:26 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2009-04-10 23:28:26 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-04-10 23:28:26 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-04-10 23:28:24 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2009-04-10 23:28:24 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-04-10 23:28:24 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-04-10 23:28:24 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2009-04-10 23:28:24 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll MOD - [2009-04-10 23:28:24 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-04-10 23:28:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-04-10 23:28:22 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-04-10 23:28:22 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-04-10 23:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-04-10 23:28:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll MOD - [2009-04-10 23:28:18 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-04-10 23:28:18 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-04-10 23:27:52 | 001,165,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-04-10 23:26:46 | 000,858,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-04-10 23:26:46 | 000,648,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-04-10 23:26:44 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-04-10 23:26:44 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-04-10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008-01-21 04:52:09 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2008-01-21 04:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2008-01-21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2008-01-21 04:50:15 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2008-01-21 04:50:01 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll MOD - [2008-01-21 04:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2008-01-21 04:49:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2008-01-21 04:49:34 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:[b]64bit:[/b] - [2010-05-25 08:45:38 | 000,119,632 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysNative\dgdersvc.exe -- (dgdersvc) SRV:[b]64bit:[/b] - [2009-07-15 04:14:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2008-01-21 04:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2006-05-11 18:43:34 | 000,607,352 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\Windows\SysNative\sfrem02.exe -- (sfrem02) SRV - [2010-05-25 08:44:30 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\dgdersvc.exe -- (dgdersvc) SRV - [2010-03-25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009-09-18 16:52:03 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-08-31 10:37:03 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files (x86)\Thomson\ST330\service\st330service.exe -- (st330service) SRV - [2009-07-21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Programy\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-05-13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Programy\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008-01-21 04:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-21 04:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp) DRV:[b]64bit:[/b] - [2010-08-16 20:51:50 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-05-25 08:45:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010-05-25 08:45:38 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv) DRV:[b]64bit:[/b] - [2010-04-27 04:25:22 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscemdm.sys -- (sscemdm) DRV:[b]64bit:[/b] - [2010-04-27 04:25:22 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM) DRV:[b]64bit:[/b] - [2010-04-27 04:25:22 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscemdfl.sys -- (sscemdfl) DRV:[b]64bit:[/b] - [2009-12-07 18:07:16 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2009-11-22 23:05:57 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2009-10-17 14:32:57 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2009-10-17 14:32:56 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2009-09-19 20:56:31 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2009-09-19 20:56:31 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2009-08-31 10:37:03 | 000,054,272 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stppp.sys -- (stppp) DRV:[b]64bit:[/b] - [2009-08-31 10:30:44 | 000,047,616 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\st330.sys -- (ST330) DRV:[b]64bit:[/b] - [2009-08-31 10:30:44 | 000,024,576 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stbus.sys -- (STBUS) DRV:[b]64bit:[/b] - [2009-07-15 06:23:28 | 006,096,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-06-29 14:59:00 | 000,116,240 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-03-27 02:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132) DRV:[b]64bit:[/b] - [2008-05-16 12:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s0016mdm.sys -- (s0016mdm) DRV:[b]64bit:[/b] - [2008-05-16 12:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) DRV:[b]64bit:[/b] - [2008-05-16 12:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV:[b]64bit:[/b] - [2008-05-16 12:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s0016obex.sys -- (s0016obex) DRV:[b]64bit:[/b] - [2008-05-16 12:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) DRV:[b]64bit:[/b] - [2008-05-16 12:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s0016mdfl.sys -- (s0016mdfl) DRV:[b]64bit:[/b] - [2008-05-16 12:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV:[b]64bit:[/b] - [2008-02-14 08:56:14 | 000,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:[b]64bit:[/b] - [2008-01-09 11:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\seehcri.sys -- (seehcri) DRV:[b]64bit:[/b] - [2007-11-26 05:16:32 | 000,086,016 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2006-12-21 17:14:33 | 000,080,768 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfsync05.sys -- (sfsync05) FrontLine Synchronization Driver (v5) DRV:[b]64bit:[/b] - [2006-09-18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2006-09-11 13:59:44 | 000,074,616 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv02.sys -- (sfdrv02) FrontLine Environment Driver (v2) DRV - [2010-05-25 08:45:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2010-05-25 08:44:30 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {350736e0-c692-43f3-bff2-7a25c6cb71be} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-205718230-3986867544-357689487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?ptnrS=ZJfox000&ptb=N5VaTopNyW3.XzGGbz4aXQ IE - HKU\S-1-5-21-205718230-3986867544-357689487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-205718230-3986867544-357689487-1000\..\URLSearchHook: {350736e0-c692-43f3-bff2-7a25c6cb71be} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-205718230-3986867544-357689487-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Programy\Mozilla Firefox\components [2010-08-09 12:59:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Programy\Mozilla Firefox\plugins [2010-08-09 12:59:31 | 000,000,000 | ---D | M] O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programy\jr6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-205718230-3986867544-357689487-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O4:[b]64bit:[/b] - HKLM..\Run: [diagnostics] C:\Program Files (x86)\Thomson\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Programy\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] D:\Programy\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-205718230-3986867544-357689487-1000..\Run: [AutoConnect] D:\Programy\AutoConnect\AutoConnect.exe (http://autoconnect.prv.pl) O4 - Startup: C:\Users\All Users\Adobe [2010-01-29 16:16:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ALLPlayer [2010-07-11 20:23:05 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Application Data [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\ashampoo [2009-10-21 20:00:18 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ATI [2009-08-30 11:46:40 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Avira [2009-09-01 18:30:27 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\BVRP Software [2009-09-19 20:31:33 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\DAEMON Tools Lite [2009-10-13 16:20:49 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Dane aplikacji [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Desktop [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Digsby [2010-02-13 17:39:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Documents [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Dokumenty [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Electronic Arts [2010-08-09 12:52:15 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ezsidmv.dat () O4 - Startup: C:\Users\All Users\Favorites [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Gadu-Gadu 10 [2010-01-30 14:34:07 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\HP [2010-02-25 22:12:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\HPSSUPPLY [2010-03-14 16:48:51 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\hpzinstall.log () O4 - Startup: C:\Users\All Users\ipla [2010-05-14 17:20:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Malwarebytes [2009-10-18 15:34:20 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Media Center Programs [2009-09-18 16:51:23 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Menu Start [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Microsoft [2009-10-11 20:00:58 | 000,000,000 | --SD | M] O4 - Startup: C:\Users\All Users\Nero [2010-08-16 22:08:14 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\OpenFM [2010-01-16 16:48:48 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Pulpit [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Real [2009-09-04 15:16:01 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Samsung [2010-07-05 17:10:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Skype [2009-09-08 20:36:21 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Solidshield [2010-01-12 16:43:21 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Start Menu [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Sun [2010-04-18 18:11:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Szablony [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Templates [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Test Drive Unlimited [2010-03-19 22:09:38 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Tlen.pl [2010-01-30 20:08:41 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Trymedia [2010-08-18 14:46:32 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ubisoft [2009-08-31 12:45:17 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ulubione [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\WEBREG [2010-02-25 21:48:53 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Winferno [2010-02-13 17:39:00 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\{0151C9FC-719D-4459-B1E2-4685CC6E62A8} [2009-09-18 16:32:33 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\All Users\{0691F710-1ECA-4B5A-9727-25554F1BFDC6} [2009-09-18 16:17:29 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\AppData\LocalLow [2009-10-14 10:36:50 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\.gimp-2.6 [2010-06-24 19:59:37 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\.gstreamer-0.10 [2009-11-21 17:23:17 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\.recently-used.xbel () O4 - Startup: C:\Users\Dawid\.thumbnails [2010-06-10 14:12:00 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\AppData [2009-08-30 11:30:12 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Dawid\Application Data [2010-06-02 16:00:11 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\Contacts [2009-08-30 11:30:03 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Cookies [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Dane aplikacji [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Desktop [2010-08-23 20:01:23 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Documents [2010-08-19 19:51:23 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Downloads [2010-08-28 12:37:28 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Favorites [2009-08-30 11:30:13 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Links [2009-08-30 11:30:15 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Menu Start [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Moje dokumenty [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Music [2009-08-30 11:30:12 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\NetHood [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\ntuser.dat () O4 - Startup: C:\Users\Dawid\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Dawid\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Dawid\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf () O4 - Startup: C:\Users\Dawid\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Dawid\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Dawid\ntuser.dat{eed25146-bbd8-11de-9b2a-c4ae4b0b07ed}.TM.blf () O4 - Startup: C:\Users\Dawid\ntuser.dat{eed25146-bbd8-11de-9b2a-c4ae4b0b07ed}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Dawid\ntuser.dat{eed25146-bbd8-11de-9b2a-c4ae4b0b07ed}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Dawid\ntuser.ini () O4 - Startup: C:\Users\Dawid\ntuser.pol () O4 - Startup: C:\Users\Dawid\Pictures [2010-08-19 13:56:56 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\PrintHood [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Recent [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Saved Games [2009-10-17 14:52:38 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Searches [2009-08-30 11:30:15 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\SendTo [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Szablony [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Tlen_downloads [2010-08-23 22:12:56 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\Ustawienia lokalne [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Videos [2009-08-30 11:30:12 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\AppData [2006-11-02 15:33:54 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Default\Application Data [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Cookies [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Dane aplikacji [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Desktop [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Documents [2009-08-30 11:28:21 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Downloads [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Favorites [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Links [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Local Settings [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Menu Start [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Moje dokumenty [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Music [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\My Documents [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NetHood [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NTUSER.DAT () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG () O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Default\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf () O4 - Startup: C:\Users\Default\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Default\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Default\Pictures [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\PrintHood [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Recent [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Saved Games [2006-11-02 14:34:32 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Default\SendTo [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Start Menu [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Szablony [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Templates [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Ustawienia lokalne [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Videos [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Desktop [2010-08-23 14:03:03 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Documents [2009-11-07 16:21:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Downloads [2006-11-02 17:25:49 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Favorites [2006-11-02 14:34:32 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Music [2006-11-02 17:25:49 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Pictures [2006-11-02 17:25:49 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Recorded TV [2006-11-02 17:07:25 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Public\Videos [2006-11-02 17:25:49 | 000,000,000 | R--D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-205718230-3986867544-357689487-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-205718230-3986867544-357689487-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-205718230-3986867544-357689487-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-07-07 16:08:44 | 000,007,750 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{129cc424-cacc-11de-bc2d-bd3812cb495d}\Shell - "" = AutoRun O33 - MountPoints2\{129cc424-cacc-11de-bc2d-bd3812cb495d}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found O33 - MountPoints2\{73a1e68e-b803-11de-b5b4-804ddc2d7cab}\Shell - "" = AutoRun O33 - MountPoints2\{73a1e68e-b803-11de-b5b4-804ddc2d7cab}\Shell\AutoRun\command - "" = F:\cdstart.exe -- File not found O33 - MountPoints2\{cb7c1957-51da-11df-84e2-c56a198185b1}\Shell - "" = AutoRun O33 - MountPoints2\{cb7c1957-51da-11df-84e2-c56a198185b1}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig:64bit - StartUpFolder: C:^Users^Dawid^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FIFA 10 Registration.lnk - D:\Programy\FIFA 10\Support\EAregister.exe - (Leader Technologies) MsConfig:64bit - StartUpFolder: C:^Users^Dawid^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk - C:\PROGRA~2\Hamachi\hamachi.exe - File not found MsConfig:64bit - StartUpFolder: C:^Users^Dawid^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk - D:\Programy\Open Office\OpenOffice.org 3\program\quickstart.exe - () MsConfig:64bit - StartUpReg: [b]AlcoholAutomount[/b] - hkey= - key= - D:\Programy\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) MsConfig:64bit - StartUpReg: [b]Comrade.exe[/b] - hkey= - key= - C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.) MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - D:\Programy\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: [b]EA Core[/b] - hkey= - key= - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe File not found MsConfig:64bit - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - d:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig:64bit - StartUpReg: [b]Innerpass[/b] - hkey= - key= - C:\ProgramData\Skype\Plugins\Plugins\9E0D937F462E4362A83B254A9F8AB3F8\InnerPassFileSharing.exe (InnerPass, Inc.) MsConfig:64bit - StartUpReg: [b]IPLA![/b] - hkey= - key= - D:\Programy\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig:64bit - StartUpReg: [b]KiesTrayAgent[/b] - hkey= - key= - D:\Programy\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) MsConfig:64bit - StartUpReg: [b]Malwarebytes Anti-Malware (reboot)[/b] - hkey= - key= - D:\Programy\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) MsConfig:64bit - StartUpReg: [b]NBAgent[/b] - hkey= - key= - D:\Programy\nero dziesienć\Nero BackItUp\NBAgent.exe (Nero AG) MsConfig:64bit - StartUpReg: [b]PWRISOVM.EXE[/b] - hkey= - key= - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE File not found MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - StartUpReg: [b]Sony Ericsson PC Suite[/b] - hkey= - key= - D:\Programy\Sony Ericsson PC Suite\SEPCSuite.exe File not found MsConfig:64bit - StartUpReg: [b]Tlen.pl[/b] - hkey= - key= - D:\Programy\Tlen7\tlen7.exe () MsConfig:64bit - StartUpReg: [b]WinampAgent[/b] - hkey= - key= - D:\Programy\Winamp\winampa.exe () MsConfig:64bit - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfPf - Driver SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-18 14:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia [2010-08-16 22:02:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2010-08-16 22:02:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2010-08-15 22:47:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Asprate [2010-08-09 13:12:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-08-08 18:39:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010-07-05 17:12:16 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscewhnt.sys [2010-07-05 17:12:16 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscewh.sys [2010-07-05 17:12:15 | 000,161,280 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscemdm.sys [2010-07-05 17:12:15 | 000,127,488 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscebus.sys [2010-07-05 17:12:15 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscemdfl.sys [2010-07-05 17:12:15 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscecmnt.sys [2010-07-05 17:12:15 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscecm.sys [2010-07-05 17:10:25 | 000,020,480 | ---- | C] (Teruten Inc) -- C:\Windows\SysWow64\FsExService64.Exe [2010-07-05 17:10:25 | 000,016,392 | ---- | C] (Teruten Inc) -- C:\Windows\SysWow64\drivers\TFsExDisk.Sys [2010-07-05 17:10:25 | 000,016,392 | ---- | C] (Teruten Inc) -- C:\Windows\SysNative\drivers\TFsExDisk.sys [2010-07-05 17:10:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution [2010-07-05 17:10:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2010-07-05 17:10:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny [2010-07-05 17:09:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Samsung [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-28 12:40:27 | 006,029,312 | -HS- | M] () -- C:\Users\Dawid\ntuser.dat [2010-08-28 11:19:59 | 001,683,170 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010-08-28 11:19:59 | 000,736,776 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2010-08-28 11:19:59 | 000,655,020 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010-08-28 11:19:59 | 000,165,092 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2010-08-28 11:19:59 | 000,128,814 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010-08-28 11:13:30 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\PCConfidential.job [2010-08-28 11:13:27 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-08-28 11:13:27 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-08-28 11:13:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-08-28 11:13:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-08-28 11:13:18 | 4294,086,656 | -HS- | M] () -- C:\hiberfil.sys [2010-08-27 11:08:05 | 000,524,288 | -HS- | M] () -- C:\Users\Dawid\ntuser.dat{eed25146-bbd8-11de-9b2a-c4ae4b0b07ed}.TMContainer00000000000000000001.regtrans-ms [2010-08-27 11:08:05 | 000,065,536 | -HS- | M] () -- C:\Users\Dawid\ntuser.dat{eed25146-bbd8-11de-9b2a-c4ae4b0b07ed}.TM.blf [2010-08-23 14:03:03 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\ALLConverter to PSP.lnk [2010-08-19 23:15:30 | 462,029,357 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010-08-16 20:51:50 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2010-08-15 22:47:37 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\Tibia MULTI-IP Changer.lnk [2010-08-15 22:38:20 | 000,000,573 | ---- | M] () -- C:\Users\Public\Desktop\Tibia.lnk [2010-08-13 17:39:20 | 000,247,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010-08-09 14:30:38 | 000,000,179 | ---- | M] () -- C:\Windows\win.ini [2010-08-09 13:12:12 | 000,000,601 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-08-09 10:11:51 | 000,000,533 | ---- | M] () -- C:\Users\Public\Desktop\Gothic.lnk [2010-07-05 17:10:06 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-23 14:03:03 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\ALLConverter to PSP.lnk [2010-08-19 23:15:30 | 462,029,357 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010-08-15 22:47:36 | 000,002,020 | ---- | C] () -- C:\Users\Public\Desktop\Tibia MULTI-IP Changer.lnk [2010-08-15 22:38:20 | 000,000,573 | ---- | C] () -- C:\Users\Public\Desktop\Tibia.lnk [2010-08-12 22:12:34 | 4294,086,656 | -HS- | C] () -- C:\hiberfil.sys [2010-08-12 22:12:34 | 4294,086,656 | -HS- | C] () -- [2010-08-09 13:12:12 | 000,000,601 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-08-09 10:11:51 | 000,000,533 | ---- | C] () -- C:\Users\Public\Desktop\Gothic.lnk [2010-07-07 11:22:00 | 000,007,750 | ---- | C] () -- \AutoMapaSetupLog.txt [2010-07-05 17:09:05 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp [2010-07-05 17:09:05 | 000,002,006 | ---- | C] () -- \aqua_bitmap.cpp [2010-05-25 08:45:24 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2010-05-25 08:45:24 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2010-05-25 08:45:24 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2010-05-25 08:45:24 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2010-04-24 19:13:26 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-04-24 19:13:26 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-04-24 19:13:25 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-04-24 19:13:24 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010-04-24 19:13:24 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2010-02-25 21:41:36 | 000,000,804 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009-10-04 12:39:30 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-10-04 12:39:24 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009-09-18 16:35:48 | 001,571,360 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009-09-10 14:15:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-08-30 12:14:50 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2009-08-30 12:14:49 | 000,333,257 | RHS- | C] () -- \bootmgr [2009-08-30 11:15:50 | 312,745,983 | -HS- | C] () -- [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008-01-21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [color=#E56717]========== LOP Check ==========[/color] [2010-07-11 20:23:05 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALLPlayer [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data [2009-10-21 20:00:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo [2009-09-19 20:31:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\BVRP Software [2009-10-13 16:20:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\DAEMON Tools Lite [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dane aplikacji [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumenty [2010-08-09 12:52:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites [2010-01-30 14:34:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Gadu-Gadu 10 [2010-05-14 17:20:29 | 000,000,000 | ---D | M] -- C:\Users\All Users\ipla [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Menu Start [2010-01-16 16:48:48 | 000,000,000 | ---D | M] -- C:\Users\All Users\OpenFM [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Pulpit [2010-07-05 17:10:29 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung [2010-01-12 16:43:21 | 000,000,000 | ---D | M] -- C:\Users\All Users\Solidshield [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Szablony [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates [2010-03-19 22:09:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\Test Drive Unlimited [2010-01-30 20:08:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Tlen.pl [2009-08-31 12:45:17 | 000,000,000 | ---D | M] -- C:\Users\All Users\Ubisoft [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Ulubione [2010-02-13 17:39:00 | 000,000,000 | ---D | M] -- C:\Users\All Users\Winferno [2009-09-18 16:32:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\{0151C9FC-719D-4459-B1E2-4685CC6E62A8} [2009-09-18 16:17:29 | 000,000,000 | -H-D | M] -- C:\Users\All Users\{0691F710-1ECA-4B5A-9727-25554F1BFDC6} [2009-10-14 10:36:50 | 000,000,000 | ---D | M] -- C:\Users\AppData\LocalLow [2010-06-24 19:59:37 | 000,000,000 | ---D | M] -- C:\Users\Dawid\.gimp-2.6 [2009-11-21 17:23:17 | 000,000,000 | ---D | M] -- C:\Users\Dawid\.gstreamer-0.10 [2010-06-10 14:12:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\.thumbnails [2009-08-30 11:30:12 | 000,000,000 | -H-D | M] -- C:\Users\Dawid\AppData [2010-06-02 16:00:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\Application Data [2009-08-30 11:30:03 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Contacts [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\Cookies [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\Dane aplikacji [2010-08-23 20:01:23 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Desktop [2010-08-19 19:51:23 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Documents [2010-08-28 12:37:28 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Downloads [2009-08-30 11:30:13 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Favorites [2009-08-30 11:30:15 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Links [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\Menu Start [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\Moje dokumenty [2009-08-30 11:30:12 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Music [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\NetHood [2010-08-19 13:56:56 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Pictures [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\PrintHood [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\Recent [2009-10-17 14:52:38 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Saved Games [2009-08-30 11:30:15 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Searches [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\SendTo [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\Szablony [2010-08-23 22:12:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\Tlen_downloads [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] -- C:\Users\Dawid\Ustawienia lokalne [2009-08-30 11:30:12 | 000,000,000 | R--D | M] -- C:\Users\Dawid\Videos [2006-11-02 15:33:54 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\Default\Dane aplikacji [2006-11-02 14:34:32 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop [2009-08-30 11:28:21 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents [2006-11-02 14:34:32 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads [2006-11-02 14:34:32 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites [2006-11-02 14:34:32 | 000,000,000 | R--D | M] -- C:\Users\Default\Links [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\Default\Menu Start [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\Default\Moje dokumenty [2006-11-02 14:34:32 | 000,000,000 | R--D | M] -- C:\Users\Default\Music [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood [2006-11-02 14:34:32 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent [2006-11-02 14:34:32 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\Default\Szablony [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] -- C:\Users\Default\Ustawienia lokalne [2006-11-02 14:34:32 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos [2010-08-23 14:03:03 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop [2009-11-07 16:21:44 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents [2006-11-02 17:25:49 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads [2006-11-02 14:34:32 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites [2006-11-02 17:25:49 | 000,000,000 | R--D | M] -- C:\Users\Public\Music [2006-11-02 17:25:49 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures [2006-11-02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\Public\Recorded TV [2006-11-02 17:25:49 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos [2010-08-28 11:13:30 | 000,000,440 | ---- | M] () -- C:\Windows\Tasks\PCConfidential.job [2010-08-27 11:08:09 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-07-05 17:10:06 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp [2010-07-07 16:08:44 | 000,007,750 | ---- | M] () -- C:\AutoMapaSetupLog.txt [2009-04-10 23:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2009-08-30 12:14:50 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010-08-28 11:13:18 | 4294,086,656 | -HS- | M] () -- C:\hiberfil.sys [2010-08-28 11:13:17 | 312,745,983 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-01-21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2009-04-11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 04:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys [2009-04-10 22:34:40 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-01-21 04:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys [2009-04-11 00:15:36 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 00:11:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008-01-21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe [2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe [2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < End of report > [/log]
Sohei komentarz 29 sierpnia 2010 komentarz 29 sierpnia 2010 jakbyś mógł wklej nowego loga z OTL bo w tym chyba błąd wystąpił . Dodatkowo Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url] Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url] Co znajda usun po czym daj logi z usuwania
Tomek01 komentarz 29 sierpnia 2010 komentarz 29 sierpnia 2010 U mnie poszło Sohei Dziwna sprawa. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL IE - HKU\S-1-5-21-205718230-3986867544-357689487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsea...NyW3.XzGGbz4aXQ O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-205718230-3986867544-357689487-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - Startup: C:\Users\All Users\Adobe [2010-01-29 16:16:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ALLPlayer [2010-07-11 20:23:05 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Application Data [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\ashampoo [2009-10-21 20:00:18 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ATI [2009-08-30 11:46:40 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Avira [2009-09-01 18:30:27 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\BVRP Software [2009-09-19 20:31:33 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\DAEMON Tools Lite [2009-10-13 16:20:49 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Dane aplikacji [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Desktop [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Digsby [2010-02-13 17:39:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Documents [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Dokumenty [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Electronic Arts [2010-08-09 12:52:15 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ezsidmv.dat () O4 - Startup: C:\Users\All Users\Favorites [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Gadu-Gadu 10 [2010-01-30 14:34:07 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\HP [2010-02-25 22:12:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\HPSSUPPLY [2010-03-14 16:48:51 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\hpzinstall.log () O4 - Startup: C:\Users\All Users\ipla [2010-05-14 17:20:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Malwarebytes [2009-10-18 15:34:20 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Media Center Programs [2009-09-18 16:51:23 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Menu Start [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Microsoft [2009-10-11 20:00:58 | 000,000,000 | --SD | M] O4 - Startup: C:\Users\All Users\Nero [2010-08-16 22:08:14 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\OpenFM [2010-01-16 16:48:48 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Pulpit [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Real [2009-09-04 15:16:01 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Samsung [2010-07-05 17:10:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Skype [2009-09-08 20:36:21 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Solidshield [2010-01-12 16:43:21 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Start Menu [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Sun [2010-04-18 18:11:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Szablony [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Templates [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Test Drive Unlimited [2010-03-19 22:09:38 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Tlen.pl [2010-01-30 20:08:41 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Trymedia [2010-08-18 14:46:32 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ubisoft [2009-08-31 12:45:17 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ulubione [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\WEBREG [2010-02-25 21:48:53 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Winferno [2010-02-13 17:39:00 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\{0151C9FC-719D-4459-B1E2-4685CC6E62A8} [2009-09-18 16:32:33 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\All Users\{0691F710-1ECA-4B5A-9727-25554F1BFDC6} [2009-09-18 16:17:29 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\AppData\LocalLow [2009-10-14 10:36:50 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\.gimp-2.6 [2010-06-24 19:59:37 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\.gstreamer-0.10 [2009-11-21 17:23:17 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\.recently-used.xbel () O4 - Startup: C:\Users\Dawid\.thumbnails [2010-06-10 14:12:00 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\AppData [2009-08-30 11:30:12 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Dawid\Application Data [2010-06-02 16:00:11 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\Contacts [2009-08-30 11:30:03 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Cookies [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Dane aplikacji [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Desktop [2010-08-23 20:01:23 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Documents [2010-08-19 19:51:23 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Downloads [2010-08-28 12:37:28 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Favorites [2009-08-30 11:30:13 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Links [2009-08-30 11:30:15 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Menu Start [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Moje dokumenty [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Music [2009-08-30 11:30:12 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\NetHood [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\ntuser.dat ()O4 - Startup: C:\Users\Dawid\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Dawid\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Dawid\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf () O4 - Startup: C:\Users\Dawid\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Dawid\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Dawid\ntuser.dat{eed25146-bbd8-11de-9b2a-c4ae4b0b07ed}.TM.blf () O4 - Startup: C:\Users\Dawid\ntuser.dat{eed25146-bbd8-11de-9b2a-c4ae4b0b07ed}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Dawid\ntuser.dat{eed25146-bbd8-11de-9b2a-c4ae4b0b07ed}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Dawid\ntuser.ini () O4 - Startup: C:\Users\Dawid\ntuser.pol () O4 - Startup: C:\Users\Dawid\Pictures [2010-08-19 13:56:56 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\PrintHood [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Recent [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Saved Games [2009-10-17 14:52:38 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\Searches [2009-08-30 11:30:15 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Dawid\SendTo [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Szablony [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Tlen_downloads [2010-08-23 22:12:56 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Dawid\Ustawienia lokalne [2009-08-30 11:29:59 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Dawid\Videos [2009-08-30 11:30:12 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\AppData [2006-11-02 15:33:54 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Default\Application Data [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Cookies [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Dane aplikacji [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Desktop [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Documents [2009-08-30 11:28:21 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Downloads [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Favorites [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Links [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Local Settings [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Menu Start [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Moje dokumenty [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Music [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\My Documents [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NetHood [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NTUSER.DAT () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG () O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Default\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf () O4 - Startup: C:\Users\Default\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Default\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Default\Pictures [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\PrintHood [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Recent [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Saved Games [2006-11-02 14:34:32 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Default\SendTo [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Start Menu [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Szablony [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Templates [2006-11-02 17:42:17 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Ustawienia lokalne [2009-08-30 11:28:21 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Videos [2006-11-02 14:34:32 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Desktop [2010-08-23 14:03:03 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Documents [2009-11-07 16:21:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Downloads [2006-11-02 17:25:49 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Favorites [2006-11-02 14:34:32 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Music [2006-11-02 17:25:49 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Pictures [2006-11-02 17:25:49 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Recorded TV [2006-11-02 17:07:25 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Public\Videos [2006-11-02 17:25:49 | 000,000,000 | R--D | M] :Files C:\Program Files (x86)\Ask.com :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi OTL i RSIT. Wykonaj to co zalecił Sohei.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.