asaqa utworzono 6 lutego 2011 utworzono 6 lutego 2011 Witam Mam problem z niechcianym qooqle. Ustawia mi się jako główna przeglądarka i pomimo zmiany, po restarcie wraca z powrotem do qooqle. Byłbym wdzięczny za pomoc. Oto moje logi: [attachment=14667:Extras.Txt] [log][log] OTL logfile created on: 2011-02-06 15:16:20 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Remigiusz\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 023,00 Mb Total Physical Memory | 278,00 Mb Available Physical Memory | 27,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 40,10 Gb Total Space | 12,78 Gb Free Space | 31,86% Space Free | Partition Type: NTFS Drive D: | 95,12 Gb Total Space | 14,44 Gb Free Space | 15,18% Space Free | Partition Type: NTFS Drive E: | 97,66 Gb Total Space | 9,36 Gb Free Space | 9,59% Space Free | Partition Type: NTFS Computer Name: OLDSKUL | User Name: Remigiusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-06 15:13:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Remigiusz\Pulpit\OTL.exe PRC - [2011-02-06 11:57:47 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011-02-06 11:57:46 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-03 20:58:04 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-09-15 04:50:54 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-09-11 02:25:14 | 000,606,208 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2010-09-01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009-12-03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2009-10-01 01:57:18 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe PRC - [2009-09-14 08:00:00 | 000,200,704 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIGDE.EXE PRC - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-07-01 09:02:28 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2008-07-01 09:01:04 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 21:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-07-09 08:39:12 | 002,119,104 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2007-03-21 15:49:20 | 016,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2006-12-23 17:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006-12-23 17:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2006-12-23 16:54:04 | 000,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2006-12-14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-05-16 10:22:58 | 000,614,400 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe PRC - [2005-08-02 21:50:00 | 000,233,472 | ---- | M] () -- C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe PRC - [2004-08-04 13:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2004-06-27 14:38:58 | 000,503,808 | ---- | M] () -- C:\Program Files\Multimedia Combo Set\MouseDrv.exe PRC - [2004-05-28 22:08:52 | 000,520,192 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe PRC - [2004-02-12 12:38:56 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-06 15:13:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Remigiusz\Pulpit\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 21:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-12-21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-02-06 11:57:46 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2008-07-01 09:08:00 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2008-07-01 09:02:28 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-01-02 19:31:29 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2011-01-02 19:31:28 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-12-03 10:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010-12-03 10:05:33 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2010-10-20 15:43:18 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-09-11 03:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-09-10 02:24:12 | 000,062,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21) DRV - [2008-07-01 09:04:40 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-07-01 08:57:14 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv) DRV - [2008-07-01 08:56:22 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-04-24 16:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\LUMDriver.sys -- (LUMDriver) DRV - [2007-03-26 20:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-03-15 15:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001) DRV - [2006-12-28 17:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2006-05-04 18:02:58 | 000,380,928 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) DRV - [2004-08-13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-507921405-1326574676-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-02-06 11:19:50 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-06 11:19:49 | 000,000,000 | ---D | M] [2010-09-04 22:20:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Extensions [2011-02-06 12:10:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\extensions [2010-09-08 20:01:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-11 00:58:17 | 000,000,000 | ---D | M] ("FoxTrick") -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba} [2010-10-21 20:11:01 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\extensions\vshare@toolbar [2011-02-06 15:08:11 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\searchplugins\search.xml [2011-02-06 12:10:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-09-23 12:58:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-12-03 11:07:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-09-23 12:58:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [Readar_sl] C:\Documents and Settings\Remigiusz\Dane aplikacji\Readar_sl.exe (Created with WinAutomation (http://www.WinAutomation.com)) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [TunesHelper] C:\Documents and Settings\All Users\TunesHelper.exe () O4 - HKLM..\Run: [WireLessKeyboard ] C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe () O4 - HKLM..\Run: [WireLessMouse ] C:\Program Files\Multimedia Combo Set\MouseDrv.exe () O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-507921405-1326574676-682003330-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-507921405-1326574676-682003330-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-507921405-1326574676-682003330-1003..\Run: [EPSON SX218 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-507921405-1326574676-682003330-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Image Zone - szybkie uruchamianie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-1326574676-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.) O16 - DPF: {1F831FAC-42FC-11D4-95A6-0080AD30DCE1} file://C:\Program Files\AutoCAD LT 2000i Plk\InstFred.ocx (NOXLATE) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Program Files\AutoCAD LT 2000i Plk\AcDcToday.ocx (AcDcToday) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD LT 2000i Plk\AcPreview.ocx (AcPreview Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.80.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-09-04 22:47:39 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-06 15:13:03 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Remigiusz\Pulpit\OTL.exe [2011-02-06 11:58:39 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2011-02-06 11:58:35 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-02-06 11:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\Sunbelt Software [2011-02-06 11:45:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} [2011-02-06 11:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2011-02-06 11:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavasoft [2011-02-06 11:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft [2011-02-03 20:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SubEdit-Player [2011-02-03 20:27:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Real Alternative [2011-02-03 20:27:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2011-02-03 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2011-02-03 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Real [2011-02-03 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real [2011-02-03 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Media Player Classic [2011-02-03 20:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack [2011-02-03 20:27:11 | 000,389,120 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm [2011-02-03 20:27:08 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll [2011-02-03 20:27:08 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm [2011-02-03 20:27:04 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2011-02-03 20:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ffdshow [2011-02-03 20:26:35 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll [2011-02-03 20:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow [2011-02-03 20:26:05 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter [2011-02-03 20:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Menu Start\Programy\AC3Filter [2011-02-03 20:13:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Moje dokumenty\Pobieranie [2011-02-03 09:18:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Moje dokumenty\DivX Movies [2011-02-03 09:17:36 | 000,311,296 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Readar_sl.exe [2011-01-31 16:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Menu Start\Programy\JoWooD Productions [2011-01-27 00:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Microsoft Games [2011-01-27 00:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Menu Start\Programy\Microsoft Games [2011-01-26 23:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Xbox 360 Accessories [2011-01-26 23:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2011-01-22 11:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESET [2011-01-05 06:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2011-01-05 06:49:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2011-01-05 06:49:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2011-01-05 06:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2011-01-03 12:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2011-01-02 19:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NVIDIA Corporation [2011-01-02 19:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2011-01-02 19:31:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2011-01-02 19:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-12-29 00:48:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Pulpit\Koniec Świata - Oranżada [2010-12-28 21:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Pulpit\Koniec Świata - Burgerbar [2010-12-28 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Pulpit\Koniec Świata - Korzenie [2010-12-27 20:54:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Remigiusz\Moje dokumenty\Moja muzyka [2010-12-25 17:57:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\uTorrent [2010-12-20 09:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-12-15 10:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\storage [2010-12-15 10:59:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Ubisoft [2010-12-15 10:59:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-06 15:13:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Remigiusz\Pulpit\OTL.exe [2011-02-06 15:09:24 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-02-06 15:08:13 | 000,013,772 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-02-06 15:08:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-06 11:58:32 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-02-06 11:58:30 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2011-02-06 11:45:29 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2011-02-06 11:19:51 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-02-05 17:27:33 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-05 17:14:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-02-05 11:35:27 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\Wydatki.xls [2011-02-03 09:17:31 | 008,180,224 | RHS- | M] () -- C:\Documents and Settings\All Users\TunesHelper.exe [2011-02-03 09:17:30 | 000,311,296 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Readar_sl.exe [2011-02-01 16:58:36 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Remigiusz\default.pls [2011-01-31 16:44:39 | 000,000,587 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\Sam & Max.lnk [2011-01-31 01:36:59 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\WKS Outsider.xls [2011-01-27 00:22:09 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\Gears of War.lnk [2011-01-26 23:29:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_xusb21_01007.Wdf [2011-01-26 23:29:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2011-01-12 10:49:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-01-05 07:26:10 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2011-01-05 07:26:10 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2011-01-05 06:49:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2011-01-04 10:08:57 | 000,221,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-02 19:31:29 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011-01-02 19:31:28 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-12-19 12:07:08 | 000,000,456 | -H-- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\odc. 82 Przyjaciele na zawsze.3gp.ini [2010-12-18 12:47:08 | 000,000,454 | -H-- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\odc. 81 Przyjaciel czy wróg.3gp.ini [2010-12-13 20:43:48 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-06 12:10:04 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2011-02-06 12:03:46 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-02-06 11:45:29 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2011-02-03 20:27:20 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-02-03 20:27:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml [2011-02-03 20:27:07 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-02-03 20:27:07 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-02-03 20:26:36 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-02-03 20:26:06 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm [2011-02-03 09:17:34 | 008,180,224 | RHS- | C] () -- C:\Documents and Settings\All Users\TunesHelper.exe [2011-01-31 16:44:39 | 000,000,587 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Pulpit\Sam & Max.lnk [2011-01-27 00:22:09 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Pulpit\Gears of War.lnk [2011-01-26 23:29:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_xusb21_01007.Wdf [2011-01-26 23:29:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2011-01-05 06:49:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2011-01-02 19:31:28 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011-01-02 19:31:28 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-12-19 11:45:38 | 000,000,456 | -H-- | C] () -- C:\Documents and Settings\Remigiusz\Pulpit\odc. 82 Przyjaciele na zawsze.3gp.ini [2010-12-18 12:25:07 | 000,000,454 | -H-- | C] () -- C:\Documents and Settings\Remigiusz\Pulpit\odc. 81 Przyjaciel czy wróg.3gp.ini [2010-12-13 20:43:48 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2010-12-06 01:19:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2010-11-18 22:09:41 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-10-16 19:51:38 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-10-14 09:59:55 | 000,295,028 | ---- | C] () -- C:\WINDOWS\System32\Install6x.dll [2010-09-17 20:13:04 | 000,000,123 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI [2010-09-06 22:14:57 | 000,113,152 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-06 22:14:54 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-09-05 15:22:36 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-09-05 15:04:19 | 000,005,060 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2010-09-04 22:30:04 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-09-04 22:23:29 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010-09-04 22:04:04 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-09-04 20:50:28 | 000,014,383 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2010-09-04 20:50:09 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2010-09-04 20:50:08 | 000,014,139 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010-09-04 20:50:01 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-11-06 09:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-07-01 09:04:40 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys [color=#E56717]========== LOP Check ==========[/color] [2010-10-16 22:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-10-20 15:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-09-05 12:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DassaultSystemes [2010-12-05 23:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2010-09-04 22:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-12-20 09:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-12-15 10:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2010-12-05 23:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2011-02-06 11:45:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} [2010-10-14 22:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\ArcaBit [2010-10-14 19:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\ArcaVirMicroScan [2010-10-12 19:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Autodesk [2010-10-16 19:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\DAEMON Tools Lite [2010-09-05 12:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\DassaultSystemes [2010-12-05 23:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Epson [2010-09-05 21:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Gadu-Gadu [2010-12-15 10:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Ubisoft [2011-02-06 15:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\uTorrent [2011-02-06 15:09:24 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-02-06 15:07:57 | 000,001,028 | ---- | M] () -- C:\aaw7boot.log [2010-09-04 22:47:39 | 000,000,047 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-09-04 20:41:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2004-02-11 15:16:26 | 000,016,384 | RH-- | M] ( ) -- C:\hpqimgrc.resources.dll [2010-09-04 20:41:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-09-04 20:41:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011-02-06 15:07:59 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys [2010-09-04 21:21:07 | 000,000,575 | -H-- | M] () -- C:\RHDSetup.log [2010-11-07 14:53:54 | 000,002,334 | -H-- | M] () -- C:\_Sid.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys [2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [/log] < End of report > [/log] [attachment=14669:info.txt] [attachment=14670:log.txt]
Tomek01 komentarz 6 lutego 2011 komentarz 6 lutego 2011 W OTL, w oknie Custom scan/fixes wklej: [code]:OTL IE - HKU\S-1-5-21-507921405-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" :Commands [emptytemp] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL ( w tagi)
asaqa komentarz 6 lutego 2011 Autor komentarz 6 lutego 2011 Oto log z usuwania: [log]All processes killed ========== OTL ========== HKU\S-1-5-21-507921405-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Prefs.js: "qooqlle" removed from browser.search.selectedEngine Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Remigiusz ->Temp folder emptied: 427491004 bytes ->Temporary Internet Files folder emptied: 135618296 bytes ->Java cache emptied: 6435470 bytes ->FireFox cache emptied: 101535002 bytes ->Google Chrome cache emptied: 5094896 bytes ->Flash cache emptied: 44950 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2134153 bytes %systemroot%\System32 .tmp files removed: 3196628 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 16142277 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 665,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02062011_224804 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] Oraz nowy OTL: [log][log] OTL logfile created on: 2011-02-06 22:53:11 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Remigiusz\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 023,00 Mb Total Physical Memory | 246,00 Mb Available Physical Memory | 24,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 40,10 Gb Total Space | 15,74 Gb Free Space | 39,24% Space Free | Partition Type: NTFS Drive D: | 95,12 Gb Total Space | 11,43 Gb Free Space | 12,02% Space Free | Partition Type: NTFS Drive E: | 97,66 Gb Total Space | 9,36 Gb Free Space | 9,59% Space Free | Partition Type: NTFS Computer Name: OLDSKUL | User Name: Remigiusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-06 15:13:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Remigiusz\Pulpit\OTL.exe PRC - [2011-02-06 11:57:47 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011-02-06 11:57:46 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-03 20:58:04 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-09-23 03:47:04 | 000,035,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe PRC - [2010-09-15 04:50:54 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-09-11 02:25:14 | 000,606,208 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2010-09-01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009-12-03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2009-10-01 01:57:18 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe PRC - [2009-08-06 18:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-07-01 09:02:28 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2008-07-01 09:01:04 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 21:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:32 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-07-09 08:39:12 | 002,119,104 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2007-03-21 15:49:20 | 016,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2006-12-23 17:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006-12-23 17:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2006-12-23 16:54:04 | 000,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2006-12-14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-05-16 10:22:58 | 000,614,400 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe PRC - [2005-08-02 21:50:00 | 000,233,472 | ---- | M] () -- C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe PRC - [2004-08-04 13:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2004-06-27 14:38:58 | 000,503,808 | ---- | M] () -- C:\Program Files\Multimedia Combo Set\MouseDrv.exe PRC - [2004-05-28 22:08:52 | 000,520,192 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe PRC - [2004-02-12 12:38:56 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-06 15:13:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Remigiusz\Pulpit\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-12-21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-02-06 11:57:46 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2008-07-01 09:08:00 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2008-07-01 09:02:28 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-01-02 19:31:29 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2011-01-02 19:31:28 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-12-03 10:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010-12-03 10:05:33 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2010-10-20 15:43:18 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-09-11 03:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-09-10 02:24:12 | 000,062,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21) DRV - [2008-07-01 09:04:40 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-07-01 08:57:14 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv) DRV - [2008-07-01 08:56:22 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-04-24 16:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\LUMDriver.sys -- (LUMDriver) DRV - [2007-03-26 20:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-03-15 15:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001) DRV - [2006-12-28 17:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2006-05-04 18:02:58 | 000,380,928 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) DRV - [2004-08-13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-507921405-1326574676-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-02-06 11:19:50 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-06 11:19:49 | 000,000,000 | ---D | M] [2010-09-04 22:20:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Extensions [2011-02-06 15:19:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\extensions [2010-09-08 20:01:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-11 00:58:17 | 000,000,000 | ---D | M] ("FoxTrick") -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba} [2010-10-21 20:11:01 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\extensions\vshare@toolbar [2011-02-06 22:50:41 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Mozilla\Firefox\Profiles\jnsk97li.default\searchplugins\search.xml [2011-02-06 15:19:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-09-23 12:58:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-12-03 11:07:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-09-23 12:58:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [Readar_sl] C:\Documents and Settings\Remigiusz\Dane aplikacji\Readar_sl.exe (Created with WinAutomation (http://www.WinAutomation.com)) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [TunesHelper] C:\Documents and Settings\All Users\TunesHelper.exe () O4 - HKLM..\Run: [WireLessKeyboard ] C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe () O4 - HKLM..\Run: [WireLessMouse ] C:\Program Files\Multimedia Combo Set\MouseDrv.exe () O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-507921405-1326574676-682003330-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-507921405-1326574676-682003330-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-507921405-1326574676-682003330-1003..\Run: [EPSON SX218 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-507921405-1326574676-682003330-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Image Zone - szybkie uruchamianie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-1326574676-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.) O16 - DPF: {1F831FAC-42FC-11D4-95A6-0080AD30DCE1} file://C:\Program Files\AutoCAD LT 2000i Plk\InstFred.ocx (NOXLATE) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Program Files\AutoCAD LT 2000i Plk\AcDcToday.ocx (AcDcToday) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD LT 2000i Plk\AcPreview.ocx (AcPreview Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.80.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-09-04 22:47:39 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-06 22:48:04 | 000,000,000 | ---D | C] -- C:\_OTL [2011-02-06 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Media Player Classic [2011-02-06 15:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-02-06 15:25:38 | 000,000,000 | ---D | C] -- C:\rsit [2011-02-06 15:13:03 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Remigiusz\Pulpit\OTL.exe [2011-02-06 11:58:39 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2011-02-06 11:58:35 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-02-06 11:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\Sunbelt Software [2011-02-06 11:45:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\~0 [2011-02-06 11:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft [2011-02-03 20:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SubEdit-Player [2011-02-03 20:27:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Real Alternative [2011-02-03 20:27:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2011-02-03 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2011-02-03 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Real [2011-02-03 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real [2011-02-03 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Media Player Classic [2011-02-03 20:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack [2011-02-03 20:27:11 | 000,389,120 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm [2011-02-03 20:27:08 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll [2011-02-03 20:27:08 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm [2011-02-03 20:27:04 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2011-02-03 20:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ffdshow [2011-02-03 20:26:35 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll [2011-02-03 20:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow [2011-02-03 20:26:05 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter [2011-02-03 20:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Menu Start\Programy\AC3Filter [2011-02-03 20:13:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Moje dokumenty\Pobieranie [2011-02-03 09:18:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Moje dokumenty\DivX Movies [2011-02-03 09:17:36 | 000,311,296 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Readar_sl.exe [2011-01-31 16:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Menu Start\Programy\JoWooD Productions [2011-01-27 00:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Microsoft Games [2011-01-27 00:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Menu Start\Programy\Microsoft Games [2011-01-26 23:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Xbox 360 Accessories [2011-01-26 23:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2011-01-22 11:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESET [2011-01-05 06:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2011-01-05 06:49:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2011-01-05 06:49:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2011-01-05 06:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2011-01-03 12:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2011-01-02 19:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NVIDIA Corporation [2011-01-02 19:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2011-01-02 19:31:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2011-01-02 19:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-12-29 00:48:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Pulpit\Koniec Świata - Oranżada [2010-12-28 21:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Pulpit\Koniec Świata - Burgerbar [2010-12-28 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Pulpit\Koniec Świata - Korzenie [2010-12-27 20:54:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Remigiusz\Moje dokumenty\Moja muzyka [2010-12-25 17:57:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\uTorrent [2010-12-20 09:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-12-15 10:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\storage [2010-12-15 10:59:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Ubisoft [2010-12-15 10:59:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-06 22:49:56 | 000,013,772 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-02-06 22:49:51 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-02-06 22:49:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-06 19:20:35 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\WKS Outsider.xls [2011-02-06 15:51:50 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-02-06 15:50:15 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-06 15:18:55 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\RSIT.exe [2011-02-06 15:13:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Remigiusz\Pulpit\OTL.exe [2011-02-06 11:58:32 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-02-06 11:19:51 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-02-05 11:35:27 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\Wydatki.xls [2011-02-03 09:17:31 | 008,180,224 | RHS- | M] () -- C:\Documents and Settings\All Users\TunesHelper.exe [2011-02-03 09:17:30 | 000,311,296 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Readar_sl.exe [2011-02-01 16:58:36 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Remigiusz\default.pls [2011-01-31 16:44:39 | 000,000,587 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\Sam & Max.lnk [2011-01-27 00:22:09 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\Remigiusz\Pulpit\Gears of War.lnk [2011-01-26 23:29:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_xusb21_01007.Wdf [2011-01-26 23:29:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2011-01-12 10:49:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-01-05 07:26:10 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2011-01-05 07:26:10 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2011-01-05 06:49:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2011-01-04 10:08:57 | 000,221,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-02 19:31:29 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011-01-02 19:31:28 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-12-13 20:43:48 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-06 15:18:51 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Pulpit\RSIT.exe [2011-02-06 12:10:04 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2011-02-06 12:03:46 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-02-03 20:27:20 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-02-03 20:27:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml [2011-02-03 20:27:07 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-02-03 20:27:07 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-02-03 20:26:36 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-02-03 20:26:06 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm [2011-02-03 09:17:34 | 008,180,224 | RHS- | C] () -- C:\Documents and Settings\All Users\TunesHelper.exe [2011-01-31 16:44:39 | 000,000,587 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Pulpit\Sam & Max.lnk [2011-01-27 00:22:09 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Pulpit\Gears of War.lnk [2011-01-26 23:29:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_xusb21_01007.Wdf [2011-01-26 23:29:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2011-01-05 06:49:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2011-01-02 19:31:28 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011-01-02 19:31:28 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-12-13 20:43:48 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2010-12-06 01:19:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2010-11-18 22:09:41 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-10-16 19:51:38 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-10-14 09:59:55 | 000,295,028 | ---- | C] () -- C:\WINDOWS\System32\Install6x.dll [2010-09-17 20:13:04 | 000,000,123 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI [2010-09-06 22:14:57 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-06 22:14:54 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-09-05 15:22:36 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Remigiusz\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-09-05 15:04:19 | 000,005,060 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2010-09-04 22:30:04 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-09-04 22:23:29 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010-09-04 22:04:04 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-09-04 20:50:28 | 000,014,383 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2010-09-04 20:50:09 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2010-09-04 20:50:08 | 000,014,139 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010-09-04 20:50:01 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-11-06 09:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-07-01 09:04:40 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys [color=#E56717]========== LOP Check ==========[/color] [2010-10-16 22:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-10-20 15:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-09-05 12:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DassaultSystemes [2010-12-05 23:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2010-09-04 22:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-12-20 09:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-12-15 10:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2010-12-05 23:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2011-02-06 22:55:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\~0 [2010-10-14 22:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\ArcaBit [2010-10-14 19:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\ArcaVirMicroScan [2010-10-12 19:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Autodesk [2010-10-16 19:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\DAEMON Tools Lite [2010-09-05 12:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\DassaultSystemes [2010-12-05 23:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Epson [2010-09-05 21:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Gadu-Gadu [2010-12-15 10:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\Ubisoft [2011-02-06 19:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Remigiusz\Dane aplikacji\uTorrent [2011-02-06 22:49:51 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-02-06 22:49:46 | 000,001,476 | ---- | M] () -- C:\aaw7boot.log [2010-09-04 22:47:39 | 000,000,047 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-09-04 20:41:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2004-02-11 15:16:26 | 000,016,384 | RH-- | M] ( ) -- C:\hpqimgrc.resources.dll [2010-09-04 20:41:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-09-04 20:41:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011-02-06 22:49:46 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys [2010-09-04 21:21:07 | 000,000,575 | -H-- | M] () -- C:\RHDSetup.log [2010-11-07 14:53:54 | 000,002,334 | -H-- | M] () -- C:\_Sid.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys [2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] [/log]
Tomek01 komentarz 7 lutego 2011 komentarz 7 lutego 2011 Jeszcze raz wklej do OTL: [code]:OTL IE - HKU\S-1-5-21-507921405-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" O4 - HKLM..\Run: [Readar_sl] C:\Documents and Settings\Remigiusz\Dane aplikacji\Readar_sl.exe (Created with WinAutomation (http://www.WinAutomation.com)) O4 - HKLM..\Run: [TunesHelper] C:\Documents and Settings\All Users\TunesHelper.exe () C:\Documents and Settings\All Users\Dane aplikacji\~0 :Commands [emptytemp][/code] RunFix... Przeskanuj na virustotal poniższy plik: C:\Documents and Settings\Remigiusz\Dane aplikacji\Readar_sl.exe
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.