Laptop wiesza się przy każdej możliwej okazji i lami

[komotolek]

Witam. jestem kobietą i potrzebuję trochę męskiej pomocy ;(
Zrobiłam wszystko oprócz gmera, jako że mój przeglądarka nie odpala żadnej stronki żeby ten program zainstalować. Zakładam, że mogą być wirusy, laptop chodzi bardzo wolno, wiesza się przy najprostszych działaniach i nie odpowiada przez jakiś czas, działa poprawnie przez 2 minuty po czym znów to samo.
Laptop ASUS F5, AMD Turion 64 Mobile MK 38, 2.21 GHz, 960 MB RAM

LOGI:

Kod: Zaznacz wszystko

OTL logfile created on: 2010-07-04 21:43:32 - Run 1
OTL by OldTimer - Version 3.2.7.1     Folder = C:\Documents and Settings\leszek kowalski\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

959,00 Mb Total Physical Memory | 497,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,28 Gb Total Space | 13,33 Gb Free Space | 45,54% Space Free | Partition Type: FAT32
Drive D: | 42,86 Gb Total Space | 42,66 Gb Free Space | 99,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TWOJA-F464ED585
Current User Name: leszek kowalski
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-07-04 21:41:30 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\leszek kowalski\Pulpit\OTL.exe
PRC - [2009-09-17 17:29:50 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-09-15 12:56:48 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-09-15 12:56:44 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-09-15 12:56:28 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-09-15 12:54:14 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-09-15 12:49:40 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008-10-29 12:12:10 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-01-29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2006-11-16 19:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-11-16 18:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006-10-14 11:43:32 | 000,069,632 | ---- | M] (ASUS) -- C:\WINDOWS\system32\ASUSTPE.exe
PRC - [2006-10-14 02:37:40 | 000,110,592 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2006-09-19 13:20:18 | 001,101,824 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
PRC - [2006-08-10 07:08:04 | 002,379,776 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2006-07-26 18:01:06 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
PRC - [2006-07-25 18:03:44 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006-07-04 15:09:28 | 000,336,001 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2006-06-29 14:40:52 | 000,774,144 | ---- | M] () -- C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
PRC - [2006-06-08 20:33:02 | 000,053,248 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2006-06-01 14:02:54 | 000,491,520 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
PRC - [2006-05-30 10:28:20 | 000,811,008 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2006-03-25 18:17:26 | 000,278,613 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2006-03-21 07:54:22 | 000,544,768 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe
PRC - [2006-02-21 15:20:54 | 000,180,224 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2005-10-17 17:09:34 | 000,987,136 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2005-07-06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\WINDOWS\system32\ACEngSvr.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-07-04 21:41:30 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\leszek kowalski\Pulpit\OTL.exe
MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-05-17 16:39:26 | 000,028,672 | ---- | M] () -- C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2009-09-15 12:56:44 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-09-15 12:56:28 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-09-15 12:54:14 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-09-15 12:49:40 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008-10-09 13:47:42 | 001,079,176 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2008-06-13 16:29:14 | 000,356,920 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2008-01-29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2006-07-25 18:03:44 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006-07-25 18:03:44 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006-03-25 18:17:26 | 000,278,613 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-07-04 21:23:38 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-09-15 12:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-09-15 12:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 12:55:20 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-09-15 12:54:30 | 000,052,368 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-09-15 12:54:22 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-09-15 12:53:24 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-01-06 09:35:50 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008-04-13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2006-11-02 18:32:30 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-08-08 23:15:14 | 001,116,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)
DRV - [2006-08-08 23:15:14 | 000,007,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)
DRV - [2006-07-17 07:49:54 | 000,494,080 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006-07-10 07:22:02 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-07-10 07:21:58 | 000,057,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-06-18 08:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-06-10 00:07:28 | 000,027,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2006-06-02 14:27:18 | 000,034,944 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipswuio.sys -- (ipswuio)
DRV - [2006-05-25 04:40:58 | 000,193,088 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006-04-26 19:48:00 | 003,659,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-03-21 08:04:24 | 000,889,472 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005-11-14 16:51:22 | 000,010,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2005-02-17 08:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2004-05-27 19:13:04 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\ATK0100\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKU\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/webhp?hl=pl&tab=iw
IE - HKU\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-790008127-671981967-2051303983-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-08-28 09:25:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008-10-19 18:39:04 | 000,000,000 | ---D | M]

[2008-10-19 18:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\Mozilla\Extensions
[2008-10-19 18:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\Mozilla\Firefox\Profiles\pbzh0nwd.default\extensions
[2010-06-10 09:30:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\Mozilla\Firefox\Profiles\pbzh0nwd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-08-29 15:42:30 | 000,000,000 | ---D | M] (BitComet Helper) -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\Mozilla\Firefox\Profiles\pbzh0nwd.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2008-10-19 18:39:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008-01-23 08:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-07-31 00:44:16 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-31 00:44:16 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-07-31 00:44:16 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-07-31 00:44:16 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-07-31 00:44:16 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-07-31 00:44:16 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-790008127-671981967-2051303983-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-790008127-671981967-2051303983-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-790008127-671981967-2051303983-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-790008127-671981967-2051303983-1005\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe ()
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\S-1-5-21-790008127-671981967-2051303983-1005..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe (ASUS)
O4 - HKU\S-1-5-21-790008127-671981967-2051303983-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-790008127-671981967-2051303983-1005..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-790008127-671981967-2051303983-1005..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe (ASUS)
O4 - HKU\S-1-5-21-790008127-671981967-2051303983-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MultiFrame.lnk = C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe (ASUSTek Computer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.145.129.234 83.145.135.66
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\leszek kowalski\Dane aplikacji\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\leszek kowalski\Dane aplikacji\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-09-19 13:14:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{32bd70fc-0c02-11de-b811-001d606c1b6e}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-07-04 21:41:27 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\leszek kowalski\Pulpit\OTL.exe
[2010-07-04 21:37:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-07-04 21:23:10 | 000,880,624 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\leszek kowalski\Pulpit\SPTDinst-v162-x86.exe
[2010-06-30 18:36:10 | 000,000,000 | -HSD | C] -- C:\FOUND.000
[2010-06-11 20:13:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Moje obrazy
[2010-06-11 20:13:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2010-06-10 09:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2010-06-10 04:40:26 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010-06-08 06:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\leszek kowalski\Ustawienia lokalne\Dane aplikacji\Ahead
[2010-06-08 06:00:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\Ahead
[2010-06-08 05:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero
[2010-06-08 05:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010-06-08 05:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010-06-08 05:55:16 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010-06-08 05:55:14 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-07-04 21:45:00 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4DEC455E-151E-4FAA-BC28-26E214AB7C8D}.job
[2010-07-04 21:41:30 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\leszek kowalski\Pulpit\OTL.exe
[2010-07-04 21:37:30 | 000,002,000 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Pulpit\HiJackThis.lnk
[2010-07-04 21:37:10 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Pulpit\HiJackThis.msi
[2010-07-04 21:31:30 | 000,050,868 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-04 21:30:28 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010-07-04 21:30:12 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-04 21:30:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-04 21:30:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-04 21:29:50 | 1005,834,240 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-04 21:28:46 | 005,931,008 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\ntuser.dat
[2010-07-04 21:28:46 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\leszek kowalski\ntuser.ini
[2010-07-04 21:23:38 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-07-04 21:23:14 | 000,880,624 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\leszek kowalski\Pulpit\SPTDinst-v162-x86.exe
[2010-07-04 20:50:02 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-03 07:24:08 | 000,000,962 | -H-- | M] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Picasa.ini
[2010-07-03 07:22:42 | 000,609,502 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\img151.jpg
[2010-07-03 07:21:32 | 000,624,718 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\img150.jpg
[2010-07-02 04:43:36 | 000,001,639 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-06-30 19:48:30 | 001,391,660 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Blake Jennifer - Bezwstydnica.pdf
[2010-06-30 19:48:12 | 005,708,525 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Basso Adrienne - Szlachetna przysięga.pdf
[2010-06-30 19:45:44 | 001,315,840 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Amanda Quick - Bestia.doc
[2010-06-24 16:59:12 | 000,002,259 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-06-24 04:57:18 | 001,425,974 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-24 04:57:18 | 000,658,230 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-24 04:57:18 | 000,562,826 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-24 04:57:18 | 000,132,378 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-24 04:57:18 | 000,098,946 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-18 12:17:18 | 000,000,189 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\default.pls
[2010-06-18 12:16:34 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-16 08:02:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-10 20:21:46 | 001,324,296 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Brandewyn_Rebecca_-_Klatwa_skarabeusza.pdf
[2010-06-10 09:31:44 | 000,000,555 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Pulpit\RegCleane.lnk
[2010-06-10 08:43:12 | 000,107,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-10 05:16:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-06-08 21:21:10 | 000,000,736 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010-06-08 06:01:14 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2010-06-08 06:01:14 | 000,002,215 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home Essentials SE.lnk
[2010-06-05 06:31:08 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Pulpit\WinXP Manager.lnk
[2010-06-05 06:30:34 | 000,021,536 | ---- | M] () -- C:\Documents and Settings\leszek kowalski\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-04 21:37:29 | 000,002,000 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Pulpit\HiJackThis.lnk
[2010-07-04 21:37:05 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Pulpit\HiJackThis.msi
[2010-07-04 21:23:35 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-07-03 07:22:39 | 000,609,502 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\img151.jpg
[2010-07-03 07:21:29 | 000,624,718 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\img150.jpg
[2010-06-30 19:48:25 | 001,391,660 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Blake Jennifer - Bezwstydnica.pdf
[2010-06-30 19:48:10 | 005,708,525 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Basso Adrienne - Szlachetna przysięga.pdf
[2010-06-30 19:45:39 | 001,315,840 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Amanda Quick - Bestia.doc
[2010-06-18 12:17:16 | 000,000,189 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\default.pls
[2010-06-18 12:16:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-10 20:21:40 | 001,324,296 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Moje dokumenty\Brandewyn_Rebecca_-_Klatwa_skarabeusza.pdf
[2010-06-10 09:31:42 | 000,000,555 | ---- | C] () -- C:\Documents and Settings\leszek kowalski\Pulpit\RegCleane.lnk
[2010-06-08 06:01:12 | 000,002,295 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2010-06-08 06:01:12 | 000,002,215 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home Essentials SE.lnk
[2010-06-04 12:43:21 | 000,000,736 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009-09-09 18:47:00 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-12-25 13:38:59 | 000,003,378 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2008-10-04 10:32:35 | 000,000,024 | ---- | C] () -- C:\WINDOWS\ATKPF.ini
[2008-09-20 20:12:59 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008-09-20 20:12:04 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2008-09-19 13:51:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008-09-19 13:43:21 | 000,000,553 | ---- | C] () -- C:\WINDOWS\System32\drivers\AW1012d.ini
[2008-09-19 13:42:33 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008-09-19 12:58:01 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-09-19 12:58:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-09-19 12:57:59 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-09-19 12:57:56 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-09-19 12:57:51 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008-09-19 12:52:23 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynSam.sys
[2008-09-19 12:52:23 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynScan.sys
[2008-09-19 12:52:18 | 000,498,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynPin.sys
[2008-09-19 12:52:17 | 001,116,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynMini.sys
[2008-09-19 12:52:17 | 000,028,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynCamd.sys
[2008-09-19 12:50:23 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004-11-24 07:38:18 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004-11-24 07:38:18 | 000,002,524 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[color=#E56717]========== LOP Check ==========[/color]

[2008-09-20 20:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON
[2008-09-20 20:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL
[2009-02-28 08:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-09-20 20:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\EPSON
[2008-09-25 19:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\Gadu-Gadu
[2009-03-22 12:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\Leadertech
[2009-04-12 18:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2009-12-25 23:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\leszek kowalski\Dane aplikacji\BESTplayer
[2010-07-04 21:45:00 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{4DEC455E-151E-4FAA-BC28-26E214AB7C8D}.job

[color=#E56717]========== Purity Check ==========[/color]


< End of report >

Kod: Zaznacz wszystko

OTL Extras logfile created on: 2010-07-04 21:43:32 - Run 1
OTL by OldTimer - Version 3.2.7.1     Folder = C:\Documents and Settings\leszek kowalski\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

959,00 Mb Total Physical Memory | 497,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,28 Gb Total Space | 13,33 Gb Free Space | 45,54% Space Free | Partition Type: FAT32
Drive D: | 42,86 Gb Total Space | 42,66 Gb Free Space | 99,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TWOJA-F464ED585
Current User Name: leszek kowalski
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-790008127-671981967-2051303983-1005\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\PROGRA~1\MICROS~2\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\PROGRA~1\MICROS~2\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"21873:TCP" = 21873:TCP:*:Enabled:BitComet 21873 TCP
"21873:UDP" = 21873:UDP:*:Enabled:BitComet 21873 UDP
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Program instalacyjny klienta Atheros
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}" = WinXP Manager
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{89DDBCD4-B326-4545-9A05-26C7B16C1DEB}" = PowerForPhone
"{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite
"{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = Asus MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F87DA817-8D53-42CC-AA45-93A100341045}" = Nero 7 Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"avast!" = avast! Antivirus
"BitComet" = BitComet 0.99
"CX4300_5500_DX4400 Podręcznik" = CX4300_5500_DX4400 Podręcznik
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EPSON Printer and Utilities" = Software tiskárny EPSON
"EPSON Scanner" = EPSON Scan
"Gadu-Gadu" = Gadu-Gadu 7.7
"Google Chrome" = Google Chrome
"Google Updater" = Aktualizator Google
"HControl" = ATK0100 ACPI UTILITY
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.83
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Spyware Doctor" = Spyware Doctor 6.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam
"VLC media player" = VLC media player 1.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"yBook_is1" = yBook

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2009-11-15 11:06:24 | Computer Name = TWOJA-F464ED585 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://nasza-klasa.pl/friends_list/3207664/1/459/1258279488?t=4b09534cfe1ed3cb940e3666
failed, 0000A413. 

[ Application Events ]
Error - 2010-06-22 11:49:49 | Computer Name = TWOJA-F464ED585 | Source = swg | ID = 1
Description =

Error - 2010-06-23 11:58:58 | Computer Name = TWOJA-F464ED585 | Source = swg | ID = 1
Description =

Error - 2010-06-23 12:20:17 | Computer Name = TWOJA-F464ED585 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-06-24 12:45:15 | Computer Name = TWOJA-F464ED585 | Source = swg | ID = 1
Description =

Error - 2010-06-26 16:53:29 | Computer Name = TWOJA-F464ED585 | Source = Google Update | ID = 20
Description =

Error - 2010-06-27 02:50:25 | Computer Name = TWOJA-F464ED585 | Source = Google Update | ID = 20
Description =

Error - 2010-07-01 09:45:21 | Computer Name = TWOJA-F464ED585 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-07-01 09:45:26 | Computer Name = TWOJA-F464ED585 | Source = Application Hang | ID = 1001
Description = Pakiet błędów 1180947459.

Error - 2010-07-04 14:58:48 | Computer Name = TWOJA-F464ED585 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca Picasa3.exe, wersja 3.6.105.41, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-07-04 15:00:18 | Computer Name = TWOJA-F464ED585 | Source = Application Hang | ID = 1001
Description = Pakiet błędów 1727874982.

[ System Events ]
Error - 2010-07-04 15:31:46 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:31:48 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:31:51 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:37:32 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:37:34 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:37:36 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:37:39 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:37:43 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:37:45 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2010-07-04 15:37:48 | Computer Name = TWOJA-F464ED585 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.


< End of report >



Dodano Dzisiaj, 22:08:
i jeszcze link na wklejce do HiJackThis:

http://wklej.org/id/360358/

[NieWiem]

Podobno jestem mężczyzną

Nie rozumiem, nie wchodzi Ci strona z Gmerem czy jak?

Bo ten raport będzie tutaj niezbędny.

[komotolek]

strona z gmerem nie wchodzi, pokazuje "nie można wyświetlić strony", próbowałam z różnych lokalizacji i nie mogę się do niego dostać ;(

a w tym co podałam nie da się nic znaleźć?

[NieWiem]

Gmer skanuje komputer pod zupełnie innym kątem, pod którym nie skanuje OTL.

Zajrzyj za 7 minut, będzie dla Ciebie "prezent-niespodzianka"

EDIT::
Nawet szybciej się udało. Proszę, tutaj masz Gmera ode mnie w prezencie:
KLIK

[komotolek]

tevxid3r.exe ????

[NieWiem]

Tak, tak jest zapisany. Uruchom go i wykonaj z niego raport.

[komotolek]

Kod: Zaznacz wszystko

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-04 22:42:01
Windows 5.1.2600 Dodatek Service Pack 3
Running: tevxid3r.exe; Driver: C:\DOCUME~1\LESZEK~1\USTAWI~1\Temp\kwgcypob.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwClose [0xF43516B8]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwCreateKey [0xF4351574]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwDeleteValueKey [0xF4351A52]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwDuplicateObject [0xF435114C]
SSDT            spll.sys                                                                                                      ZwEnumerateKey [0xF7361DA4]
SSDT            spll.sys                                                                                                      ZwEnumerateValueKey [0xF7362132]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwOpenKey [0xF435164E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwOpenProcess [0xF435108C]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwOpenThread [0xF43510F0]
SSDT            spll.sys                                                                                                      ZwQueryKey [0xF736220A]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwQueryValueKey [0xF435176E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwRestoreKey [0xF435172E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwSetValueKey [0xF43518AE]

INT 0x82        ?                                                                                                             8596EBF8
INT 0x83        ?                                                                                                             8596EBF8
INT 0x83        ?                                                                                                             8596EBF8
INT 0x83        ?                                                                                                             857B5F00
INT 0x83        ?                                                                                                             8596EBF8

---- Kernel code sections - GMER 1.0.15 ----

?               spll.sys                                                                                                      Nie można odnaleźć określonego pliku. !
.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                      section is writeable [0xF6E2C360, 0x2217AD, 0xE8000020]
.text           USBPORT.SYS!DllUnload                                                                                         F6DB48AC 3 Bytes  JMP 857B54E0
.text           USBPORT.SYS!DllUnload + 4                                                                                     F6DB48B0 1 Byte  [8E]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                            [F734A042] spll.sys
IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                    [F734A13E] spll.sys
IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                           [F734A0C0] spll.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                   [F734A800] spll.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                           [F734A6D6] spll.sys
IAT             \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                            [F7359B90] spll.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\WINDOWS\system32\services.exe[716] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW]  003E0002
IAT             C:\WINDOWS\system32\services.exe[716] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW]        003E0000

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                        846A91F8

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                        aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device          \FileSystem\Fastfat \FatCdrom                                                                                 8596D1F8

AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                      aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                                       SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                                                       SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device          \Driver\usbohci \Device\USBPDO-0                                                                              857B81F8
Device          \Driver\usbehci \Device\USBPDO-1                                                                              8574F500

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                     aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                        859DB1F8
Device          \Driver\Cdrom \Device\CdRom0                                                                                  85769500
Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                        859DB1F8
Device          \Driver\Ftdisk \Device\HarddiskVolume3                                                                        859DB1F8
Device          \Driver\atapi \Device\Ide\IdePort0                                                                            [F72C2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5                                                                   [F72C2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort1                                                                            [F72C2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort2                                                                            [F72C2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort3                                                                            [F72C2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12                                                                  [F72C2B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                       8471E1F8
Device          \Driver\NetBT \Device\NetbiosSmb                                                                              8471E1F8

AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                     aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                   aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device          \Driver\usbohci \Device\USBFDO-0                                                                              857B81F8
Device          \Driver\usbehci \Device\USBFDO-1                                                                              8574F500
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                             846AC1F8
Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                                   846AC1F8
Device          \Driver\Ftdisk \Device\FtControl                                                                              859DB1F8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{5B802830-2251-4164-BECB-8AE7646C5E3E}                                      8471E1F8
Device          \FileSystem\Fastfat \Fat                                                                                      8596D1F8

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                      fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice  \FileSystem\Fastfat \Fat                                                                                      aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device          \FileSystem\Cdfs \Cdfs                                                                                        846BE1F8

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                            771343423
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                            285507792

---- EOF - GMER 1.0.15 ----



[NieWiem]

To jest

Rootkit quick scan

Ja potrzebuję cały skan i nie ma, że boli...

[komotolek]

Ja potrzebuję cały skan i nie ma, że boli...

coś źle skopiowałam chyba... teraz lepiej??

[NieWiem]

Dużo lepiej.


= = = = = C O M B O F I X = = = = =

Zamknij wszystko nad czym aktualnie pracujesz, także wyłącz swój program antywirusowy, zaporę, programy antyspyware. To ważne. Jak to zrobić, opisane tutaj.
Pamiętaj także o wyinstalowaniu wirtualnych napędów i usunięciu ich sterownika: klik

Pobierz ComboFixa od sUBs'a:
stąd lub stąd

ZANIM UŻYJESZ - Przeczytaj dokładnie jego instrukcję:
http://www.bleepingcomputer.com/combofix/pl/instrukcja-uzycia-combofix

Zalecam instalowanie Konsoli Odzyskiwania (XP, 2000), lub zaopatrzenie się w płytę WinRE (Vista, Se7en). Mimo wszystko ComboFix nie jest doskonały.

Przeklej na forum wyniki pracy narzędzia. Będą automatycznie otwarte w notatniku, znajdziesz je także w pliku C:\ComboFix.txt

[komotolek]

zrobiłam zgodnie z tym co tam napisane (niestety mam avasta) i pomimo zatrzymania tej ochrony Combofix i tak mi krzyczy że avast jest wciąż włączony. co robić? odpalać fixa czy jakoś inaczej jeszcze wyłączyć avasta?

[NieWiem]

Czy wyłączyłaś wszystkie opcje w Avaście? Tam trzeba Prawoklik i wyłączyć wszystko po kolei, jest chyba z 6 czy 7 tych opcji...

[komotolek]

zrobiłam "zatrzymaj..." i pokazało że nastąpiło zatrzymanie tych wszystkich 7 procesów
... i pokazuje "liczba dostawców 7, uruchomionych 0

[NieWiem]

Tp puść ComboFixa, niech leci. Wklej raport.

[komotolek]

Kod: Zaznacz wszystko

ComboFix 10-07-04.01 - leszek kowalski 2010-07-04  23:16:22.1.1 - FAT32x86
Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.959.540 [GMT 2:00]
Uruchomiony z: c:\documents and settings\leszek kowalski\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 100704-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

(((((((((((((((((((((((((   Pliki utworzone od 2010-06-04 do 2010-07-04  )))))))))))))))))))))))))))))))
.

2010-07-04 19:37 . 2010-07-04 19:37   388096   ----a-r-   c:\documents and settings\leszek kowalski\Dane aplikacji\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-04 19:37 . 2010-07-04 19:37   --------   d-----w-   c:\program files\Trend Micro
2010-06-30 16:36 . 2010-06-30 16:36   --------   d-----w-   C:\FOUND.000
2010-06-10 07:31 . 2010-06-10 07:31   --------   d-----w-   c:\program files\RegCleaner
2010-06-10 02:40 . 2010-05-06 10:35   743424   ------w-   c:\windows\system32\dllcache\iedvtool.dll
2010-06-08 04:04 . 2010-06-08 04:04   --------   d-----w-   c:\documents and settings\leszek kowalski\Ustawienia lokalne\Dane aplikacji\Ahead
2010-06-08 04:00 . 2010-06-08 04:00   --------   d-----w-   c:\documents and settings\leszek kowalski\Dane aplikacji\Ahead
2010-06-08 03:55 . 2010-06-08 03:55   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Nero
2010-06-08 03:55 . 2010-06-08 03:55   --------   d-----w-   c:\program files\Nero
2010-06-08 03:55 . 2010-06-08 03:55   --------   d-----w-   c:\program files\Common Files\Ahead

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-24 02:57 . 2004-11-24 05:37   658230   ----a-w-   c:\windows\system32\perfh015.dat
2010-06-24 02:57 . 2004-11-24 05:37   132378   ----a-w-   c:\windows\system32\perfc015.dat
2010-06-05 04:30 . 2008-09-19 15:14   21536   ----a-w-   c:\documents and settings\leszek kowalski\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-06-04 11:17 . 2010-06-04 11:17   --------   d-----w-   c:\program files\VS Revo Group
2010-05-06 10:35 . 2004-11-24 05:37   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-05-02 08:10 . 2004-11-24 05:37   1851520   ----a-w-   c:\windows\system32\win32k.sys
2010-04-20 05:34 . 2004-11-24 05:37   285696   ----a-w-   c:\windows\system32\atmfd.dll
.

------- Sigcheck -------

[7] 2004-08-04 . CBFA30492D70CE3938D8A7783D0C0436 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

c:\windows\System32\ctfmon.exe ...  - brak elementu !!
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2006-10-14 69632]
"Net4Switch"="c:\program files\ASUS\Net4Switch\Net4Switch.exe" [2006-09-19 1101824]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-29 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-26 7561216]
"nwiz"="nwiz.exe" [2006-04-26 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-26 86016]
"SMSERIAL"="c:\windows\sm56hlpr.exe" [2006-03-21 544768]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2006-02-21 180224]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2006-05-30 811008]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"PowerForPhone"="c:\program files\ASUS\PowerForPhone\PowerForPhone.exe" [2006-06-29 774144]
"ACU"="c:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
MultiFrame.lnk - c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe [2008-9-19 491520]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-06 21:46   57344   ----a-w-   c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 01:43   69632   ----a-w-   c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]
2007-03-01 06:01   180736   ----a-w-   c:\windows\system32\spool\drivers\w32x86\3\E_FATICAE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
2008-03-20 10:04   2127296   ----a-w-   c:\program files\Gadu-Gadu\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 17:21   1695232   ----a-w-   c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-10-31 17:42   32768   ----a-w-   c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-10-30 02:49   16269312   ----a-w-   c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 01:04   2879488   ----a-w-   c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-08-28 07:18   149280   ----a-w-   c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21873:TCP"= 21873:TCP:BitComet 21873 TCP
"21873:UDP"= 21873:UDP:BitComet 21873 UDP

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-09-27 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-09-27 20560]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [2008-09-19 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [2008-09-19 7808]
S2 gupdate1c98f57664050ac;Usługa Google Update (gupdate1c98f57664050ac);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 133104]
S3 ipswuio;ipswuio;c:\windows\system32\drivers\ipswuio.sys [2008-09-19 34944]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-02-28 356920]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
Zawartość folderu 'Zaplanowane zadania'

2010-07-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-19 13:49]

2010-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 09:22]

2010-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 09:22]

2010-07-04 c:\windows\Tasks\User_Feed_Synchronization-{4DEC455E-151E-4FAA-BC28-26E214AB7C8D}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/webhp?hl=pl&tab=iw
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\leszek kowalski\Dane aplikacji\Mozilla\Firefox\Profiles\pbzh0nwd.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - USUNIĘTO PUSTE WPISY - - - -

MSConfigStartUp-CTFMON - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-04 23:19
Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPI

skanowanie ukrytych procesów ... 

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ... 

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'explorer.exe'(3736)
c:\windows\system32\WININET.dll
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Czas ukończenia: 2010-07-04  23:21:04
ComboFix-quarantined-files.txt  2010-07-04 21:21

Przed: 14 227 718 144 bajtów wolnych
Po: 14 821 326 848 bajtów wolnych

WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 00C411D09E6AD9A3F599C8584C61571B


[NieWiem]

Cudownie. Mamy tutaj "wielkie nic"


= = = = = M A L W A R E B Y T E S ' = = = = =

Pobierz i zainstaluj MBAM:
mirror do pobrania

Podczas instalacji zaznaczone mają być opcje:

• Update Malwarebytes' Anti-Malware
• Launch Malwarebytes' Anti-Malware

Wykonaj pełne skanowanie i pokaż raport.

[komotolek]

a może tam po prostu nic nie ma? komputer był niedawno oddany w ręce specjalisty, ale znów zaczął wariować. czy jest możliwe, że na przykład usługa asus update powoduje jakieś drastyczne spowolnienia? lub tego typu programy?

[NieWiem]

Oczywiście że to jest możliwe. Nie wszystkie zachowania komputera leżą zawsze po stronie wirusów/malware.

[komotolek]

no i wlaśnie dlatego chciałam żeby przejrzeć teżlogi z HiJacka... może jest problem z ilością plików załadowanych ze startem systemu?
(Malware się robi, jak skończy to dorzucę loga:)


....25 minut skanowania i nic... ile to może potrwać?!?!

Dodano Dzisiaj, 10:09:

Kod: Zaznacz wszystko

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 4275

Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

2010-07-05 10:06:42
mbam-log-2010-07-05 (10-06-42).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowano obiektów: 172155
Upłynęło: 29 minut(y), 3 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 0

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
(Nie znaleziono zagrożeń)


Dodano Dzisiaj, 10:09:
i tutaj teżnic z tego co pokazał program

[NieWiem]

Dokładnie nic. Więc zostaje szukać przyczyny raczej w Windowsie albo w sprzęcie.