pheeleep utworzono 12 lipca 2011 utworzono 12 lipca 2011 (edytowane) Witam mam problem z wyskakującą stroną startową qooqle, oprócz tego chyba niszczy mi pliki avi... widzę, że nie ja pierwszy to złapałem, podaje wyniki i OTL i proszę o pomoc.. Plik OTL: [log] OTL logfile created on: 2011-07-12 21:11:20 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Właściciel\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,76 Gb Available Physical Memory | 78,81% Memory free 5,34 Gb Paging File | 4,78 Gb Available in Paging File | 89,49% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 17,64 Gb Free Space | 30,11% Space Free | Partition Type: NTFS Drive D: | 5,18 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 97,65 Gb Total Space | 36,11 Gb Free Space | 36,98% Space Free | Partition Type: NTFS Drive F: | 97,65 Gb Total Space | 66,16 Gb Free Space | 67,75% Space Free | Partition Type: NTFS Drive G: | 97,65 Gb Total Space | 20,75 Gb Free Space | 21,24% Space Free | Partition Type: NTFS Drive H: | 114,19 Gb Total Space | 9,55 Gb Free Space | 8,36% Space Free | Partition Type: NTFS Drive N: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: PIRANIA | User Name: Właściciel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-07-11 20:58:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\OTL.exe PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-07-03 12:04:28 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-09-22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-04-04 09:54:20 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2010-01-26 19:46:13 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe PRC - [2009-08-28 20:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009-06-17 12:21:20 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2009-06-10 08:28:50 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-12-12 12:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008-12-09 08:23:58 | 018,063,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2008-06-10 09:45:42 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2008-05-30 15:41:28 | 000,182,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows SteadyState\Bubble.exe PRC - [2008-05-30 15:41:28 | 000,115,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows SteadyState\SCTSvc.exe PRC - [2008-05-07 15:28:32 | 000,591,696 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe PRC - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2007-11-16 14:05:50 | 000,024,576 | R--- | M] () -- C:\Program Files\SVRemote\USB20Remote.exe PRC - [2007-08-30 05:47:38 | 010,937,640 | ---- | M] (EIZO NANAO CORPORATION) -- C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe PRC - [2007-04-19 12:37:08 | 000,044,544 | ---- | M] () -- C:\Program Files\Premium Booster\scheduler.exe PRC - [2007-01-03 20:38:44 | 000,207,680 | ---- | M] () -- C:\Program Files\Gigabyte\ET5\GUI.exe PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\IoctlSvc.exe PRC - [2006-09-18 11:25:36 | 000,303,104 | ---- | M] () -- C:\WINDOWS\system32\ATWTUSB.EXE PRC - [2006-05-17 02:58:18 | 000,213,936 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe PRC - [2005-08-04 03:42:00 | 000,528,384 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2005-08-04 03:42:00 | 000,028,160 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-07-11 20:58:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\OTL.exe MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2011-01-21 16:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-12-20 19:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2010-12-09 17:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 10:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 14:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-07-11 10:40:16 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-15 14:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-15 14:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-15 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 14:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-15 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 14:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-15 14:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 14:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2008-04-15 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-15 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 14:00:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-15 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-15 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-15 14:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-15 14:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2005-08-04 03:42:00 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll MOD - [2005-08-04 03:42:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll MOD - [2005-08-04 03:42:00 | 000,057,344 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2005-08-04 03:42:00 | 000,036,352 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\gamehook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-07-11 16:07:25 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008-05-30 15:41:28 | 000,115,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows SteadyState\SCTSvc.exe -- (Windows SteadyState) SRV - [2007-04-27 14:32:16 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-02-21 19:27:20 | 000,017,912 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Program Files\Gigabyte\ET5\MARKFUN.W32 -- (MarkFun_NT) DRV - [2010-01-07 00:13:59 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2009-12-08 15:47:01 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-10 18:18:09 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-11-10 18:18:08 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-08-10 12:07:32 | 000,089,600 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GemCCID.sys -- (GemCCID) DRV - [2008-12-11 11:24:20 | 004,959,232 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-10-21 11:16:58 | 000,465,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2008-09-26 19:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007-04-16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2007-04-09 12:05:36 | 000,075,136 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TridVid.sys -- (TridVid) DRV - [2006-11-27 16:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-11-27 16:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-11-24 14:47:50 | 000,040,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv) DRV - [2006-10-18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-06-06 09:51:06 | 000,022,528 | ---- | M] (WALTOP International Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aiptektp.sys -- (aiptektp) DRV - [2005-12-06 17:11:18 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync03.sys -- (sfsync03) StarForce Protection Synchronization Driver (version 3.x) DRV - [2005-11-03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005-08-10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005-07-23 00:41:46 | 000,026,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKE) DRV - [2005-07-23 00:41:42 | 000,068,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2005-07-23 00:41:18 | 000,036,608 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK) DRV - [2005-07-23 00:41:08 | 000,055,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004-11-25 18:36:06 | 000,077,248 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-11-25 18:32:01 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003-09-06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1454471165-362288127-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-1454471165-362288127-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1454471165-362288127-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-10 13:20:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-07-09 23:41:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-07-09 23:41:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-08-16 16:53:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Extensions [2011-07-10 14:18:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions [2011-04-24 21:18:04 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-07-03 18:19:23 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-02-26 17:43:44 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions\netvideohunter@netvideohunter.com [2011-04-24 21:18:02 | 000,000,000 | ---D | M] (Google Translator for Firefox) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions\translator@zoli.bod [2009-12-08 15:47:33 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\searchplugins\daemon-search.xml [2011-07-11 21:16:56 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\searchplugins\search.xml [2011-07-10 14:18:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-06-29 21:13:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-04-24 09:01:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-07-05 19:44:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1RHN1FZI.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1RHN1FZI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1RHN1FZI.DEFAULT\EXTENSIONS\NETVIDEOHUNTER@NETVIDEOHUNTER.COM File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1RHN1FZI.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD [2011-07-10 13:20:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2009-07-11 18:37:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-08-18 21:00:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-07-09 23:40:57 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-07-09 23:40:57 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-07-09 23:40:57 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-07-09 23:40:57 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-07-09 23:40:57 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-07-09 23:40:57 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-07-11 21:51:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - No CLSID value found. O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-1454471165-362288127-682003330-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-1454471165-362288127-682003330-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0EZEHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [atwtusb] C:\WINDOWS\System32\ATWTUSB.EXE () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Bubble] C:\Program Files\Windows SteadyState\Bubble.exe (Microsoft Corporation) O4 - HKLM..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [Logoff] C:\Program Files\Windows SteadyState\SCTUINotify.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [ScreenManager Pro for LCD] C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe (EIZO NANAO CORPORATION) O4 - HKLM..\Run: [SVRemote] c:\Program Files\SVRemote\USB20Remote.exe () O4 - HKU\S-1-5-21-1454471165-362288127-682003330-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (sms-express.com) O4 - HKU\S-1-5-21-1454471165-362288127-682003330-1003..\Run: [Mobile Partner] C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe () O4 - HKU\S-1-5-21-1454471165-362288127-682003330-1003..\Run: [pb_scheduler_agent] C:\Program Files\Premium Booster\scheduler.exe () O4 - HKU\S-1-5-21-1454471165-362288127-682003330-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1454471165-362288127-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1454471165-362288127-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1454471165-362288127-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1454471165-362288127-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-1454471165-362288127-682003330-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-07 22:03:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-04-24 03:14:16 | 000,000,140 | R--- | M] () - D:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - N:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2007-11-07 17:41:52 | 000,000,047 | R--- | M] () - N:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: Windows SteadyState - C:\Program Files\Windows SteadyState\SCTSvc.exe (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: Windows SteadyState - C:\Program Files\Windows SteadyState\SCTSvc.exe (Microsoft Corporation) SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-07-12 21:08:02 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\OTL.exe [2011-07-11 22:29:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Właściciel\Recent [2011-07-11 22:17:43 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011-07-11 21:44:06 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011-07-11 21:36:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011-07-11 21:36:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011-07-11 21:36:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011-07-11 21:36:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011-07-11 21:36:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011-07-11 21:35:38 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-07-10 19:44:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DivX [2011-07-10 13:20:41 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-07-10 13:20:41 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-07-10 13:20:41 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-07-10 13:20:41 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-07-10 13:20:41 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-07-10 13:20:41 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-07-10 13:20:41 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-07-10 13:20:41 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-07-10 13:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus [2011-07-10 13:20:31 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-07-10 13:20:31 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-07-10 13:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-07-10 13:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-07-05 19:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-07-05 17:22:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\kaneandlynch [2011-07-05 17:22:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive [2011-07-05 17:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Eidos [2011-07-05 16:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos [2011-06-25 22:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\smieszne [2011-06-11 13:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\3dGirlz [2011-05-23 22:55:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PLAY [2011-05-23 22:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\PLAY [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-07-12 21:06:21 | 000,004,903 | ---- | M] () -- C:\WINDOWS\aiptbl.ini [2011-07-12 21:06:21 | 000,000,696 | ---- | M] () -- C:\WINDOWS\win.ini [2011-07-12 21:06:15 | 000,236,120 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2011-07-12 21:05:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2011-07-12 21:05:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-07-12 07:28:07 | 008,126,464 | ---- | M] () -- C:\Documents and Settings\Właściciel\ntuser.dat [2011-07-12 07:28:07 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Właściciel\ntuser.ini [2011-07-12 07:00:24 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-07-11 21:52:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2011-07-11 21:51:55 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011-07-11 21:44:10 | 000,000,339 | RHS- | M] () -- C:\boot.ini [2011-07-11 21:15:03 | 005,148,200 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-11 20:58:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\OTL.exe [2011-07-11 20:43:41 | 000,013,708 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-07-10 22:40:41 | 000,009,546 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110710_224034.reg [2011-07-10 19:46:38 | 000,028,964 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110710_194636.reg [2011-07-10 13:20:41 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-07-04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-07-03 20:12:04 | 000,175,104 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-03 18:52:20 | 000,000,960 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110703_185217.reg [2011-07-02 22:59:58 | 000,002,174 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110702_225954.reg [2011-06-27 21:34:30 | 000,215,278 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\fv net.zip [2011-06-26 08:45:56 | 000,256,000 | ---- | M] () -- C:\WINDOWS\PEV.exe [2011-06-25 10:03:43 | 000,019,468 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Hybrid_ 2010 _[BRRip 480p XviD Ac3 Feel-Free][ENG][Torrenty.org].torrent [2011-06-20 23:14:22 | 000,009,238 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110620_231318.reg [2011-06-19 08:45:56 | 001,043,732 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-06-19 08:45:56 | 000,490,912 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-06-19 08:45:56 | 000,432,790 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-06-19 08:45:56 | 000,084,162 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-06-19 08:45:56 | 000,067,746 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-06-11 22:50:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-05-31 12:34:20 | 000,003,202 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110531_123418.reg [2011-05-30 09:11:22 | 000,266,104 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2011-05-23 22:55:46 | 000,001,722 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Alien Terminator Deluxe.lnk [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-11 21:44:10 | 000,000,223 | ---- | C] () -- C:\Boot.bak [2011-07-11 21:44:08 | 000,262,400 | RHS- | C] () -- C:\cmldr [2011-07-11 21:36:31 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011-07-11 21:36:31 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011-07-11 21:36:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011-07-11 21:36:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011-07-11 21:36:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011-07-10 22:40:38 | 000,009,546 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110710_224034.reg [2011-07-10 19:46:37 | 000,028,964 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110710_194636.reg [2011-07-03 18:52:18 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110703_185217.reg [2011-07-02 22:59:56 | 000,002,174 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110702_225954.reg [2011-06-28 17:42:24 | 000,046,735 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\44c2d6aea3.jpeg [2011-06-27 21:34:30 | 000,215,278 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\fv net.zip [2011-06-25 10:03:43 | 000,019,468 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Hybrid_ 2010 _[BRRip 480p XviD Ac3 Feel-Free][ENG][Torrenty.org].torrent [2011-06-20 23:14:20 | 000,009,238 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110620_231318.reg [2011-06-11 13:21:52 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\Właściciel\Menu Start\Programy\3d Girlz.lnk [2011-06-11 13:21:52 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\Właściciel\Menu Start\Programy\3d Girlz Uninstall.lnk [2011-05-31 12:34:19 | 000,003,202 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110531_123418.reg [2011-05-23 22:55:46 | 000,001,722 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Alien Terminator Deluxe.lnk [2011-01-11 22:01:34 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI [2010-10-17 18:10:27 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\cdr.ini [2010-10-08 17:37:43 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe [2010-08-18 07:18:48 | 002,640,850 | -H-- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-20 23:51:44 | 000,146,412 | ---- | C] () -- C:\WINDOWS\System32\vilaunch.exe [2010-06-20 23:49:52 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe [2010-06-20 23:49:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe [2010-06-20 23:49:52 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe [2010-04-03 16:20:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-03-21 10:31:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2010-01-17 12:32:25 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NeoSetup.INI [2009-12-29 23:14:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini [2009-12-19 19:08:46 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll [2009-12-12 23:56:22 | 000,000,608 | ---- | C] () -- C:\WINDOWS\wwwconfig.dat [2009-12-12 23:29:46 | 000,000,068 | ---- | C] () -- C:\WINDOWS\badmojo.INI [2009-12-07 01:01:24 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2009-11-24 14:08:03 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2009-11-10 18:33:57 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-11-10 18:18:09 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-11-10 18:18:08 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-10-26 16:29:09 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI [2009-08-26 19:35:25 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\ATWTUSB.EXE [2009-08-26 19:35:25 | 000,090,112 | ---- | C] () -- C:\WINDOWS\RmTablet.exe [2009-08-26 19:35:24 | 000,004,903 | ---- | C] () -- C:\WINDOWS\aiptbl.ini [2009-08-16 16:52:55 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-07-14 21:03:31 | 000,479,232 | ---- | C] () -- C:\WINDOWS\ssndii.exe [2009-07-14 20:57:42 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\cl31cl3.dll [2009-07-11 22:33:59 | 000,175,104 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-11 10:28:33 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-07-11 10:28:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-07-10 06:48:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2009-07-08 22:16:36 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-07-08 21:31:32 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2009-07-08 21:31:32 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2009-07-08 21:31:32 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2009-07-08 21:31:32 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2009-07-08 21:31:32 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2009-07-08 21:31:32 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2009-07-08 21:31:32 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2009-07-08 21:31:32 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2009-07-08 21:31:32 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2009-07-08 21:31:32 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2009-07-08 21:31:32 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2009-07-08 21:31:32 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2009-07-08 21:31:32 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2009-07-08 21:31:32 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2009-07-08 21:31:32 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2009-07-08 21:31:32 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2009-07-08 21:31:32 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2009-07-08 21:31:32 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2009-07-08 21:31:32 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2009-07-08 05:52:49 | 001,043,732 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-07-08 05:52:48 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-07-08 05:51:58 | 005,148,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-07-07 22:28:21 | 000,266,104 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-07-07 22:15:23 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2009-07-07 22:04:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-07-07 22:03:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2009-07-07 22:02:43 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009-07-07 22:02:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009-07-07 22:01:40 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-07-07 22:01:31 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2009-07-07 22:01:31 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2009-07-07 22:00:53 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2009-07-07 22:00:52 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2009-06-10 08:29:34 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-06-10 08:29:34 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2009-06-10 08:29:34 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-06-10 08:29:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-06-10 08:29:34 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2009-06-10 08:29:34 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2009-06-10 08:29:32 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-06-10 06:03:00 | 001,580,550 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2009-04-28 09:55:06 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008-04-15 14:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2008-04-15 14:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008-04-15 14:00:00 | 000,490,912 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2008-04-15 14:00:00 | 000,432,790 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008-04-15 14:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008-04-15 14:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2008-04-15 14:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008-04-15 14:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2008-04-15 14:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2008-04-15 14:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2008-04-15 14:00:00 | 000,084,162 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2008-04-15 14:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2008-04-15 14:00:00 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com [2008-04-15 14:00:00 | 000,067,746 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008-04-15 14:00:00 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2008-04-15 14:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2008-04-15 14:00:00 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com [2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008-04-15 14:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2008-04-15 14:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2008-04-15 14:00:00 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe [2008-04-15 14:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2008-04-15 14:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2008-04-15 14:00:00 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2008-04-15 14:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2008-04-15 14:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008-04-15 14:00:00 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2008-04-15 14:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2008-04-15 14:00:00 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe [2008-04-15 14:00:00 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com [2008-04-15 14:00:00 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2008-04-15 14:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2008-04-15 14:00:00 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com [2008-04-15 14:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2008-04-15 14:00:00 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2008-04-15 14:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2008-04-15 14:00:00 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe [2008-04-15 14:00:00 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe [2008-04-15 14:00:00 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe [2008-04-15 14:00:00 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2008-04-15 14:00:00 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe [2008-04-15 14:00:00 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe [2008-04-15 14:00:00 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2008-04-15 14:00:00 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008-04-15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008-04-15 14:00:00 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2008-04-15 14:00:00 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2008-04-15 14:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008-04-15 14:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2008-04-15 14:00:00 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2008-04-15 14:00:00 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com [2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe [2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe [2008-04-15 14:00:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe [2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008-04-15 14:00:00 | 000,000,696 | ---- | C] () -- C:\WINDOWS\win.ini [2008-04-15 14:00:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2008-04-15 14:00:00 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2007-01-10 08:44:26 | 001,457,024 | R--- | C] () -- C:\WINDOWS\System32\SSCProt.dll [2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe [2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-28 07:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alawar Stargaze [2011-07-10 13:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2009-12-08 15:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-07-28 20:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2009-07-08 19:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2011-01-08 10:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-07-17 07:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2011-03-19 23:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Synetic [2010-10-08 17:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK Driver [2010-10-11 17:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2009-10-11 17:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Viewpoint [2010-01-26 23:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2011-07-10 19:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AIMP [2010-02-22 21:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\alawar [2010-01-03 19:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Ashampoo Cover Studio [2010-10-08 19:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\avidemux [2011-03-25 20:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\bizarre creations [2010-10-17 19:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Blender Foundation [2009-12-08 15:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DAEMON Tools Lite [2009-10-27 14:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Desktopicon [2010-06-20 21:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Dropbox [2009-11-24 14:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Epson [2010-03-25 15:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Gadu-Gadu 10 [2009-10-27 22:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\GHISLER [2009-12-20 22:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Groove Games [2009-10-10 01:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\gtk-2.0 [2011-01-08 10:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Nokia [2010-02-13 15:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Nowe Gadu-Gadu [2009-07-28 20:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\OpenFM [2009-07-28 18:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\OpenOffice.org [2010-10-17 19:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Opera [2011-01-07 18:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PC Suite [2011-07-12 07:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\uTorrent [2010-06-20 23:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\ViGlance [2010-06-20 23:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\ViSplore [2010-06-20 23:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\ViStart [2009-08-20 22:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Wormux [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-07-07 22:03:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-07-07 22:16:48 | 000,000,223 | ---- | M] () -- C:\Boot.bak [2011-07-11 21:44:10 | 000,000,339 | RHS- | M] () -- C:\boot.ini [2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 23:00:14 | 000,262,400 | RHS- | M] () -- C:\cmldr [2011-07-11 21:55:17 | 000,012,993 | ---- | M] () -- C:\ComboFix.txt [2009-07-07 22:03:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-07-07 19:30:58 | 000,000,230 | ---- | M] () -- C:\config.xml [2011-03-29 21:31:29 | 000,311,296 | ---- | M] () -- C:\default [2010-07-25 13:24:57 | 000,136,424 | ---- | M] () -- C:\Default.plc [2009-07-07 22:03:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-07-09 22:36:03 | 000,000,458 | ---- | M] () -- C:\memory.txt [2009-07-07 22:03:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-07-12 21:05:09 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2011-03-29 21:31:29 | 000,020,480 | ---- | M] () -- C:\SAM [2011-03-29 21:31:03 | 000,049,152 | ---- | M] () -- C:\SECURITY [2011-03-29 21:31:28 | 032,731,136 | ---- | M] () -- C:\software [2011-03-29 21:31:29 | 005,455,872 | ---- | M] () -- C:\system [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2009-08-23 23:00:38 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > Extras: OTL Extras logfile created on: 2011-07-12 21:11:20 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Właściciel\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,76 Gb Available Physical Memory | 78,81% Memory free 5,34 Gb Paging File | 4,78 Gb Available in Paging File | 89,49% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 17,64 Gb Free Space | 30,11% Space Free | Partition Type: NTFS Drive D: | 5,18 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 97,65 Gb Total Space | 36,11 Gb Free Space | 36,98% Space Free | Partition Type: NTFS Drive F: | 97,65 Gb Total Space | 66,16 Gb Free Space | 67,75% Space Free | Partition Type: NTFS Drive G: | 97,65 Gb Total Space | 20,75 Gb Free Space | 21,24% Space Free | Partition Type: NTFS Drive H: | 114,19 Gb Total Space | 9,55 Gb Free Space | 8,36% Space Free | Partition Type: NTFS Drive N: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: PIRANIA | User Name: Właściciel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1454471165-362288127-682003330-1003\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server "3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server "50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server "50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Gigabyte\ET5\update.exe" = C:\Program Files\Gigabyte\ET5\update.exe:*:Enabled:ftptest -- () "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- (sms-express.com) "C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe" = C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe:*:Enabled:Adobe Flash CS3 -- (Adobe Systems Incorporated.) "C:\Program Files\Activision\Blur(TM)\Blur.exe" = C:\Program Files\Activision\Blur(TM)\Blur.exe:*:Enabled:Blur(TM) -- () "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0D07BB6E-813A-432C-B6EB-C840FB2F877C}" = Adobe Contribute CS3 "{108FAA6F-DEEE-48EA-B3A9-1C5EB2605A6B}" = PL "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{15AE8E14-3728-4077-8B8C-7D7FE30C91B0}" = Adobe Photoshop CS3 "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FF78023-EFA4-491F-9F5A-284DE97AA326}" = TL-WN321G Wireless Utility "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 26 "{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{39B00E05-32F6-4BC3-943E-EDEFD4CA3ACB}" = Adobe Version Cue CS3 Server "{3C2C70B1-4441-4A76-B5E2-C339C24C63F3}" = Adobe Illustrator CS3 "{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView B7.0108.01 "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{433261B1-477A-4DF3-9EC4-BCC4C91C27C9}" = Adobe Creative Suite 3 Web Premium "{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R) "{58A4D8E3-FA9D-42CD-A46C-67F4749F2A56}" = Adobe Setup "{5CA72F10-829E-471F-93AD-5D28D673BB04}_is1" = Alien Terminator Deluxe 1.0 "{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files "{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash "{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3 "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries "{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3 "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{947EC1A7-B056-4D60-9D31-BD29BBBFC2B8}" = Kane and Lynch Dead Men "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B700657-676B-4A98-8B25-40A1BAC81045}" = Nero 8 Essentials "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A2EF591E-90FE-4501-B890-9C664F657674}" = Adobe Dreamweaver CS3 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch "{AC76BA86-1033-F400-7760-000000000004}_945" = Adobe Acrobat 9.4.5 - CPSID_83708 "{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3 "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BC281424-2BA0-43A6-99CF-A458B5450FCF}" = Adobe Flash Video Encoder "{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX "{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings "{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C3665F7A-36FA-4CF7-AC37-C7F7B9C896F2}" = Adobe Flash CS3 "{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3 "{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA "{CC32DF3B-317F-4F7E-A3C1-C9E5A76DA69D}" = Shade - Gniew Aniołów "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD "{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3880A64-6112-47b7-8BFE-70EEA07B43E0}" = Windows SteadyState "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings "{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}" = ScreenManager Pro for LCD "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E76FCE6B-9999-4250-8C75-B2DA4AD41268}" = Face_Wizard B07.0509.01 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{FA434907-6308-4827-A284-4FF60FFDDA48}" = Adobe Fireworks CS3 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_3ca73473bb306608adb15db065beeb2" = Dodaj lub usuń Adobe Creative Suite 3 Web Premium "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "AIMP2" = AIMP2 "Applian FLV Player2.0.24" = Applian FLV Player "avast" = avast! Free Antivirus "Avidemux 2.5" = Avidemux 2.5 "CCleaner" = CCleaner "EasyTune5" = EasyTune5 "EPSON PX700W Series" = EPSON PX700W Series Printer Uninstall "EPSON Scanner" = EPSON Scan "EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Przewodnik użytkownika" = EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Podręcznik "FileZilla" = FileZilla (remove only) "Gadu-Gadu" = Gadu-Gadu 6.1 "Heroes III The Shadow of Death" = Heroes of Might and Magic® III The Shadow of Death(TM) "ie8" = Windows Internet Explorer 8 "InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM) "KLiteCodecPack_is1" = K-Lite Codec Pack 3.9.0 Full "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18) "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "Opera 11.50.1074" = Opera 11.50 "Picasa 3" = Picasa 3 "PLAY ONLINE" = PLAY ONLINE "Premium Booster" = Premium Booster "Quest3D3d Girlz" = 3d Girlz "RealAlt_is1" = Real Alternative 1.7.5 "Recuva" = Recuva (remove only) "Rmtablet" = PENTAGRAM USB Tablet Manager "Samsung CLP-310 Series" = Samsung CLP-310 Series "StreetPlugin" = Learn2 Player (Uninstall Only) "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VLC media player 1.0.5 "Windows Media Format Runtime" = Windows Media Format 11 runtime "WMFDist11" = Windows Media Format 11 runtime "WMV9APDMOE" = Windows Media Video 9 Advanced Profile Codec "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1454471165-362288127-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-06-20 11:02:48 | Computer Name = PIRANIA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 6.4.9.1, moduł powodujący błąd mplayerc.exe, wersja 6.4.9.1, adres błędu 0x001553d6. Error - 2011-06-22 12:47:28 | Computer Name = PIRANIA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd allplayer.exe, wersja 2.3.0.0, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x00011689. Error - 2011-06-28 15:07:44 | Computer Name = PIRANIA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd blur.exe, wersja 0.0.0.0, moduł powodujący błąd blur.exe, wersja 0.0.0.0, adres błędu 0x00443854. Error - 2011-07-03 09:58:57 | Computer Name = PIRANIA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd blur.exe, wersja 0.0.0.0, moduł powodujący błąd blur.exe, wersja 0.0.0.0, adres błędu 0x00443854. Error - 2011-07-10 14:33:07 | Computer Name = PIRANIA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca ALLPlayer.exe, wersja 2.3.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-07-10 14:37:35 | Computer Name = PIRANIA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca ALLPlayer.exe, wersja 2.3.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-07-10 14:41:52 | Computer Name = PIRANIA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca ALLPlayer.exe, wersja 2.3.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-07-10 16:26:29 | Computer Name = PIRANIA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca ALLPlayer.exe, wersja 2.3.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-07-10 16:29:38 | Computer Name = PIRANIA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca ALLPlayer.exe, wersja 2.3.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-07-11 14:45:51 | Computer Name = PIRANIA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd eeventmanager.exe, wersja 2.0.0.1, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b. [ System Events ] Error - 2011-07-11 15:56:55 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu: %%2 Error - 2011-07-11 15:57:26 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7011 Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji z usługi Windows SteadyState. Error - 2011-07-11 16:01:39 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%2 Error - 2011-07-11 16:01:39 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu: %%2 Error - 2011-07-11 16:02:08 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7011 Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji z usługi Windows SteadyState. Error - 2011-07-12 00:42:40 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%2 Error - 2011-07-12 00:42:40 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu: %%2 Error - 2011-07-12 15:05:21 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%2 Error - 2011-07-12 15:05:21 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu: %%2 Error - 2011-07-12 15:06:09 | Computer Name = PIRANIA | Source = Service Control Manager | ID = 7011 Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji z usługi Windows SteadyState. < End of report > [/log] Pozdrawiam i liczę na pomoc!
wirusolog komentarz 12 lipca 2011 komentarz 12 lipca 2011 [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code]:OTL O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.) FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" IE - HKU\S-1-5-21-1454471165-362288127-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ [2010-06-20 23:51:44 | 000,146,412 | ---- | C] () -- C:\WINDOWS\System32\vilaunch.exe [2010-06-20 23:49:52 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe [2010-06-20 23:49:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe [2010-06-20 23:49:52 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - No CLSID value found. O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found :Commands [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. [b]2.[/b] Ściągnij [url=http://www.teamxscript.org/too/AD-R.exe][b][color=blue][u]Ad-Remover[/url][/b][/color][/u] i wciśnij w nim [size="3"][b]Clean[/b][/size] Pokaż raport z tego narzędzia. [b]3.[/b] Po tych czynnościach uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. [u]Pokazujesz nowe logi z OTL + raport z usuwania Ad-Removerem + raport z usuwania OTLem.[/u]
pheeleep komentarz 12 lipca 2011 Autor komentarz 12 lipca 2011 (edytowane) mam raport z ad-r: [log] ======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 22:23:40 on 12/07/2011, Normal boot Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Właściciel@PIRANIA ( ) ============== ACTION(S) ============== Folder deleted: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Conduit Folder deleted: C:\Program Files\Conduit Folder deleted: C:\Documents and Settings\Właściciel\Dane aplikacji\DesktopIcon Folder deleted: C:\Documents and Settings\All Users\Dane aplikacji\Trymedia Folder deleted: C:\Documents and Settings\All Users\Dane aplikacji\Viewpoint Folder deleted: C:\Program Files\Viewpoint (!) -- Temporary files deleted. Key deleted: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key deleted: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key deleted: HKLM\Software\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3} Key deleted: HKLM\Software\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E} Key deleted: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl Key deleted: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1 Key deleted: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary Key deleted: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key deleted: HKLM\Software\Conduit Key deleted: HKLM\Software\MetaStream Key deleted: HKLM\Software\Trymedia Systems Key deleted: HKLM\Software\Viewpoint Key deleted: HKCU\Software\Conduit Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899} Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key deleted: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key deleted: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key deleted: HKLM\Software\MozillaPlugins\@viewpoint.com/VMP ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [3.6.18 (pl)] **** HKLM_MozillaPlugins\Adobe Acrobat (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\FireFox\Profiles\1rhn1fzi.default -- Extensions\netvideohunter@netvideohunter.com (NetVideoHunter) Extensions\translator@zoli.bod (Google Translator for Firefox) Searchplugins\search.xml (?) Prefs.js - browser.search.selectedEngine, Prefs.js - browser.startup.homepage, Prefs.js - browser.startup.homepage_override.mstone, false ======================================== **** Google Chrome Version [12.0.742.112] **** Extension\icmlaeflemplmjndnaapfdbbnpncnbda (C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx) (?) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (hxxp://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F) Preferences - homepage: hxxp://www.qooqlle.com/ Preferences - homepage_is_newtabpage: false Plugin - Chrome NaCl (Enabled: false) (C:\Documents and Settings\W\u0142a\u015Bciciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\12.0.742.112\ppGoogleNaClPluginChrome.dll) (x) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "Chrome NaCl" (Enabled: false) Plugin - "Picasa" (Enabled: true) Plugin - "MetaStream 3 Plugin" (Enabled: true) ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll) HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll) HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll) HKLM_Toolbar|{9421DD08-935F-4701-A9CA-22DF90AC4EA6} (C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll) HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) BHO\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - "Easy Photo Print" (C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll) BHO\{ecdee021-0d17-467f-a1ff-c7a115230949} (?) BHO\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} (?) ======================================== C:\Program Files\Ad-Remover\Quarantine: 152 File(s) C:\Program Files\Ad-Remover\Backup: 13 File(s) C:\Ad-Report-CLEAN[1].txt - 12/07/2011 22:23:52 (6015 Byte(s)) End at: 22:24:24, 12/07/2011 ============== E.O.F ============== [/log] z OTL po prostu go uruchomiłem i właczyłem - skanuj, nie wybierałem żadnych opcji tj. na początku, jeśłi zorbiłem źle poprawię [log] OTL logfile created on: 2011-07-12 22:29:26 - Run 2 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Właściciel\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 79,34% Memory free 5,34 Gb Paging File | 4,80 Gb Available in Paging File | 89,86% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 17,68 Gb Free Space | 30,17% Space Free | Partition Type: NTFS Drive D: | 5,18 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 97,65 Gb Total Space | 36,11 Gb Free Space | 36,98% Space Free | Partition Type: NTFS Drive F: | 97,65 Gb Total Space | 66,16 Gb Free Space | 67,75% Space Free | Partition Type: NTFS Drive G: | 97,65 Gb Total Space | 20,75 Gb Free Space | 21,24% Space Free | Partition Type: NTFS Drive H: | 114,19 Gb Total Space | 9,55 Gb Free Space | 8,36% Space Free | Partition Type: NTFS Drive N: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: PIRANIA | User Name: Właściciel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-07-11 20:58:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\OTL.exe PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-07-03 12:04:28 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-06-07 20:54:05 | 000,040,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe PRC - [2010-09-22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2010-04-04 09:54:20 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2010-01-26 19:46:13 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-08-08 07:03:41 | 000,524,288 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe PRC - [2008-05-30 15:41:28 | 000,182,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows SteadyState\Bubble.exe PRC - [2008-05-30 15:41:28 | 000,115,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows SteadyState\SCTSvc.exe PRC - [2008-05-07 15:28:32 | 000,591,696 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-11-16 14:05:50 | 000,024,576 | R--- | M] () -- C:\Program Files\SVRemote\USB20Remote.exe PRC - [2007-08-30 05:47:38 | 010,937,640 | ---- | M] (EIZO NANAO CORPORATION) -- C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe PRC - [2007-04-19 12:37:08 | 000,044,544 | ---- | M] () -- C:\Program Files\Premium Booster\scheduler.exe PRC - [2007-01-03 20:38:44 | 000,207,680 | ---- | M] () -- C:\Program Files\Gigabyte\ET5\GUI.exe PRC - [2006-09-18 11:25:36 | 000,303,104 | ---- | M] () -- C:\WINDOWS\system32\ATWTUSB.EXE PRC - [2005-08-04 03:42:00 | 000,528,384 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2005-08-04 03:42:00 | 000,028,160 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-07-11 20:58:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\OTL.exe MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2005-08-04 03:42:00 | 000,057,344 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2005-08-04 03:42:00 | 000,036,352 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\gamehook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-07-11 16:07:25 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008-05-30 15:41:28 | 000,115,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows SteadyState\SCTSvc.exe -- (Windows SteadyState) SRV - [2007-04-27 14:32:16 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-02-21 19:27:20 | 000,017,912 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Program Files\Gigabyte\ET5\MARKFUN.W32 -- (MarkFun_NT) DRV - [2010-01-07 00:13:59 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2009-12-08 15:47:01 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-10 18:18:09 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-11-10 18:18:08 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-08-10 12:07:32 | 000,089,600 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GemCCID.sys -- (GemCCID) DRV - [2008-12-11 11:24:20 | 004,959,232 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-10-21 11:16:58 | 000,465,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2008-09-26 19:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007-04-16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2007-04-09 12:05:36 | 000,075,136 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TridVid.sys -- (TridVid) DRV - [2006-11-27 16:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-11-27 16:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-11-24 14:47:50 | 000,040,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv) DRV - [2006-10-18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-06-06 09:51:06 | 000,022,528 | ---- | M] (WALTOP International Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aiptektp.sys -- (aiptektp) DRV - [2005-12-06 17:11:18 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync03.sys -- (sfsync03) StarForce Protection Synchronization Driver (version 3.x) DRV - [2005-11-03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005-08-10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005-07-23 00:41:46 | 000,026,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKE) DRV - [2005-07-23 00:41:42 | 000,068,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2005-07-23 00:41:18 | 000,036,608 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK) DRV - [2005-07-23 00:41:08 | 000,055,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004-11-25 18:36:06 | 000,077,248 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-11-25 18:32:01 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003-09-06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-10 13:20:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-07-09 23:41:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-07-09 23:41:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-08-16 16:53:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Extensions [2011-07-10 14:18:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions [2011-04-24 21:18:04 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-07-03 18:19:23 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-02-26 17:43:44 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions\netvideohunter@netvideohunter.com [2011-04-24 21:18:02 | 000,000,000 | ---D | M] (Google Translator for Firefox) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\extensions\translator@zoli.bod [2009-12-08 15:47:33 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\searchplugins\daemon-search.xml [2011-07-11 21:16:56 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\1rhn1fzi.default\searchplugins\search.xml [2011-07-10 14:18:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-06-29 21:13:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-04-24 09:01:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-07-05 19:44:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1RHN1FZI.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1RHN1FZI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1RHN1FZI.DEFAULT\EXTENSIONS\NETVIDEOHUNTER@NETVIDEOHUNTER.COM File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1RHN1FZI.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD [2011-07-10 13:20:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2009-07-11 18:37:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-08-18 21:00:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-07-09 23:40:57 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-07-09 23:40:57 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-07-09 23:40:57 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-07-09 23:40:57 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-07-09 23:40:57 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-07-09 23:40:57 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-07-11 21:51:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - No CLSID value found. O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0EZEHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [atwtusb] C:\WINDOWS\System32\ATWTUSB.EXE () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Bubble] C:\Program Files\Windows SteadyState\Bubble.exe (Microsoft Corporation) O4 - HKLM..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [Logoff] C:\Program Files\Windows SteadyState\SCTUINotify.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [ScreenManager Pro for LCD] C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe (EIZO NANAO CORPORATION) O4 - HKLM..\Run: [SVRemote] c:\Program Files\SVRemote\USB20Remote.exe () O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (sms-express.com) O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe () O4 - HKCU..\Run: [pb_scheduler_agent] C:\Program Files\Premium Booster\scheduler.exe () O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-07 22:03:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-04-24 03:14:16 | 000,000,140 | R--- | M] () - D:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - N:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2007-11-07 17:41:52 | 000,000,047 | R--- | M] () - N:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-07-12 22:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2011-07-12 22:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Nowy folder [2011-07-12 22:18:34 | 000,000,000 | ---D | C] -- C:\_OTL [2011-07-12 21:08:02 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\OTL.exe [2011-07-11 22:29:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Właściciel\Recent [2011-07-11 22:17:43 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011-07-11 21:44:06 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011-07-11 21:36:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011-07-11 21:36:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011-07-11 21:36:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011-07-11 21:36:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011-07-11 21:36:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011-07-11 21:35:38 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-07-10 19:44:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DivX [2011-07-10 13:20:41 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-07-10 13:20:41 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-07-10 13:20:41 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-07-10 13:20:41 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-07-10 13:20:41 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-07-10 13:20:41 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-07-10 13:20:41 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-07-10 13:20:41 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-07-10 13:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus [2011-07-10 13:20:31 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-07-10 13:20:31 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-07-10 13:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-07-10 13:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-07-05 19:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-07-05 17:22:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\kaneandlynch [2011-07-05 17:22:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive [2011-07-05 17:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Eidos [2011-07-05 16:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos [2011-06-25 22:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\smieszne [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-07-12 22:26:33 | 000,004,903 | ---- | M] () -- C:\WINDOWS\aiptbl.ini [2011-07-12 22:26:30 | 000,236,120 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2011-07-12 22:25:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-07-12 22:23:38 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\AD-R.lnk [2011-07-12 07:00:24 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-07-11 21:51:55 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011-07-11 21:44:10 | 000,000,339 | RHS- | M] () -- C:\boot.ini [2011-07-11 21:15:03 | 005,148,200 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-11 20:58:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\OTL.exe [2011-07-11 20:43:41 | 000,013,708 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-07-10 22:40:41 | 000,009,546 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110710_224034.reg [2011-07-10 19:46:38 | 000,028,964 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110710_194636.reg [2011-07-10 13:20:41 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-07-04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-07-03 20:12:04 | 000,175,104 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-03 18:52:20 | 000,000,960 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110703_185217.reg [2011-07-02 22:59:58 | 000,002,174 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110702_225954.reg [2011-06-27 21:34:30 | 000,215,278 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\fv net.zip [2011-06-26 08:45:56 | 000,256,000 | ---- | M] () -- C:\WINDOWS\PEV.exe [2011-06-25 10:03:43 | 000,019,468 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Hybrid_ 2010 _[BRRip 480p XviD Ac3 Feel-Free][ENG][Torrenty.org].torrent [2011-06-24 22:30:50 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011-06-20 23:14:22 | 000,009,238 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110620_231318.reg [2011-06-19 08:45:56 | 000,490,912 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-06-19 08:45:56 | 000,432,790 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-06-19 08:45:56 | 000,084,162 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-06-19 08:45:56 | 000,067,746 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-12 22:23:38 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\AD-R.lnk [2011-07-11 21:44:10 | 000,000,223 | ---- | C] () -- C:\Boot.bak [2011-07-11 21:44:08 | 000,262,400 | RHS- | C] () -- C:\cmldr [2011-07-11 21:36:31 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011-07-11 21:36:31 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011-07-11 21:36:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011-07-11 21:36:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011-07-11 21:36:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011-07-10 22:40:38 | 000,009,546 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110710_224034.reg [2011-07-10 19:46:37 | 000,028,964 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110710_194636.reg [2011-07-03 18:52:18 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110703_185217.reg [2011-07-02 22:59:56 | 000,002,174 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110702_225954.reg [2011-06-28 17:42:24 | 000,046,735 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\44c2d6aea3.jpeg [2011-06-27 21:34:30 | 000,215,278 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\fv net.zip [2011-06-25 10:03:43 | 000,019,468 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Hybrid_ 2010 _[BRRip 480p XviD Ac3 Feel-Free][ENG][Torrenty.org].torrent [2011-06-20 23:14:20 | 000,009,238 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\cc_20110620_231318.reg [2011-01-11 22:01:34 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI [2010-10-17 18:10:27 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\cdr.ini [2010-10-08 17:37:43 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe [2010-04-03 16:20:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-03-21 10:31:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2010-01-17 12:32:25 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NeoSetup.INI [2009-12-29 23:14:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini [2009-12-19 19:08:46 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll [2009-12-12 23:56:22 | 000,000,608 | ---- | C] () -- C:\WINDOWS\wwwconfig.dat [2009-12-12 23:29:46 | 000,000,068 | ---- | C] () -- C:\WINDOWS\badmojo.INI [2009-12-07 01:01:24 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2009-11-24 14:08:03 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2009-11-10 18:18:09 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-11-10 18:18:08 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-10-26 16:29:09 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI [2009-08-26 19:35:25 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\ATWTUSB.EXE [2009-08-26 19:35:25 | 000,090,112 | ---- | C] () -- C:\WINDOWS\RmTablet.exe [2009-08-26 19:35:24 | 000,004,903 | ---- | C] () -- C:\WINDOWS\aiptbl.ini [2009-08-16 16:52:55 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-07-14 21:03:31 | 000,479,232 | ---- | C] () -- C:\WINDOWS\ssndii.exe [2009-07-14 20:57:42 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\cl31cl3.dll [2009-07-11 22:33:59 | 000,175,104 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-11 10:28:33 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-07-11 10:28:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-07-10 06:48:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2009-07-08 22:16:36 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-07-08 21:31:32 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2009-07-08 21:31:32 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2009-07-08 21:31:32 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2009-07-08 21:31:32 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2009-07-08 21:31:32 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2009-07-08 21:31:32 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2009-07-08 21:31:32 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2009-07-08 21:31:32 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2009-07-08 21:31:32 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2009-07-08 21:31:32 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2009-07-08 21:31:32 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2009-07-08 21:31:32 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2009-07-08 21:31:32 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2009-07-08 21:31:32 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2009-07-08 21:31:32 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2009-07-08 21:31:32 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2009-07-08 21:31:32 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2009-07-08 21:31:32 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2009-07-08 21:31:32 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2009-07-08 05:52:48 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-07-08 05:51:58 | 005,148,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-07-07 22:15:23 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2009-07-07 22:04:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-07-07 22:01:40 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-06-10 08:29:34 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-06-10 08:29:34 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2009-06-10 08:29:34 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-06-10 08:29:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-06-10 08:29:34 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2009-06-10 08:29:34 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2009-06-10 08:29:32 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-06-10 06:03:00 | 001,580,550 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2009-04-28 09:55:06 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008-04-15 14:00:00 | 000,490,912 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2008-04-15 14:00:00 | 000,432,790 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008-04-15 14:00:00 | 000,084,162 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2008-04-15 14:00:00 | 000,067,746 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008-04-15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2007-01-10 08:44:26 | 001,457,024 | R--- | C] () -- C:\WINDOWS\System32\SSCProt.dll < End of report >[/log]
wirusolog komentarz 12 lipca 2011 komentarz 12 lipca 2011 Teraz jest czysto. [b]1.[/b] Uruchom OTL i wciśnij [b]Sprzątanie[/b]. [b]2.[/b] Uruchom Ad-Remover i wciśnij [b]UNINSTALL[/b]. [b]3.[/b] Do wyczyszczenia punkty przywracania systemu: [url=http://www.searchengines.pl/Czyszczenie-punktow-przywracania-systemu-t141981.html][b][color="#0000FF"][u]LINK[/url][/b][/color][/u] [b]4.[/b] Zalecam [b]pełne skanowanie[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów, usuń to co znajdzie i wklej raport końcowy). [b]5.[/b] Przeskanuj też cały system za pomocą [url=http://www.hotfix.pl/instrukcja-uzytkowania-dr-web-cureit--a193.htm][b][color=blue][u]Dr.Web CureIt![/url][/b][/color][/u]
pheeleep komentarz 12 lipca 2011 Autor komentarz 12 lipca 2011 (edytowane) Dziękuję za pomoc na razie trwa pełne skanowanie i raczej to sporo potrwa.. jak na razie nadal np. na google chrome mam "qooqle" ... jutro wkleję raport z - Malwarebytes' Anti-Malware Pozdrawiam.
wirusolog komentarz 12 lipca 2011 komentarz 12 lipca 2011 Faktycznie: [quote] Preferences - homepage: hxxp://www.qooqlle.com/[/quote] Poczekaj na wyniki skanowania, możliwe, że programy zliwkidują ten problem. Jeżeli nie to wtedy ręcznie ustawisz strone startową na GOOGLE.
pheeleep komentarz 13 lipca 2011 Autor komentarz 13 lipca 2011 (edytowane) okej mam wyniki ze skanowania: [log] Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Wersja bazy: 7091 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2011-07-12 23:55:25 mbam-log-2011-07-12 (23-55-25).txt Typ skanowania: Pełne skanowanie (C:\|E:\|F:\|G:\|H:\|) Przeskanowano obiektów: 346030 Upłynęło: 49 minut(y), 4 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 0 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: (Nie znaleziono zagrożeń) raczej wszystko dobrze jeszcze dr WEB.. [quote name='FilipJ' timestamp='1310531752' post='1299214'] okej mam wyniki ze skanowania: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Wersja bazy: 7091 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2011-07-12 23:55:25 mbam-log-2011-07-12 (23-55-25).txt Typ skanowania: Pełne skanowanie (C:\|E:\|F:\|G:\|H:\|) Przeskanowano obiektów: 346030 Upłynęło: 49 minut(y), 4 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 0 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: (Nie znaleziono zagrożeń) raczej wszystko dobrze jeszcze dr WEB.. [/log] Jak na razie tak, walczę z tym doktorem..mam problem z pobraniem tegoż programu;/ ale nadal moj post jest aktualny, mozzila i opera działają ok, z google chrome są problemy, strona startowa nadal qooqle... zmieniając startową nic nie pomaga Pozdrawiam i wkleje jeszcze ten ostatni raport, jak tylko się uporam z pobranie programu. [color=red]//Nie cytuj całych postów, logi/raporty wstawiaj w [url="http://www.forumpc.pl/index.php?showtopic=168073"]tag log[/url]. //Mateusz J.[/color]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.