Kapi utworzono 30 maja 2012 utworzono 30 maja 2012 Witam serdecznie! Mam pewien problem, i chciałbym się poradzić. Otóż od jakiegoś czasu tak średnio raz na dwa tygodnie podczas przeglądania internetu, z mojego komputera wydobywa się dźwięk "congratulations". Piszę, podczas przeglądania internetu, bo w innym przypadku mi się to nie zdarzyło. Jak dotąd te "congratulations" usłyszałem chyba trzy razy, za każdym razem była włączona przeglądarka IE9. A w ogóle jesli to ważne to korzystam z Windows 7. I tak się zastanawiam co to do mnie gada, czy to jakiś szpieg czy wirus. Skanowałem system Kaspersky IS 2012, i nic nie znalazł. W autostarcie sprawdzałem, i nie ma tam żadnych podejrzanych aplikacji. Być może ktoś spotkał się już z czymś podobnym, i wie, co to może być. Dodam przy tej okazji, choc może nie ma to związku ze sprawą, ale warto wspomnieć, że jakiś czas temu szukałem programu do nagrywania dźwięków z karty dźwiękowej, i przypadkowo zainstalowałem jakiś głupi program (aplikacja) o nazwie: 4510-instalator_sciagnij. Instalacja przebiegła tak szybko, ze się nawet nie zorientowałem. To nawet nie był program, tylko chyba jakiś asystent ściągania. Aplikacja zainstalowała się na komputerze, jednoczesnie ustawiając stronę startową na gazeta.pl, ale przeszukałem pliki i nawet nie znalazłem mmiejsca w którym to to się zainstalowało... Nie wiem czy ma to związek z tymi dziwnymi dźwiękami, ale na wszelki wypadek o tym wspominam. Byc może ktoś mi pomoże w zlokalizowaniu tego dźwięku i ewentualnie usunięciu tej aplikacji '4510'. Bedę bardzo wdzięczny za pomoc. Pozdrawiam Paweł
Gość komentarz 30 maja 2012 komentarz 30 maja 2012 Bez logów nic sie powiedzieć nie da. Zrób logi z OTL. http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1
Kapi komentarz 31 maja 2012 Autor komentarz 31 maja 2012 (edytowane) zrobiłem OTL... Uda sie teraz coś mi poradzić? Ewentualnie podsunąć jakiś dobry program antyszpiegowski czy coś...? Nie wiem czy to akurat jakiś szpieg mnie prześladuje ale może warto na wszelki wypadek dla pewności. I co z tym OTL-em. Jak to wygląda po analizie? [log]OTL logfile created on: 2012-05-31 10:42:40 - Run 1 OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Pablo\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,04% Memory free 5,99 Gb Paging File | 4,65 Gb Available in Paging File | 77,60% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,96 Gb Total Space | 43,36 Gb Free Space | 14,95% Space Free | Partition Type: NTFS Computer Name: PABLO-PC | User Name: Pablo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-05-31 10:40:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Pablo\Downloads\OTL.exe PRC - [2012-05-04 23:35:16 | 000,351,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe PRC - [2011-10-01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011-10-01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-02-02 15:55:32 | 000,068,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Adobe\Director\SWDNLD.EXE PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-03-23 14:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2010-03-23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe PRC - [2009-03-02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-04-25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll MOD - [2011-04-25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll MOD - [2011-04-25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll MOD - [2011-04-25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll MOD - [2011-04-25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll MOD - [2011-04-25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll MOD - [2011-04-20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-05-04 23:35:32 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2011-10-01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011-10-01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2011-03-03 07:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache) SRV - [2010-11-20 14:19:33 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2010-11-05 03:52:39 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2010-08-14 19:39:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-03-23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV) SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-07-14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-03-02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter) DRV - [2012-02-18 13:21:55 | 000,570,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2011-10-01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2011-10-01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2011-10-01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2011-10-01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2011-05-13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2011-05-13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2011-04-26 14:37:34 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011-03-10 19:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2011-03-04 14:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2) DRV - [2011-03-04 14:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 10:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2010-08-15 23:06:11 | 000,035,328 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stppp.sys -- (stppp) DRV - [2010-08-15 23:06:11 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\st330.sys -- (ST330) DRV - [2010-08-15 23:06:11 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stbus.sys -- (STBUS) DRV - [2010-03-23 14:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2010-01-13 16:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Sterownik karty Intel® DRV - [2009-11-02 21:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009-10-03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009-07-14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2009-07-14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2009-07-14 01:54:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2009-07-14 01:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2009-07-14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Sterownik karty Intel® DRV - [2008-11-23 11:23:06 | 000,097,792 | ---- | M] (T0r0 2008) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NSHE.SYS -- (NSHE) DRV - [2008-10-22 17:42:10 | 000,107,360 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2007-04-25 12:50:02 | 000,032,256 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2006-11-22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = [url="http://www.searchqu.com//web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms"]http://www.searchqu....&q={searchTerms[/url]} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2453315"]http://search.condui...&ctid=CT2453315[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url] IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\URLSearchHook: {096beb20-06a2-4fb4-ac16-ef911f37775b} - No CLSID value found IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\SearchScopes,DefaultScope = {FC8FED75-48F7-4929-9C87-7356D33D7ACD} IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url] IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\SearchScopes\{3F9B798F-98C7-4255-81A3-448B942EFEC1}: "URL" = [url="http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms"]http://search.yahoo....&p={searchTerms[/url]} IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\SearchScopes\{FC8FED75-48F7-4929-9C87-7356D33D7ACD}: "URL" = [url="http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms"]http://pl.wikipedia....ch={searchTerms[/url]} IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "[url="http://www.gazeta.pl/0,0.html?p=128"]http://www.gazeta.pl/0,0.html?p=128[/url]" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pablo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pablo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-05-02 14:40:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-05-02 14:40:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-05-02 14:40:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-16 11:26:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Pablo\AppData\Roaming\IDM\idmmzcc5 [2012-01-16 11:27:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pablo\AppData\Roaming\mozilla\Extensions [2012-05-30 10:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pablo\AppData\Roaming\mozilla\Firefox\Profiles\ty3p1o84.default\extensions [2012-05-30 10:13:28 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Pablo\AppData\Roaming\mozilla\Firefox\Profiles\ty3p1o84.default\extensions\IplextoALL@ALLPlayer.org [2012-05-30 10:14:09 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Pablo\AppData\Roaming\mozilla\Firefox\Profiles\ty3p1o84.default\extensions\YouTubetoALL@ALLPlayer.org [2012-02-19 10:28:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-02-19 10:28:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-01-16 11:30:52 | 000,009,664 | ---- | M] () (No name found) -- C:\USERS\PABLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY3P1O84.DEFAULT\EXTENSIONS\{76C80A11-FAD4-406C-8246-F5ED4F9367B5}.XPI [2011-12-21 10:04:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-21 07:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-21 07:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-12-21 07:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-12-21 07:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-12-21 07:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-12-21 07:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Yahoo! UK & Ireland (Enabled) CHR - default_search_provider: search_url = [url="http://uk.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms"]http://uk.search.yah...&p={searchTerms[/url]} CHR - default_search_provider: suggest_url = [url="http://uk-sayt.ff.search.yahoo.com/gossip-uk-sayt?output=fxjson&command={searchTerms"]http://uk-sayt.ff.se...nd={searchTerms[/url]} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Szukaj w Google = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Kaspersky URL Advisor = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\ CHR - Extension: Klawiatura wirtualna = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\ CHR - Extension: Blokowanie baner\u00F3w = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\Toolbar\WebBrowser: (no name) - {096BEB20-06A2-4FB4-AC16-EF911F37775B} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKU\S-1-5-21-825864814-1420839680-3148799228-1000..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-825864814-1420839680-3148799228-1000..\Run: [EPSON Stylus SX400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: &Download with AktivDownloadManager! - C:\Program Files\Aktiv Download Manager\aktivdownloadmanager.htm File not found O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Pablo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab"]http://download.macr...director/sw.cab[/url] (Shockwave ActiveX Control) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} [url="https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab"]https://h20436.www2....re/HPDEXAXO.cab[/url] (HP Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00B804BE-4091-46A2-A096-6EFF2BF07038}: DhcpNameServer = 194.204.159.1 194.204.152.34 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\WIA6EB~1\Datamngr\datamngr.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~1\WIA6EB~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-05-30 10:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-05-30 10:14:00 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Local\ALLConverter [2012-05-30 10:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-05-28 19:57:31 | 000,000,000 | ---D | C] -- C:\Users\Pablo\Desktop\lampy dzienne [2012-05-24 20:43:25 | 000,000,000 | ---D | C] -- C:\Users\Pablo\Desktop\ubezpieczenie golfa [2012-05-19 18:29:33 | 000,000,000 | ---D | C] -- C:\Users\Pablo\Desktop\Nowe zdjęcia [2012-05-18 13:33:33 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll [2012-05-09 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Pablo\Desktop\piwo etykieta [2012-05-09 11:12:27 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012-05-09 11:12:26 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012-05-09 11:12:26 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-05-09 11:12:24 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012-05-04 11:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl [2012-05-03 20:29:35 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Roaming\Program Files [2012-04-29 12:17:32 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Roaming\Publish Providers [2012-04-29 12:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2012-04-29 11:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2012-04-29 11:59:50 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2012-04-29 11:40:12 | 000,000,000 | ---D | C] -- C:\Users\Pablo\Documents\Vegas Movie Studio HD Platinum 11.0 Projects [2012-04-29 11:35:38 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Local\Sony [2012-04-29 11:34:27 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Roaming\Sony [2012-04-11 09:41:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-04-11 09:41:32 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-04-11 09:41:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-04-11 09:41:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-04-11 09:41:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-04-11 09:41:30 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-04-04 17:35:27 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-01 11:29:49 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Roaming\Alawar [2012-04-01 11:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sklepik Nemo [2012-04-01 11:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Sklepik Nemo [229 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-05-31 10:39:01 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-825864814-1420839680-3148799228-1000UA.job [2012-05-31 10:35:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-05-31 10:30:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-31 10:18:01 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-31 10:09:59 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-31 10:09:59 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-31 10:07:09 | 000,698,356 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-05-31 10:07:09 | 000,616,452 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-05-31 10:07:09 | 000,135,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-05-31 10:07:09 | 000,106,574 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-05-31 09:44:09 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-31 09:43:52 | 2413,719,552 | -HS- | M] () -- C:\hiberfil.sys [2012-05-30 22:03:34 | 003,216,988 | ---- | M] () -- C:\Users\Pablo\Desktop\RP456_V6.final.2.1.p.2.pdf [2012-05-30 18:43:40 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-825864814-1420839680-3148799228-1000Core.job [2012-05-28 12:00:00 | 000,000,500 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job [2012-05-24 12:41:20 | 000,002,397 | ---- | M] () -- C:\Users\Pablo\Desktop\Google Chrome.lnk [2012-05-21 12:19:15 | 000,000,017 | ---- | M] () -- C:\Windows\System32\shortcut_ex.dat [2012-05-19 18:42:53 | 000,070,210 | ---- | M] () -- C:\Users\Pablo\.recently-used.xbel [2012-05-18 13:53:49 | 000,059,424 | ---- | M] () -- C:\Users\Pablo\Documents\cc_20120322_093011.reg [2012-05-09 15:27:13 | 000,455,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-05-04 23:35:16 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-05-04 23:35:16 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-05-04 11:37:54 | 000,000,632 | ---- | M] () -- C:\Users\Public\Desktop\ChomikBox.lnk [2012-04-15 15:18:50 | 010,997,284 | ---- | M] () -- C:\Users\Pablo\Desktop\Ślub Franciszka Kowalczyka (opis)edycja.jpg [2012-04-07 10:15:00 | 013,837,799 | ---- | M] () -- C:\Users\Pablo\Desktop\Projekt4 GOTOWE.jpg [2012-04-01 11:29:34 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\Sklepik Nemo.lnk [229 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-30 22:03:33 | 003,216,988 | ---- | C] () -- C:\Users\Pablo\Desktop\RP456_V6.final.2.1.p.2.pdf [2012-05-21 12:19:15 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat [2012-05-19 18:42:53 | 000,070,210 | ---- | C] () -- C:\Users\Pablo\.recently-used.xbel [2012-05-04 11:37:54 | 000,000,632 | ---- | C] () -- C:\Users\Public\Desktop\ChomikBox.lnk [2012-04-15 15:18:45 | 010,997,284 | ---- | C] () -- C:\Users\Pablo\Desktop\Ślub Franciszka Kowalczyka (opis)edycja.jpg [2012-04-07 10:14:49 | 013,837,799 | ---- | C] () -- C:\Users\Pablo\Desktop\Projekt4 GOTOWE.jpg [2012-04-04 17:35:32 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-01 11:29:34 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\Sklepik Nemo.lnk [2012-02-26 16:40:21 | 000,007,606 | ---- | C] () -- C:\Users\Pablo\AppData\Local\Resmon.ResmonCfg [2012-02-18 13:25:54 | 000,017,408 | ---- | C] () -- C:\Users\Pablo\AppData\Local\WebpageIcons.db [2012-02-18 13:23:52 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2012-02-18 13:23:52 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2012-01-24 17:32:10 | 000,000,033 | ---- | C] () -- C:\Windows\DownloadStudioScheduleMonitor.INI [2012-01-24 15:28:34 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2012-01-24 15:23:34 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll [2012-01-24 15:23:34 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll [2011-09-15 02:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin [2011-08-21 11:06:57 | 000,176,640 | ---- | C] () -- C:\Windows\alt_uninstal.exe [2011-03-11 13:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2010-09-21 21:09:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-09-09 22:18:25 | 000,028,672 | ---- | C] () -- C:\Windows\System32\hlduinst.exe [2010-09-09 22:18:24 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE [2010-08-21 13:31:28 | 000,004,096 | -H-- | C] () -- C:\Users\Pablo\AppData\Local\keyfile3.drm [2010-08-20 11:05:59 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2010-08-16 14:37:05 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-08-16 14:37:05 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2010-08-16 10:44:00 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2010-08-16 10:44:00 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2010-08-16 10:44:00 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2010-08-16 10:44:00 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2010-08-16 10:44:00 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2010-08-16 10:44:00 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2010-08-16 10:44:00 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2010-08-16 10:44:00 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2010-08-16 10:44:00 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2010-08-16 10:44:00 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2010-08-16 10:44:00 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2010-08-16 10:44:00 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2010-08-16 10:44:00 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2010-08-16 10:44:00 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2010-08-16 10:44:00 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2010-08-16 10:44:00 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2010-08-16 10:44:00 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2010-08-16 10:44:00 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2010-08-16 10:44:00 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2010-08-15 14:37:45 | 000,000,026 | ---- | C] () -- C:\Windows\CDE SX400EXPORT.ini [color=#E56717]========== LOP Check ==========[/color] [2012-04-01 11:29:49 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Alawar [2010-08-20 11:36:30 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Ashampoo [2011-04-26 14:35:19 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\DeepBurner [2012-02-18 14:10:55 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\DMCache [2011-12-25 15:43:05 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\DVDVideoSoft [2011-12-25 15:42:38 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\DVDVideoSoftIEHelpers [2010-08-20 20:18:11 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\EPSON [2012-05-30 10:06:28 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\FreeFLVConverter [2011-06-27 18:12:46 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Gadu-Gadu 10 [2012-05-19 18:42:53 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\gtk-2.0 [2012-02-13 11:10:28 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\OpenCandy [2011-06-27 18:16:34 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\OpenFM [2010-08-16 11:34:40 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\OpenOffice.org [2012-05-03 20:29:35 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Program Files [2012-04-29 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Publish Providers [2012-01-09 22:57:48 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Recolored [2012-05-22 21:22:01 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\SoftGrid Client [2012-04-29 12:17:29 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Sony [2012-03-04 23:11:13 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Stellarium [2010-08-19 20:48:29 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\TP [2012-03-22 10:29:20 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\uTorrent [2012-05-20 12:41:53 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\XnView [2012-05-28 12:00:00 | 000,000,500 | ---- | M] () -- C:\Windows\Tasks\One-Click Tweak.job [2012-05-21 10:38:13 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:5CB1E0D3 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:553CA6CA < End of report > [/log] [log] OTL Extras logfile created on: 2012-05-31 10:42:40 - Run 1 OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Pablo\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,04% Memory free 5,99 Gb Paging File | 4,65 Gb Available in Paging File | 77,60% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,96 Gb Total Space | 43,36 Gb Free Space | 14,95% Space Free | Partition Type: NTFS Computer Name: PABLO-PC | User Name: Pablo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ChomikBox.Upload] -- "C:\Program Files\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{50EFEB76-2151-4F0B-B610-CD8A3E4FE84C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{E0E9CF7B-5548-46CD-86C1-76D2E4AF7F23}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{11EB2353-FFDB-4221-88D9-045FE60D3ABE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{28886E35-1498-42B5-AD2D-D7CF031FBFCC}" = protocol=17 | dir=in | app=c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | "{5D82EEE4-C97E-4142-B744-33D6719B9E5C}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{C97445B9-5377-4458-90ED-14C6FFE24CEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D98491DA-A7B2-4BB2-9DF1-3540C25D56BB}" = protocol=6 | dir=in | app=c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | "{E36C9324-D415-4C94-9FF2-3DBF717C0824}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EEAEA09B-F00A-406A-AD4B-F970F62B391E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{3CC776D2-D7D4-484C-A1C1-D9EF2CB1BC76}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{879CABD5-43F7-4B60-9898-636BEB1B3754}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists "{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite "{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4F7B7598-88EA-4442-A54E-65EADCF06D97}" = ChomikBox "{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5D2CF9D0-113A-476B-986F-288B54571614}" = DevalVR plugin for Internet Explorer (remove) "{60C01570-A8AB-11E0-B591-005056C00008}" = MSVCRT Redists "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{61FFBE12-E3AD-442A-B261-A086041DB37A}" = Validity WinBio DDK "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90140000-006D-0415-0000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010 "{90140011-0061-0415-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - Polski "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{BBF5B57A-3A78-4A46-855C-766EB333F989}" = DigitalPersona Enrollment 1.0.0 "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "Audacity_is1" = Audacity 1.2.6 "CCleaner" = CCleaner "Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.39 "EPSON Scanner" = EPSON Scan "EPSON Stylus SX200_SX400_TX200_TX400 Przewodnik użytkownika" = EPSON Stylus SX200_SX400_TX200_TX400 Podręcznik "EPSON Stylus SX400 Series" = EPSON Stylus SX400 Series Printer Uninstall "EXRed_is1" = EXRed v2.0 "FormatFactory" = FormatFactory 2.20 "Free FLV Converter_is1" = Free FLV Converter V 7.4.0 "Free YouTube Download_is1" = Free YouTube Download version 3.0.19.1206 "Gadu-Gadu 10" = Gadu-Gadu 10 "Hardlock Device Drivers" = Hardlock Device Drivers "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "Legitki!" = Legitki! (remove only) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl) "NVIDIA Drivers" = NVIDIA Drivers "Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010 "RealAlt_is1" = Real Alternative 1.9.0 Lite "Searchqu 0 MediaBar" = Windows Searchqu Toolbar "Sklepik Nemo_is1" = Sklepik Nemo "Stellarium_is1" = Stellarium 0.10.1 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.10 "WinLiveSuite" = Podstawowe programy Windows Live "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR "XnView_is1" = XnView 1.97.6 "YouTube to ALLPlayer_is1" = YouTube to ALLPlayer [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-825864814-1420839680-3148799228-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "PhotoZoom Pro 2" = BenVista PhotoZoom Pro 2.3 "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log]
Gość komentarz 31 maja 2012 komentarz 31 maja 2012 W logach czysto. 1. Odinstaluj ten dodatek do przegladarki [b]Windows Searchqu Toolbar[/b] 2. Pobierz [b]AdwCleaner[/b] i wykonaj nim skan z opcji [b]Search[/b]. Przedstaw raport. http://general-changelog-team.fr/outils/289-adwcleaner
Kapi komentarz 31 maja 2012 Autor komentarz 31 maja 2012 (edytowane) Jak kazałeś tak zrobiłem A od czego jest ten dodatek Searchqu cośtam Bandoo Media? Już dawno temu zastanawiałem się do czego on służy. [log] # AdwCleaner v1.608 - Logfile created 05/31/2012 at 12:28:46 # Updated 27/05/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits) # User : Pablo - PABLO-PC # Running from : C:\Users\Pablo\Desktop\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\Pablo\AppData\Local\Conduit Folder Found : C:\Users\Pablo\AppData\LocalLow\Conduit Folder Found : C:\Users\Pablo\AppData\LocalLow\searchquband Folder Found : C:\Users\Pablo\AppData\Roaming\OpenCandy ***** [Registry] ***** [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2453315 Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar Key Found : HKLM\SOFTWARE\Conduit ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v9.0.1 (pl) Profile name : default File : C:\Users\Pablo\AppData\Roaming\Mozilla\Firefox\Profiles\ty3p1o84.default\prefs.js [OK] File is clean. -\\ Google Chrome v19.0.1084.52 File : C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [2485 octets] - [31/05/2012 12:28:46] ########## EOF - C:\AdwCleaner[R1].txt - [2613 octets] ########## [/log]
Gość komentarz 31 maja 2012 komentarz 31 maja 2012 [quote]A od czego jest ten dodatek Searchqu cośtam Bandoo Media? Już dawno temu zastanawiałem się do czego on służy.[/quote] A do niczego. To śmieć. Zamknij przegladarki. Uruchom AdwCleaner i kliknij [b]Delete.[/b] Po usuwaniu uruchom AdwCleaner jeszce raz i kliknij [b]Uninstall[/b]
Kapi komentarz 31 maja 2012 Autor komentarz 31 maja 2012 Tak też zrobiłem. I co - teraz powinno byc dobrze?
Gość komentarz 31 maja 2012 komentarz 31 maja 2012 Zrób nowy skan [b]OTL[/b] i przedstaw raport. Log [b]Extras[/b] juz nie jest potrzebny.
Kapi komentarz 31 maja 2012 Autor komentarz 31 maja 2012 [log]OTL logfile created on: 2012-05-31 16:57:34 - Run 2 OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Pablo\Desktop\Folder Roboczy Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 62,69% Memory free 5,99 Gb Paging File | 4,61 Gb Available in Paging File | 76,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,96 Gb Total Space | 51,48 Gb Free Space | 17,76% Space Free | Partition Type: NTFS Computer Name: PABLO-PC | User Name: Pablo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-05-31 10:40:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Pablo\Desktop\Folder Roboczy\OTL.exe PRC - [2012-05-04 23:35:16 | 000,351,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe PRC - [2011-10-01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011-10-01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-03-23 14:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2010-03-23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe PRC - [2009-03-02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-04-25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll MOD - [2011-04-25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll MOD - [2011-04-25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll MOD - [2011-04-25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll MOD - [2011-04-25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll MOD - [2011-04-25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll MOD - [2011-04-20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-05-04 23:35:32 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2011-10-01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011-10-01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2011-03-03 07:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache) SRV - [2010-11-20 14:19:33 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2010-11-05 03:52:39 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2010-08-14 19:39:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-03-23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV) SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-07-14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-03-02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter) DRV - [2012-02-18 13:21:55 | 000,570,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2011-10-01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2011-10-01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2011-10-01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2011-10-01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2011-05-13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2011-05-13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2011-04-26 14:37:34 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011-03-10 19:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2011-03-04 14:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2) DRV - [2011-03-04 14:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 10:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2010-08-15 23:06:11 | 000,035,328 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stppp.sys -- (stppp) DRV - [2010-08-15 23:06:11 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\st330.sys -- (ST330) DRV - [2010-08-15 23:06:11 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stbus.sys -- (STBUS) DRV - [2010-03-23 14:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2010-01-13 16:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Sterownik karty Intel(R) DRV - [2009-11-02 21:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009-10-03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009-07-14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2009-07-14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2009-07-14 01:54:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2009-07-14 01:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2009-07-14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Sterownik karty Intel(R) DRV - [2008-11-23 11:23:06 | 000,097,792 | ---- | M] (T0r0 2008) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NSHE.SYS -- (NSHE) DRV - [2008-10-22 17:42:10 | 000,107,360 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2007-04-25 12:50:02 | 000,032,256 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2006-11-22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url] IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\URLSearchHook: {096beb20-06a2-4fb4-ac16-ef911f37775b} - No CLSID value found IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\SearchScopes,DefaultScope = {FC8FED75-48F7-4929-9C87-7356D33D7ACD} IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/url] IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\SearchScopes\{3F9B798F-98C7-4255-81A3-448B942EFEC1}: "URL" = [url="http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms"]http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms[/url]} IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\SearchScopes\{FC8FED75-48F7-4929-9C87-7356D33D7ACD}: "URL" = [url="http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms"]http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms[/url]} IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "[url="http://www.gazeta.pl/0,0.html?p=128"]http://www.gazeta.pl/0,0.html?p=128[/url]" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pablo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pablo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-05-02 14:40:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-05-02 14:40:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-05-02 14:40:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-16 11:26:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Pablo\AppData\Roaming\IDM\idmmzcc5 [2012-01-16 11:27:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pablo\AppData\Roaming\mozilla\Extensions [2012-05-30 10:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pablo\AppData\Roaming\mozilla\Firefox\Profiles\ty3p1o84.default\extensions [2012-05-30 10:13:28 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Pablo\AppData\Roaming\mozilla\Firefox\Profiles\ty3p1o84.default\extensions\IplextoALL@ALLPlayer.org [2012-05-30 10:14:09 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Pablo\AppData\Roaming\mozilla\Firefox\Profiles\ty3p1o84.default\extensions\YouTubetoALL@ALLPlayer.org [2012-02-19 10:28:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-02-19 10:28:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-01-16 11:30:52 | 000,009,664 | ---- | M] () (No name found) -- C:\USERS\PABLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY3P1O84.DEFAULT\EXTENSIONS\{76C80A11-FAD4-406C-8246-F5ED4F9367B5}.XPI [2011-12-21 10:04:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-21 07:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-21 07:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-12-21 07:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-12-21 07:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-12-21 07:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-12-21 07:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Yahoo! UK & Ireland (Enabled) CHR - default_search_provider: search_url = [url="http://uk.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms"]http://uk.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms[/url]} CHR - default_search_provider: suggest_url = [url="http://uk-sayt.ff.search.yahoo.com/gossip-uk-sayt?output=fxjson&command={searchTerms"]http://uk-sayt.ff.search.yahoo.com/gossip-uk-sayt?output=fxjson&command={searchTerms[/url]} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Szukaj w Google = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Kaspersky URL Advisor = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\ CHR - Extension: Klawiatura wirtualna = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\ CHR - Extension: Blokowanie baner\u00F3w = C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\Toolbar\WebBrowser: (no name) - {096BEB20-06A2-4FB4-AC16-EF911F37775B} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKU\S-1-5-21-825864814-1420839680-3148799228-1000..\Run: [EPSON Stylus SX400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: &Download with AktivDownloadManager! - C:\Program Files\Aktiv Download Manager\aktivdownloadmanager.htm File not found O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Pablo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab"]http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[/url] (Shockwave ActiveX Control) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} [url="https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab"]https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab[/url] (HP Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00B804BE-4091-46A2-A096-6EFF2BF07038}: DhcpNameServer = 194.204.159.1 194.204.152.34 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-05-30 10:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-05-30 10:14:00 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Local\ALLConverter [2012-05-30 10:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-05-18 13:33:33 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll [2012-05-09 11:12:27 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012-05-09 11:12:26 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012-05-09 11:12:26 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-05-09 11:12:24 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012-05-03 20:29:35 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Roaming\Program Files [2012-04-29 12:17:32 | 000,000,000 | ---D | C] -- C:\Users\Pablo\AppData\Roaming\Publish Providers [2012-04-11 09:41:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-04-11 09:41:32 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-04-11 09:41:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-04-11 09:41:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-04-11 09:41:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-04-11 09:41:30 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-04-04 17:35:27 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [229 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-05-31 16:54:19 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-825864814-1420839680-3148799228-1000UA.job [2012-05-31 16:54:19 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-31 16:54:18 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-05-31 16:54:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-31 13:26:04 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-31 13:26:04 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-31 13:18:56 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-31 13:18:33 | 2413,719,552 | -HS- | M] () -- C:\hiberfil.sys [2012-05-31 13:16:29 | 000,698,356 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-05-31 13:16:29 | 000,616,452 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-05-31 13:16:29 | 000,135,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-05-31 13:16:29 | 000,106,574 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-05-30 18:43:40 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-825864814-1420839680-3148799228-1000Core.job [2012-05-28 12:00:00 | 000,000,500 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job [2012-05-24 12:41:20 | 000,002,397 | ---- | M] () -- C:\Users\Pablo\Desktop\Google Chrome.lnk [2012-05-21 12:19:15 | 000,000,017 | ---- | M] () -- C:\Windows\System32\shortcut_ex.dat [2012-05-19 18:42:53 | 000,070,210 | ---- | M] () -- C:\Users\Pablo\.recently-used.xbel [2012-05-18 13:53:49 | 000,059,424 | ---- | M] () -- C:\Users\Pablo\Documents\cc_20120322_093011.reg [2012-05-09 15:27:13 | 000,455,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-05-04 23:35:16 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-05-04 23:35:16 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-07 10:15:00 | 013,837,799 | ---- | M] () -- C:\Users\Pablo\Desktop\Projekt4 GOTOWE.jpg [229 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-21 12:19:15 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat [2012-05-19 18:42:53 | 000,070,210 | ---- | C] () -- C:\Users\Pablo\.recently-used.xbel [2012-04-07 10:14:49 | 013,837,799 | ---- | C] () -- C:\Users\Pablo\Desktop\Projekt4 GOTOWE.jpg [2012-04-04 17:35:32 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-02-26 16:40:21 | 000,007,606 | ---- | C] () -- C:\Users\Pablo\AppData\Local\Resmon.ResmonCfg [2012-02-18 13:25:54 | 000,017,408 | ---- | C] () -- C:\Users\Pablo\AppData\Local\WebpageIcons.db [2012-02-18 13:23:52 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2012-02-18 13:23:52 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2012-01-24 17:32:10 | 000,000,033 | ---- | C] () -- C:\Windows\DownloadStudioScheduleMonitor.INI [2012-01-24 15:28:34 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2012-01-24 15:23:34 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll [2012-01-24 15:23:34 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll [2011-09-15 02:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin [2011-08-21 11:06:57 | 000,176,640 | ---- | C] () -- C:\Windows\alt_uninstal.exe [2011-03-11 13:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2010-09-21 21:09:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-09-09 22:18:25 | 000,028,672 | ---- | C] () -- C:\Windows\System32\hlduinst.exe [2010-09-09 22:18:24 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE [2010-08-21 13:31:28 | 000,004,096 | -H-- | C] () -- C:\Users\Pablo\AppData\Local\keyfile3.drm [2010-08-20 11:05:59 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2010-08-16 14:37:05 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-08-16 14:37:05 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2010-08-16 10:44:00 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2010-08-16 10:44:00 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2010-08-16 10:44:00 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2010-08-16 10:44:00 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2010-08-16 10:44:00 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2010-08-16 10:44:00 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2010-08-16 10:44:00 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2010-08-16 10:44:00 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2010-08-16 10:44:00 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2010-08-16 10:44:00 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2010-08-16 10:44:00 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2010-08-16 10:44:00 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2010-08-16 10:44:00 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2010-08-16 10:44:00 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2010-08-16 10:44:00 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2010-08-16 10:44:00 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2010-08-16 10:44:00 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2010-08-16 10:44:00 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2010-08-16 10:44:00 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2010-08-15 14:37:45 | 000,000,026 | ---- | C] () -- C:\Windows\CDE SX400EXPORT.ini [color=#E56717]========== LOP Check ==========[/color] [2012-04-01 11:29:49 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Alawar [2010-08-20 11:36:30 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Ashampoo [2011-04-26 14:35:19 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\DeepBurner [2012-02-18 14:10:55 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\DMCache [2011-12-25 15:43:05 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\DVDVideoSoft [2011-12-25 15:42:38 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\DVDVideoSoftIEHelpers [2010-08-20 20:18:11 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\EPSON [2012-05-30 10:06:28 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\FreeFLVConverter [2011-06-27 18:12:46 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Gadu-Gadu 10 [2012-05-19 18:42:53 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\gtk-2.0 [2011-06-27 18:16:34 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\OpenFM [2010-08-16 11:34:40 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\OpenOffice.org [2012-05-03 20:29:35 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Program Files [2012-04-29 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Publish Providers [2012-01-09 22:57:48 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Recolored [2012-05-22 21:22:01 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\SoftGrid Client [2012-04-29 12:17:29 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Sony [2012-03-04 23:11:13 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\Stellarium [2010-08-19 20:48:29 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\TP [2012-03-22 10:29:20 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\uTorrent [2012-05-20 12:41:53 | 000,000,000 | ---D | M] -- C:\Users\Pablo\AppData\Roaming\XnView [2012-05-28 12:00:00 | 000,000,500 | ---- | M] () -- C:\Windows\Tasks\One-Click Tweak.job [2012-05-21 10:38:13 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:5CB1E0D3 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:553CA6CA < End of report > [/log]
Gość komentarz 31 maja 2012 komentarz 31 maja 2012 (edytowane) Uruchom OTL i w oknie Włąsne opcje skanowania/skrypt wklej: [code]:OTL IE - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\URLSearchHook: {096beb20-06a2-4fb4-ac16-ef911f37775b} - No CLSID value found O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-825864814-1420839680-3148799228-1000\..\Toolbar\WebBrowser: (no name) - {096BEB20-06A2-4FB4-AC16-EF911F37775B} - No CLSID value found. @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:5CB1E0D3 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:553CA6CA :Commands [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b] 2. Po usuwaniu uruchom OTL ponownie i kliknij [b]Sprzatanie.[/b] 3. Zaktualizuj Mozilla Firefox 9.0.1 (x86 pl) To wszystko.
Kapi komentarz 31 maja 2012 Autor komentarz 31 maja 2012 Zrobione. Mam nadzieję, że dobrze. A o co chodzi z tymi wszystkimi 'robótkami'? Co tam w tych logach było nie tak, że musiałem wykonywac te wszystkie polecenia? Dla mnie to czarna magia - zwłaszcza ten ostatni skrypt. Po co on był? Miałem w komputerze jakieś robale czy coś? Bo jak się domyślam, to FireFoix był problematyczny. Ja z niego w ogóle nie korzystam. Kiedyś był mi potrzebny, i tak sobie został. To jak to w końcu z tym moim komputerem jest albo było...? A w ogóle to już teraz dziękuję za okazaną pomoc. Jestem na prawde wdzięczny.
Gość komentarz 1 czerwca 2012 komentarz 1 czerwca 2012 [quote]A o co chodzi z tymi wszystkimi 'robótkami'? Co tam w tych logach było nie tak, że musiałem wykonywac te wszystkie polecenia?[/quote] Miałes trochę śmieci, które wpuściłeś sam w czasie nieuwaznej instalacji programów. Mam na mysli paski sponsoringowe do przegladarek. Było tez kilka starych kluczy rejestru, tzw martwe wpisy. [quote]Bo jak się domyślam, to FireFoix był problematyczny. Ja z niego w ogóle nie korzystam.[/quote] Skoro nie korzystasz z Firefoxa to go odinstaluj.
Kapi komentarz 1 czerwca 2012 Autor komentarz 1 czerwca 2012 Zawsze staram się uważać na to co instaluję.Zawsze wykonuję instalację zaawansowaną, i wybieram sobie składniki. Tylko że niektóre pliki (chyba własnie takie podstępne) wystarczy tylko kliknąć, a one raz dwa i już bez pytania zameldowane na komputerze. No ale najwyraźniej komuś udało się mnie przechytrzyć. A te martwe wpisy itd. to już sprzątałem CCleanerem, ale one to chyba na bieżąco powstają. Ten FireFox był mi potrzebny kiedyś do ściągnięcia dużej ilości plików, konkretnie skanów dokumentów zamieszczonych w bardzo niepraktyczny sposób na stronie www, i ktoś własnie mi podpowiedział sposób, w jaki można to przyspieszyć za pomoca FireFoxa. Nie wiem, czy jeszcze nie będzie mi potrzebny. Ale może masz rację. W razie potrzeby zainstaluję go sobie na nowo, a póki co nie ma sensu, aby mi tu mieszał. A wrócę jeszcze do tego skryptu, co to go wkleiłem do OTL. To tak miało być, że komputer się restartuje, i potem dopiero się uruchamia? Bo trochę się przestraszyłem, czy nie namiesza mi w systemie, a jeszcze po restarcie wyskoczyło okienko, że wydawca tego OTLa nieznany. Wykonywałem to z dusza na ramieniu. Bezpieczne to było?
Gość komentarz 1 czerwca 2012 komentarz 1 czerwca 2012 [quote]A wrócę jeszcze do tego skryptu, co to go wkleiłem do OTL. To tak miało być, że komputer się restartuje, i potem dopiero się uruchamia? Bo trochę się przestraszyłem, czy nie namiesza mi w systemie, a jeszcze po restarcie wyskoczyło okienko, że wydawca tego OTLa nieznany. Wykonywałem to z dusza na ramieniu. Bezpieczne to było? [/quote] Restart jest normalny po wykonaniu tego skryptu. Narzedzie jest bezpieczne. Niczym sie nie przejmuj. [quote] Ten FireFox był mi potrzebny kiedyś do ściągnięcia dużej ilości plików, konkretnie skanów dokumentów zamieszczonych w bardzo niepraktyczny sposób na stronie www, i ktoś własnie mi podpowiedział sposób, w jaki można to przyspieszyć za pomoca FireFoxa. Nie wiem, czy jeszcze nie będzie mi potrzebny. Ale może masz rację. [/quote] Firefox to bardzo dobra przegladarka. Ale jak wolisz korzystać z IE - twoja sprawa.
Kapi komentarz 1 czerwca 2012 Autor komentarz 1 czerwca 2012 No to wszystko very good. Będę się przysłuchiwać, czy nic już do mnie nie zagada z komputera. Bardzo dziękuję za szybką, konkretną i fachową pomoc. Jestem bardzo wdzięczny. Pozdrawiam serdecznie.
Gość komentarz 1 czerwca 2012 komentarz 1 czerwca 2012 [quote]Będę się przysłuchiwać, czy nic już do mnie nie zagada z komputera. [/quote] Na jakiej stronie to występuje? Na to masz zwrócić uwagę.
Kapi komentarz 1 czerwca 2012 Autor komentarz 1 czerwca 2012 Dwukrotnie wystąpiło na Onecie. Trzeci raz (czyli ten pierwszy) to już nie pamiętam. Nie wiem czy to przypadek bo na Onet wchodzę dość często więc duża szansa że przypadek. Od razu zacząlem przeszukiwać stronę, czy są tam jakieś gadające reklamy, ale nic kompletnie nie było. Żadnych reklam, skryptów, filmów itp. I tylko to 'congratulations' jakby z zaświatów.
Gość komentarz 2 czerwca 2012 komentarz 2 czerwca 2012 [quote]Dwukrotnie wystąpiło na Onecie. Trzeci raz (czyli ten pierwszy) to już nie pamiętam. Nie wiem czy to przypadek bo na Onet wchodzę dość często [/quote] Możliwe że na Onecie któraś z aplikacji na stronie gada. Kliknales przypadkowo na link i usłyszaleś głos. jak mowiłem w logach nic nie ma co mogłoby definiować problem.
Kapi komentarz 2 czerwca 2012 Autor komentarz 2 czerwca 2012 No własnie jest to o tyle dziwne, że często wchodzę na Onet, a ten głos odezwał się w ciągu miesiąca tylko 3 razy. Myślę, że jakby to pochodziło z Onetu, to byłoby bardziej powtarzalne. No ale mimo wszystko nie można tego wykluczyć, że to jednak Onet gada, choć mnie osobiście ciężko w to uwierzyć. To 'congratulations' brzmi trochę tak, jak gratulacje za jakąś zakończoną sukcesem operację. Dlatego mnie to zaniepokoiło, bo może mi się tam coś po kryjomu ściąga albo instaluje. Nigdy wcześniej tego nie było. A może jakiś program ma włączone automatyczne aktualizacje, i zaczął gratulować po ściągnięciu. W dwóch przypadkach nie pamiętam jak to było, ale ostatnim razem na pewno nie kliknąłem na żaden link, bo czytałem coś tam, i głos odezwał się samoczynnie. Zobaczymy, jak będzie teraz. W sumie nieważne co to jest. Ważne, że nie mam w systemie żadnych wirusów czy głupich dodatków szpiegujących. Jeszcze zrobię pełny skan Kasperskym i tylko będę obserwować, co się będzie działo.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.