Pendrive skróty

[borsuk444]

guglmail

[ordynat]

pisaliśmy jednocześnie - zajrzyj do mojego poprzedniego postu.

.

[borsuk444]

Narazie dobrze. Dla innych pendrivów pozmieniać tylko nazwy plików?

[ordynat]

jeśli potrafisz, to możesz tak zrobić.
oczywiście literkę pendrive'a też zmień, na taką, pod jaką będzie widziany

[borsuk444]

Po kilku podłączeniach pendriva z powrotem tworzą się skróty po ponownym uruchomieniu fixa skróty znikają i pojawiają się foldery. I potem znów tworzą się skróty. Co robić?

[ordynat]

może to na komputerze masz infekcję, a nie na penach?
Daj log z OTL >http://forum.programosy.pl/otl-dds-combofix-vt117885.html

.

[borsuk444]

OTL

Spoiler:

OTL logfile created on: 2011-12-04 20:51:31 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\KrzysiekG\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

479,48 Mb Total Physical Memory | 115,68 Mb Available Physical Memory | 24,13% Memory free
1,10 Gb Paging File | 0,76 Gb Available in Paging File | 69,67% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 21,81 Gb Free Space | 55,85% Space Free | Partition Type: NTFS
Drive D: | 35,46 Gb Total Space | 35,39 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive G: | 7,66 Gb Total Space | 0,08 Gb Free Space | 1,02% Space Free | Partition Type: FAT32

Computer Name: KRZYSIEK | User Name: KrzysiekG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-12-04 20:45:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\KrzysiekG\Moje dokumenty\Downloads\OTL.exe
PRC - [2011-12-04 20:38:59 | 000,246,784 | ---- | M] (suppressor peashooters) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\22.exe
PRC - [2011-11-15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2010-12-21 11:53:40 | 001,483,264 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-11-16 14:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010-11-04 17:15:50 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010-11-04 17:15:32 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010-05-14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008-11-03 23:02:20 | 000,963,584 | ---- | M] (QuestPRO Software) -- C:\Program Files\MSNET_Działdowo\KDLink32.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-03-29 16:12:06 | 000,364,544 | ---- | M] () -- C:\Program Files\TP-LINK\TWCU\TWCU.exe
PRC - [2005-12-30 08:15:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe


========== Modules (No Company Name) ==========

MOD - [2011-11-15 06:39:54 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011-11-15 06:39:53 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011-11-15 06:38:16 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011-11-15 06:38:15 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011-11-15 06:38:14 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011-11-15 03:36:18 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2009-06-14 11:07:00 | 003,566,592 | ---- | M] () -- C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\ffdshow\ffdshow.ax
MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2008-08-12 10:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2008-07-29 13:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2008-07-29 13:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2008-07-29 13:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2008-07-29 13:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2008-07-29 12:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006-03-29 16:12:06 | 000,364,544 | ---- | M] () -- C:\Program Files\TP-LINK\TWCU\TWCU.exe
MOD - [2006-03-21 09:52:30 | 000,249,856 | ---- | M] () -- C:\WINDOWS\system32\wgapi.dll
MOD - [2006-01-20 08:50:52 | 000,094,208 | ---- | M] () -- C:\Program Files\TP-LINK\TWCU\oemres.dll
MOD - [2005-12-30 08:15:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-02-05 21:20:47 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-11-04 17:18:10 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-11-04 17:15:50 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2005-12-30 08:15:16 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)


========== Driver Services (SafeList) ==========

DRV - [2011-01-29 23:00:18 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2011-01-29 20:50:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-08-04 10:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-08-03 12:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010-07-30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-07-29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-05-05 09:58:00 | 000,013,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-14 00:10:32 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2005-12-21 10:16:34 | 000,470,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005-07-02 06:35:40 | 000,016,896 | ---- | M] ( Mouse Upfilter Driver ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GMFILTR.SYS -- (genmcmn)
DRV - [2004-04-30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2004-03-02 14:02:30 | 000,167,040 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3SavageNB)
DRV - [2004-03-02 14:02:30 | 000,167,040 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-03-11 18:57:00 | 000,043,776 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudio.sys -- (VIAudio) VIA AC'97 Enhanced Audio Controller (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {7E77F5DF-8022-40e3-9122-F03DEBEFC43B}:1.0.25

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011-01-29 17:38:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-01-29 10:23:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-13 09:42:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-01-28 22:38:51 | 000,000,000 | ---D | M]

[2011-01-29 10:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Mozilla\Extensions
[2011-02-13 19:00:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Mozilla\Firefox\Profiles\p3peiffz.default\extensions
[2011-02-13 19:00:57 | 000,000,000 | ---D | M] (PsicoTSI) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Mozilla\Firefox\Profiles\p3peiffz.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}
[2011-02-13 19:00:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-01-29 18:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-29 23:01:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-01-29 18:47:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-01-29 17:38:56 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [mouseElf] C:\Program Files\Ergo Mouse\MouseElf.exe ()
O4 - HKLM..\Run: [TWCU] C:\Program Files\TP-LINK\TWCU\TWCU.exe ()
O4 - HKLM..\Run: [VTPreset] C:\WINDOWS\System32\VTPreset.exe (S3 Graphics, Inc.)
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [Dimsmv] C:\Documents and Settings\KrzysiekG\Dane aplikacji\Dimsmv.exe File not found
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [Qhmsmi] C:\Documents and Settings\KrzysiekG\Dane aplikacji\Qhmsmi.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nlpo_03] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nlpo_04] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nlpo_03] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nlpo_04] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MSNET_Działdowo.lnk = C:\Program Files\MSNET_Działdowo\KDLink32.exe (QuestPRO Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60817BCF-229F-4019-8847-01BE5817AD14}: NameServer = 10.1.0.2 88.199.86.67
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-01-28 21:11:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-12-04 18:11:22 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-12-04 18:11:22 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-12-04 20:33:14 | 000,014,137 | ---- | M] () - G:\AUTORUN.INF -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-12-04 20:38:59 | 000,246,784 | ---- | C] (suppressor peashooters) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\22.exe
[2011-12-04 20:29:01 | 000,246,784 | ---- | C] (suppressor peashooters) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\11F9.exe
[2011-12-04 18:11:22 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011-12-04 17:35:49 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011-01-29 20:16:15 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2011-01-29 20:16:15 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\KrzysiekG\Pulpit\*.tmp files -> C:\Documents and Settings\KrzysiekG\Pulpit\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-12-04 20:39:38 | 000,242,896 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\27.exe
[2011-12-04 20:38:59 | 000,246,784 | ---- | M] (suppressor peashooters) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\22.exe
[2011-12-04 20:38:12 | 000,001,148 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1715567821-682003330-1003UA.job
[2011-12-04 20:34:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-12-04 20:34:27 | 502,845,440 | -HS- | M] () -- C:\hiberfil.sys
[2011-12-04 20:29:41 | 000,374,665 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\11FB.exe
[2011-12-04 20:29:01 | 000,246,784 | ---- | M] (suppressor peashooters) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\11F9.exe
[2011-12-04 20:17:18 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\FIX.BAT
[2011-12-04 20:03:46 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-12-04 18:37:41 | 003,561,766 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\ph.bmp
[2011-12-04 18:34:48 | 003,561,766 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\pg.bmp
[2011-12-04 18:21:47 | 003,561,766 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\bez tytułu.bmp
[2011-12-04 18:11:23 | 000,005,425 | ---- | M] () -- C:\UsbFix_Upload_Me_KRZYSIEK.zip
[2011-12-04 17:54:28 | 000,002,334 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\Google Chrome.lnk
[2011-12-04 17:38:01 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1715567821-682003330-1003Core.job
[2011-12-04 17:30:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\KrzysiekG\Pulpit\*.tmp files -> C:\Documents and Settings\KrzysiekG\Pulpit\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-12-04 20:39:38 | 000,242,896 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\27.exe
[2011-12-04 20:29:41 | 000,374,665 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\11FB.exe
[2011-12-04 20:10:02 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Pulpit\FIX.BAT
[2011-12-04 18:37:41 | 003,561,766 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Pulpit\ph.bmp
[2011-12-04 18:34:48 | 003,561,766 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Pulpit\pg.bmp
[2011-12-04 18:21:45 | 003,561,766 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Pulpit\bez tytułu.bmp
[2011-12-04 17:41:44 | 000,005,425 | ---- | C] () -- C:\UsbFix_Upload_Me_KRZYSIEK.zip
[2011-01-29 22:16:16 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-29 14:03:33 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-01-29 11:32:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TaskKeyHook.dll
[2011-01-29 11:32:36 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidUsbF.sys
[2011-01-29 11:32:36 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\gflmouhid.sys
[2011-01-29 10:23:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-01-29 10:08:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2011-01-29 10:08:08 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2011-01-29 10:08:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2011-01-28 21:59:27 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-01-28 21:57:44 | 000,348,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-01-28 21:42:07 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011-01-28 21:42:07 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011-01-28 21:42:07 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011-01-28 21:42:07 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011-01-28 21:42:07 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011-01-28 21:42:07 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011-01-28 21:42:07 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011-01-28 21:42:07 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011-01-28 21:42:07 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011-01-28 21:42:07 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011-01-28 21:42:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011-01-28 21:42:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011-01-28 21:42:07 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011-01-28 21:42:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011-01-28 21:42:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011-01-28 21:42:07 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011-01-28 21:42:07 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011-01-28 21:42:07 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011-01-28 21:42:07 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011-01-28 21:39:57 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2011-01-28 21:18:41 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2011-01-28 21:17:50 | 000,002,974 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011-01-28 21:17:49 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011-01-28 21:12:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-01-28 21:07:06 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-12-19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-12-17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008-12-17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-12-17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-12-17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-12-17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2006-11-02 17:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004-08-04 01:56:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-03 23:59:44 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004-08-02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001-10-26 19:15:16 | 000,461,370 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 19:15:16 | 000,080,664 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 00:30:24 | 000,404,104 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 00:30:22 | 000,063,324 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 01:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011-02-05 21:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
[2011-01-29 20:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-01-28 21:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON
[2011-01-28 22:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-01-29 17:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2011-01-29 14:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-01-29 17:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-01-28 21:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL
[2011-02-05 21:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Autodesk
[2011-01-30 09:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\DAEMON Tools Lite
[2011-01-30 16:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\DMCache
[2011-01-28 23:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Easeware
[2011-01-30 16:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\IDM
[2011-02-04 19:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\ipla
[2011-01-29 19:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Nokia
[2011-01-29 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\PC Suite
[2011-01-29 14:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\RDRM
[2011-02-05 13:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Sports Interactive
[2011-07-09 12:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\uTorrent
[2011-01-28 22:35:44 | 000,000,414 | ---- | M] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job

========== Purity Check ==========



< End of report >

EXTRAS

Spoiler:

OTL Extras logfile created on: 2011-12-04 20:51:31 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\KrzysiekG\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

479,48 Mb Total Physical Memory | 115,68 Mb Available Physical Memory | 24,13% Memory free
1,10 Gb Paging File | 0,76 Gb Available in Paging File | 69,67% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 21,81 Gb Free Space | 55,85% Space Free | Partition Type: NTFS
Drive D: | 35,46 Gb Total Space | 35,39 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive G: | 7,66 Gb Total Space | 0,08 Gb Free Space | 1,02% Space Free | Partition Type: FAT32

Computer Name: KRZYSIEK | User Name: KrzysiekG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2000478354-1715567821-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{121C822F-7DBA-4A54-AC12-0EE12B273495}" = ESET NOD32 Antivirus
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = TP-LINK Client Installation Program
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4837718C-5B6E-4496-B283-FFFB5A937825}" = ABBYY PDF Transformer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5783F2D7-6001-0415-0002-0060B0CE6BBA}" = AutoCAD 2008 - Polski
"{5AF71003-1797-4D93-9F37-4F2125CBF539}" = Microsoft .NET Framework 2.0 Language Pack - PLK
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.2 - Polish
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Pakiet sterowników systemu Windows - Nokia Modem (10/07/2010 4.6)
"7-Zip" = 7-Zip 9.15 beta
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoCAD 2008 - Polski" = AutoCAD 2008 - Polski
"b04bc1b28d83938284266021d61afad2308463113" = Football Manager 2007
"CCleaner" = CCleaner
"CX4300_5500_DX4400 Podręcznik" = CX4300_5500_DX4400 Podręcznik
"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 Beta-1
"divxh264_is1" = DivX H.264 decoder 8.2.0.26
"DriverAgent.exe" = DriverAgent by eSupport.com
"DriverEasy_is1" = DriverEasy 2.6.1
"E5372C32E8562C76C24DBA6525002B1031495F34" = Pakiet sterowników systemu Windows - Nokia Modem (06/09/2010 7.01.0.
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = Oprogramowanie drukarki EPSON
"EPSON Scanner" = EPSON Scan
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"FormatFactory" = FormatFactory 2.60
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"ipla" = ipla 2.2.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"KYE" = Ergo Mouse
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - PLK" = Microsoft .NET Framework 2.0 — pakiet języka polskiego
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSNET_Działdowo" = MSNET_Działdowo 1.26
"Nokia PC Suite" = Nokia PC Suite
"P4M266" = ProSavageDDR and Utilities
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"S3Overlay" = S3Overlay
"Usbfix" = UsbFix By El Desaparecido
"uTorrent" = µTorrent
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"VLC media player" = VLC media player 1.1.6
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"XP Codec Pack" = XP Codec Pack

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2000478354-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011-01-30 04:43:02 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca Setup.exe, wersja 17.1.51.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-01-30 04:43:02 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca Setup.exe, wersja 17.1.51.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-01-30 04:43:02 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca Setup.exe, wersja 17.1.51.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-02-05 15:19:39 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3989, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-02-05 15:19:59 | Computer Name = KRZYSIEK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.3989,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x0000100b.

Error - 2011-02-05 16:12:24 | Computer Name = KRZYSIEK | Source = MsiInstaller | ID = 11931
Description = Product: MSXML 6.0 Parser -- Error 1931. The Windows Installer service
cannot update the system file C:\WINDOWS\system32\msxml6r.dll because the file
is protected by Windows. You may need to update your operating system for this
program to work correctly. Package version: 6.0.3883.0, OS Protected version: 6.0.3883.0

Error - 2011-02-06 06:30:02 | Computer Name = KRZYSIEK | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.6425.1000, P3
mso.dll, P4 12.0.6425.1000, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 2011-02-06 06:39:04 | Computer Name = KRZYSIEK | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.6425.1000, P3
wwlib.dll, P4 12.0.6425.1000, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 2011-02-14 17:23:26 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca WINWORD.EXE, wersja 12.0.6425.1000, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-12-04 15:33:19 | Computer Name = KRZYSIEK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł
powodujący błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00011d8f.

[ System Events ]
Error - 2011-02-14 04:54:26 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-14 04:54:26 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 15 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-14 11:54:18 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-14 11:54:18 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-14 11:54:27 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-14 11:54:27 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-14 19:13:43 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-14 19:13:43 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-14 19:13:43 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-14 19:13:43 | Computer Name = KRZYSIEK | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.


< End of report >

[ordynat]

Infekcja jest, ale to nie wugląda na infekcję "skrótową".
Masz Service Pack 3, więc infekcja "skrótowa" nie może się dostać do komputera z internetu - może tylko z pendrive'a.

Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

:OTL
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [Dimsmv] C:\Documents and Settings\KrzysiekG\Dane aplikacji\Dimsmv.exe File not found
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [Qhmsmi] C:\Documents and Settings\KrzysiekG\Dane aplikacji\Qhmsmi.exe File not found
[2011-12-04 20:38:59 | 000,246,784 | ---- | C] (suppressor peashooters) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\22.exe
[2011-12-04 20:29:01 | 000,246,784 | ---- | C] (suppressor peashooters) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\11F9.exe
[2011-12-04 20:39:38 | 000,242,896 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\27.exe
[2011-12-04 20:38:59 | 000,246,784 | ---- | M] (suppressor peashooters) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\22.exe
[2011-12-04 20:29:41 | 000,374,665 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\11FB.exe

:Commands
[emptyflash]
[emptytemp]

Kliknij w Wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania.

Użyj > MBAM
Na końcu kliknij na Usuń zaznaczone.
Podaj z tego raport.



dziś już mnie nie będzie na Forum - zajrzę tu jutro.

.
.

[borsuk444]

Spoiler:

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2000478354-1715567821-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Dimsmv deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2000478354-1715567821-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Qhmsmi deleted successfully.
C:\Documents and Settings\KrzysiekG\Dane aplikacji\22.exe moved successfully.
C:\Documents and Settings\KrzysiekG\Dane aplikacji\11F9.exe moved successfully.
C:\Documents and Settings\KrzysiekG\Dane aplikacji\27.exe moved successfully.
File C:\Documents and Settings\KrzysiekG\Dane aplikacji\22.exe not found.
C:\Documents and Settings\KrzysiekG\Dane aplikacji\11FB.exe moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default User

User: KrzysiekG
->Flash cache emptied: 94929 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: KrzysiekG
->Temp folder emptied: 154442346 bytes
->Temporary Internet Files folder emptied: 5386756 bytes
->Java cache emptied: 111113501 bytes
->FireFox cache emptied: 57848730 bytes
->Google Chrome cache emptied: 45026036 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 371492 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 589 bytes

Total Files Cleaned = 359,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 12042011_211445

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Spoiler:

OTL logfile created on: 2011-12-04 21:18:48 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\KrzysiekG\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

479,48 Mb Total Physical Memory | 207,97 Mb Available Physical Memory | 43,37% Memory free
1,10 Gb Paging File | 0,92 Gb Available in Paging File | 84,36% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 22,14 Gb Free Space | 56,68% Space Free | Partition Type: NTFS
Drive D: | 35,46 Gb Total Space | 35,39 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive G: | 7,66 Gb Total Space | 0,08 Gb Free Space | 1,02% Space Free | Partition Type: FAT32

Computer Name: KRZYSIEK | User Name: KrzysiekG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-12-04 20:45:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\KrzysiekG\Moje dokumenty\Downloads\OTL.exe
PRC - [2010-12-21 11:53:40 | 001,483,264 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-11-16 14:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010-11-04 17:15:50 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010-11-04 17:15:32 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008-11-03 23:02:20 | 000,963,584 | ---- | M] (QuestPRO Software) -- C:\Program Files\MSNET_Działdowo\KDLink32.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-03-29 16:12:06 | 000,364,544 | ---- | M] () -- C:\Program Files\TP-LINK\TWCU\TWCU.exe
PRC - [2005-12-30 08:15:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe


========== Modules (No Company Name) ==========

MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2008-08-12 10:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2008-07-29 13:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2008-07-29 13:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2008-07-29 13:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2008-07-29 13:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2008-07-29 12:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2006-03-29 16:12:06 | 000,364,544 | ---- | M] () -- C:\Program Files\TP-LINK\TWCU\TWCU.exe
MOD - [2006-03-21 09:52:30 | 000,249,856 | ---- | M] () -- C:\WINDOWS\system32\wgapi.dll
MOD - [2006-01-20 08:50:52 | 000,094,208 | ---- | M] () -- C:\Program Files\TP-LINK\TWCU\oemres.dll
MOD - [2005-12-30 08:15:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-02-05 21:20:47 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-11-04 17:18:10 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-11-04 17:15:50 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2005-12-30 08:15:16 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)


========== Driver Services (SafeList) ==========

DRV - [2011-01-29 23:00:18 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2011-01-29 20:50:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-08-04 10:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-08-03 12:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010-07-30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-07-29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-05-05 09:58:00 | 000,013,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-14 00:10:32 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2005-12-21 10:16:34 | 000,470,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005-07-02 06:35:40 | 000,016,896 | ---- | M] ( Mouse Upfilter Driver ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GMFILTR.SYS -- (genmcmn)
DRV - [2004-04-30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2004-03-02 14:02:30 | 000,167,040 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3SavageNB)
DRV - [2004-03-02 14:02:30 | 000,167,040 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-03-11 18:57:00 | 000,043,776 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudio.sys -- (VIAudio) VIA AC'97 Enhanced Audio Controller (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {7E77F5DF-8022-40e3-9122-F03DEBEFC43B}:1.0.25

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011-01-29 17:38:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-01-29 10:23:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-13 09:42:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-01-28 22:38:51 | 000,000,000 | ---D | M]

[2011-01-29 10:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Mozilla\Extensions
[2011-02-13 19:00:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Mozilla\Firefox\Profiles\p3peiffz.default\extensions
[2011-02-13 19:00:57 | 000,000,000 | ---D | M] (PsicoTSI) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Mozilla\Firefox\Profiles\p3peiffz.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}
[2011-02-13 19:00:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-01-29 18:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-29 23:01:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-01-29 18:47:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-01-29 17:38:56 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [mouseElf] C:\Program Files\Ergo Mouse\MouseElf.exe ()
O4 - HKLM..\Run: [TWCU] C:\Program Files\TP-LINK\TWCU\TWCU.exe ()
O4 - HKLM..\Run: [VTPreset] C:\WINDOWS\System32\VTPreset.exe (S3 Graphics, Inc.)
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-19..\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nlpo_03] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nlpo_04] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nlpo_03] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nlpo_04] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MSNET_Działdowo.lnk = C:\Program Files\MSNET_Działdowo\KDLink32.exe (QuestPRO Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-2000478354-1715567821-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60817BCF-229F-4019-8847-01BE5817AD14}: NameServer = 10.1.0.2 88.199.86.67
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-01-28 21:11:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-12-04 18:11:22 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-12-04 18:11:22 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-12-04 20:33:14 | 000,014,137 | ---- | M] () - G:\AUTORUN.INF -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-12-04 21:14:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-12-04 21:12:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\PickaVamMaterina2
[2011-12-04 21:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KrzysiekG\Start Menu
[2011-12-04 21:11:43 | 000,177,152 | ---- | C] (fico sondo) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Qhmsmi.exe
[2011-12-04 18:11:22 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011-12-04 17:35:49 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011-01-29 20:16:15 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2011-01-29 20:16:15 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[3 C:\Documents and Settings\KrzysiekG\Pulpit\*.tmp files -> C:\Documents and Settings\KrzysiekG\Pulpit\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-12-04 21:16:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-12-04 21:16:33 | 502,845,440 | -HS- | M] () -- C:\hiberfil.sys
[2011-12-04 21:15:00 | 000,461,370 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-12-04 21:14:59 | 000,404,104 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-12-04 21:14:59 | 000,080,664 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-12-04 21:14:59 | 000,063,324 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-12-04 21:12:00 | 000,587,361 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\35E.exe
[2011-12-04 21:11:43 | 000,177,152 | ---- | M] (fico sondo) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Qhmsmi.exe
[2011-12-04 21:00:51 | 000,368,873 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\72.exe
[2011-12-04 20:38:12 | 000,001,148 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1715567821-682003330-1003UA.job
[2011-12-04 20:17:18 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\FIX.BAT
[2011-12-04 20:03:46 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-12-04 18:37:41 | 003,561,766 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\ph.bmp
[2011-12-04 18:34:48 | 003,561,766 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\pg.bmp
[2011-12-04 18:21:47 | 003,561,766 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\bez tytułu.bmp
[2011-12-04 18:11:23 | 000,005,425 | ---- | M] () -- C:\UsbFix_Upload_Me_KRZYSIEK.zip
[2011-12-04 17:54:28 | 000,002,334 | ---- | M] () -- C:\Documents and Settings\KrzysiekG\Pulpit\Google Chrome.lnk
[2011-12-04 17:38:01 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1715567821-682003330-1003Core.job
[2011-12-04 17:30:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\Documents and Settings\KrzysiekG\Pulpit\*.tmp files -> C:\Documents and Settings\KrzysiekG\Pulpit\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-12-04 21:11:59 | 000,587,361 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\35E.exe
[2011-12-04 21:00:51 | 000,368,873 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\72.exe
[2011-12-04 20:10:02 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Pulpit\FIX.BAT
[2011-12-04 18:37:41 | 003,561,766 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Pulpit\ph.bmp
[2011-12-04 18:34:48 | 003,561,766 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Pulpit\pg.bmp
[2011-12-04 18:21:45 | 003,561,766 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Pulpit\bez tytułu.bmp
[2011-12-04 17:41:44 | 000,005,425 | ---- | C] () -- C:\UsbFix_Upload_Me_KRZYSIEK.zip
[2011-01-29 22:16:16 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-29 14:03:33 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-01-29 11:32:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TaskKeyHook.dll
[2011-01-29 11:32:36 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidUsbF.sys
[2011-01-29 11:32:36 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\gflmouhid.sys
[2011-01-29 10:23:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-01-29 10:08:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2011-01-29 10:08:08 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2011-01-29 10:08:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2011-01-28 21:59:27 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-01-28 21:57:44 | 000,348,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-01-28 21:42:07 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011-01-28 21:42:07 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011-01-28 21:42:07 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011-01-28 21:42:07 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011-01-28 21:42:07 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011-01-28 21:42:07 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011-01-28 21:42:07 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011-01-28 21:42:07 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011-01-28 21:42:07 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011-01-28 21:42:07 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011-01-28 21:42:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011-01-28 21:42:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011-01-28 21:42:07 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011-01-28 21:42:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011-01-28 21:42:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011-01-28 21:42:07 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011-01-28 21:42:07 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011-01-28 21:42:07 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011-01-28 21:42:07 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011-01-28 21:39:57 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2011-01-28 21:18:41 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2011-01-28 21:17:50 | 000,002,974 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011-01-28 21:17:49 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011-01-28 21:12:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-01-28 21:07:06 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-12-19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-12-17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008-12-17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-12-17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-12-17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-12-17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2006-11-02 17:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004-08-04 01:56:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-03 23:59:44 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004-08-02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001-10-26 19:15:16 | 000,461,370 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 19:15:16 | 000,080,664 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 00:30:24 | 000,404,104 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 00:30:22 | 000,063,324 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 01:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011-02-05 21:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
[2011-01-29 20:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-01-28 21:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON
[2011-01-28 22:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-01-29 17:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2011-01-29 14:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-01-29 17:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-01-28 21:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL
[2011-02-05 21:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Autodesk
[2011-01-30 09:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\DAEMON Tools Lite
[2011-01-30 16:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\DMCache
[2011-01-28 23:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Easeware
[2011-01-30 16:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\IDM
[2011-02-04 19:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\ipla
[2011-01-29 19:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Nokia
[2011-01-29 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\PC Suite
[2011-12-04 21:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\PickaVamMaterina2
[2011-01-29 14:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\RDRM
[2011-02-05 13:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Sports Interactive
[2011-07-09 12:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\uTorrent
[2011-01-28 22:35:44 | 000,000,414 | ---- | M] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job

========== Purity Check ==========



< End of report >

Dodano Dzisiaj, 21:46:
Jak coś to będę w piątek lub sobotę. Wtedy też wstawię raport z MBAM.

[ordynat]

Ta usuwana infekcja natychmiast się odrodziła, widać to po dacie i godzinie powstania.
Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

:OTL
[2011-12-04 21:11:59 | 000,587,361 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\35E.exe
[2011-12-04 21:00:51 | 000,368,873 | ---- | C] () -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\72.exe
[2011-12-04 21:11:43 | 000,177,152 | ---- | M] (fico sondo) -- C:\Documents and Settings\KrzysiekG\Dane aplikacji\Qhmsmi.exe

:Commands
[emptytemp]

Kliknij w Wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania.

Wracając do kwestii skrótów: czy oprócz pendrive nie podpinałeś jakiejś innej pamięci zewnętrznej (telefon, aparat foto, odtwarzacz mp*) ?
Jeszcze raz użyj USBFix z opcji DELETION - może tym razem coś dostrzeże na tych wszystkich pamięciach przenośnych.

będę w piątek lub sobotę. Wtedy też wstawię raport z MBAM

No to do weekendu.

.

[borsuk444]

Oto raport z UsbFixa. Podłączyłem wszystkie pendrivy.

Spoiler:

############################## | UsbFix V 7.072 | [Deletion]

User: KrzysiekG (Administrator) # KRZYSIEK
Updated 04/12/2011 by El Desaparecido
Started at 15:49:27 | 07/01/2012

Website: http://eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

PC: VIA (KM266) (X86-based PC) # Desktop Computer
CPU: AMD Duron(tm) (1297)
RAM -> [ Total : 479 | Free : 201 ]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 6.0.2900.5512

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Fixed drive # 39 Gb (22 Mb free - 57%) [] # NTFS
D:\ -> Fixed drive # 35 Gb (35 Mb free - 100%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Removable drive # 8 Gb (80 Mb free - 1%) [INTENSO] # FAT32
H:\ -> Removable drive # 7 Gb (621 Mb free - 8%) [LEXAR] # FAT32
I:\ -> Removable drive # 4 Gb (273 Mb free - 7%) [] # FAT32
J:\ -> Removable drive # 7 Gb (5 Mb free - 67%) [KINGSTON] # FAT32

################## | Active Processes |

C:\WINDOWS\System32\smss.exe (468)
C:\WINDOWS\system32\winlogon.exe (568)
C:\WINDOWS\system32\services.exe (612)
C:\WINDOWS\system32\lsass.exe (624)
C:\WINDOWS\system32\svchost.exe (780)
C:\WINDOWS\System32\svchost.exe (896)
C:\WINDOWS\system32\spoolsv.exe (1172)
C:\WINDOWS\system32\acs.exe (1220)
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (1300)
C:\Program Files\Java\jre6\bin\jqs.exe (1340)
C:\WINDOWS\system32\svchost.exe (1464)
C:\WINDOWS\Explorer.EXE (1712)
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (276)
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (300)
C:\Program Files\TP-LINK\TWCU\TWCU.exe (312)
C:\WINDOWS\system32\wscntfy.exe (340)
C:\PROGRA~1\ERGOMO~1\MouseElf.EXE (348)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (376)
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (392)
C:\WINDOWS\system32\ctfmon.exe (448)
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (496)
C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (380)
C:\Program Files\DAEMON Tools Lite\DTLite.exe (788)
C:\Program Files\MSNET_Działdowo\KDLink32.exe (1068)
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (2128)
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (2236)
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (2284)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (2532)
C:\WINDOWS\system32\wuauclt.exe (2648)
C:\UsbFix\UsbFix.exe (628)

################## | Stopped processes |

Stopped! C:\WINDOWS\system32\spoolsv.exe (1172)
Stopped! C:\WINDOWS\system32\acs.exe (1220)
Stopped! C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (1300)
Stopped! C:\Program Files\Java\jre6\bin\jqs.exe (1340)
Stopped! C:\WINDOWS\Explorer.EXE (1712)
Stopped! C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (276)
Stopped! C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (300)
Stopped! C:\Program Files\TP-LINK\TWCU\TWCU.exe (312)
Stopped! C:\WINDOWS\system32\wscntfy.exe (340)
Stopped! C:\PROGRA~1\ERGOMO~1\MouseElf.EXE (348)
Stopped! C:\Program Files\Common Files\Java\Java Update\jusched.exe (376)
Stopped! C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (392)
Stopped! C:\WINDOWS\system32\ctfmon.exe (448)
Stopped! C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (496)
Stopped! C:\Documents and Settings\KrzysiekG\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (380)
Stopped! C:\Program Files\DAEMON Tools Lite\DTLite.exe (788)
Stopped! C:\Program Files\MSNET_Działdowo\KDLink32.exe (1068)
Stopped! C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (2128)
Stopped! C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (2236)
Stopped! C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (2284)
Stopped! C:\WINDOWS\system32\wbem\wmiapsrv.exe (2532)
Stopped! C:\WINDOWS\system32\wuauclt.exe (2648)

################## | Files # Infected Folders |

Deleted ! G:\CYWILIZACJA.lnk
Deleted ! G:\GO.lnk
Deleted ! G:\KABARETY.lnk
Deleted ! G:\Nowy folder.lnk
Deleted ! G:\Nowy folder (2).lnk
Deleted ! G:\Nowy folder (3).lnk
Deleted ! G:\Nowy folder (4).lnk
Deleted ! G:\PWSZ.lnk
Deleted ! C:\Documents and Settings\KrzysiekG\Dane aplikacji\35E.exe
Deleted ! C:\Documents and Settings\KrzysiekG\Dane aplikacji\72.exe
Not deleted ! E:\autorun.exe
Deleted ! G:\RECYCLER\faebec4a.exe
Deleted ! C:\Recycler\S-1-5-21-2000478354-1715567821-682003330-1003
Deleted ! D:\Recycler\S-1-5-21-2000478354-1715567821-682003330-1003
Deleted ! I:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013
Not deleted ! E:\autorun.inf
Deleted ! G:\AUTORUN.INF
Deleted ! G:\Recycler\desktop.ini
Deleted ! H:\AUTORUN.INF
Deleted ! H:\Recycler\desktop.ini
Deleted ! H:\RECYCLER\e621ca05.exe
Deleted ! I:\Recycler\desktop.ini
Deleted ! I:\RECYCLER\e621ca05.exe
Deleted ! J:\AUTORUN.INF
Deleted ! J:\Recycler\desktop.ini

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[28/01/2011 - 21:11:20 | N | 0] C:\AUTOEXEC.BAT
[04/12/2011 - 18:11:22 | RASHD ] C:\Autorun.inf
[28/01/2011 - 21:04:45 | N | 211] C:\boot.ini
[22/07/2001 - 01:13:54 | N | 4952] C:\Bootfont.bin
[28/01/2011 - 21:11:20 | N | 0] C:\CONFIG.SYS
[28/01/2011 - 21:14:56 | D ] C:\Documents and Settings
[07/01/2012 - 15:45:18 | ASH | 502845440] C:\hiberfil.sys
[28/01/2011 - 21:11:20 | N | 0] C:\IO.SYS
[28/01/2011 - 21:11:20 | N | 0] C:\MSDOS.SYS
[28/01/2011 - 21:23:01 | RHD ] C:\MSOCache
[03/08/2004 - 23:38:34 | N | 47564] C:\NTDETECT.COM
[28/01/2011 - 21:56:52 | N | 251152] C:\ntldr
[07/01/2012 - 15:45:17 | ASH | 754974720] C:\pagefile.sys
[04/12/2011 - 21:28:44 | D ] C:\Program Files
[07/01/2012 - 15:52:22 | SHD ] C:\RECYCLER
[29/01/2011 - 12:37:30 | D ] C:\S3GRAPHICS
[28/01/2011 - 21:13:37 | SHD ] C:\System Volume Information
[29/01/2011 - 10:07:26 | D ] C:\temp
[07/01/2012 - 15:52:22 | D ] C:\UsbFix
[07/01/2012 - 15:52:23 | A | 5252] C:\UsbFix.txt
[04/12/2011 - 18:11:48 | N | 5003] C:\UsbFix2.txt
[04/12/2011 - 18:11:23 | N | 5425] C:\UsbFix_Upload_Me_KRZYSIEK.zip
[07/01/2012 - 15:46:20 | D ] C:\WINDOWS
[04/12/2011 - 21:14:45 | D ] C:\_OTL
[04/12/2011 - 18:11:22 | RASHD ] D:\Autorun.inf
[07/01/2012 - 15:52:22 | SHD ] D:\RECYCLER
[29/01/2011 - 22:29:48 | SHD ] D:\System Volume Information
[17/11/2008 - 23:47:57 | R | 965062] E:\MSNET.exe
[24/10/2008 - 09:45:13 | R | 13180217] E:\SPARKLAN.exe
[19/06/2006 - 09:37:00 | R | 5768174] E:\Setup.exe
[10/08/2009 - 17:16:49 | R | 5632] E:\Thumbs.db
[11/01/2007 - 12:29:30 | R | 40960] E:\autorun.exe
[21/11/2008 - 09:17:31 | R | 1231] E:\autorun.htm
[03/10/2005 - 08:18:26 | R | 46] E:\autorun.inf
[21/11/2008 - 09:05:57 | R | 17811204] E:\cd_rom.swf
[22/04/2010 - 10:18:11 | R | 44313152] E:\setup_av_free_pol.exe
[26/03/2008 - 13:58:14 | R | 32038] E:\sfld.ico
[16/05/2006 - 10:23:00 | R | 6364] E:\swfobject.js
[16/11/2011 - 17:47:20 | D ] G:\CYWILIZACJA
[16/11/2011 - 17:45:20 | D ] G:\GO
[16/11/2011 - 17:50:36 | D ] G:\KABARETY
[16/11/2011 - 17:51:46 | D ] G:\Nowy folder
[16/11/2011 - 17:54:42 | D ] G:\Nowy folder (2)
[16/11/2011 - 17:56:06 | D ] G:\Nowy folder (3)
[16/11/2011 - 17:57:36 | D ] G:\Nowy folder (4)
[16/11/2011 - 17:49:54 | D ] G:\PWSZ
[27/08/2011 - 17:33:52 | N | 4942396] G:\Lou Bega Mambo NÂş 5 [zapiska.pl].3gp
[13/03/2011 - 22:37:46 | N | 5690379] G:\lucia marques.3gp
[13/03/2011 - 22:37:46 | N | 10253383] G:\lucia marques.flv
[19/06/2011 - 17:06:02 | N | 3009755] G:\marquess - arriba [zapiska.pl].mp3
[27/03/2011 - 19:23:58 | N | 24262387] G:\Marquess - El temperamento (live 2010) [www.downtube.eu].flv
[24/09/2011 - 17:23:08 | N | 3078301] G:\marquess - en espana [zapiska.pl].mp3
[12/03/2008 - 17:11:46 | N | 3649664] G:\Marquess - La Histeria.mp3
[24/09/2011 - 17:19:54 | N | 2846334] G:\Marquess - No Tengo El Tango [zapiska.pl].mp3
[26/03/2011 - 20:26:28 | N | 22899862] G:\Marquess - Vayamos Companeros Official Music Video HD [www.downtube.eu].flv
[07/09/2011 - 20:19:54 | N | 4531763] G:\Marquess El Temperamento [zapiska.pl].3gp
[07/09/2011 - 20:19:54 | N | 13100744] G:\Marquess El Temperamento [zapiska.pl].flv
[13/03/2011 - 22:37:46 | N | 7380674] G:\Marquess La Histeria.flv
[13/03/2011 - 22:37:46 | N | 3902917] G:\Marquess La Vida Es Limonada.flv
[13/03/2011 - 22:37:46 | N | 7402196] G:\Marquess Latino America (Ofiicial Music Video).flv
[13/03/2011 - 22:37:46 | N | 7666387] G:\Marquess Vayamos Companieros.flv
[04/11/2008 - 21:25:18 | N | 22071296] G:\mt ćw3.doc
[09/11/2011 - 15:09:28 | N | 4690139] G:\mt ćw3.rar
[08/10/2011 - 18:57:16 | N | 15361838] G:\Muza 2011 Super Nowość z Rosji (качеŃ?твенный видеоклип) [zapiska.pl].flv
[22/05/2011 - 18:58:24 | N | 5847357] G:\Sabaton - A Light In The Black [polskie napisy]~1.3gp
[22/05/2011 - 18:27:50 | N | 5749086] G:\Sabaton - Aces in Exile (polskie napisy)~1.3gp
[22/05/2011 - 19:10:16 | N | 6287729] G:\Sabaton - Angels Calling [polskie napisy]~1.3gp
[22/05/2011 - 18:50:00 | N | 4520306] G:\Sabaton - Attero Dominatus [polskie napisy]~1.3gp
[22/05/2011 - 19:42:38 | N | 3931435] G:\Sabaton - Back In Control [polskie napisy]~1.3gp
[22/05/2011 - 20:24:06 | N | 7635403] G:\Sabaton - Cliffs Of Gallipoli PL (polskie napisy)~1.3gp
[22/05/2011 - 21:26:10 | N | 5247345] G:\SABATON - COUNTERSTRIKE ( POLSKIE NAPISY )~1.3gp
[22/05/2011 - 19:45:58 | N | 4497002] G:\Sabaton - In The Name Of God [polskie napisy]~1.3gp
[13/06/2011 - 15:12:58 | N | 4581944] G:\Sabaton - Into the fire(napisy PL) [zapiska.pl].3gp
[13/06/2011 - 15:12:58 | N | 23591264] G:\Sabaton - Into the fire(napisy PL) [zapiska.pl].flv
[22/05/2011 - 19:32:46 | N | 5354992] G:\Sabaton - Masters of the world [polskie napisy]~1.3gp
[22/05/2011 - 19:20:54 | N | 1964869] G:\Sabaton - Metalizer [polskie napisy]~1.3gp
[26/09/2011 - 20:10:06 | N | 6246448] G:\Sabaton - Midway PL (polskie napisy) [zapiska.pl].flv
[22/05/2011 - 19:13:46 | N | 5096752] G:\Sabaton - Nuclear Attack [polskie napisy, English sub]~1.3gp
[22/05/2011 - 21:15:10 | N | 6763196] G:\Sabaton - Panzer Battalion [polskie napisy]~1.3gp
[13/06/2011 - 13:46:10 | N | 7272503] G:\Sabaton - Panzerkampf - Napisy PL [zapiska.pl].3gp
[13/06/2011 - 13:46:10 | N | 28642469] G:\Sabaton - Panzerkampf - Napisy PL [zapiska.pl].flv
[13/06/2011 - 13:47:30 | N | 26091181] G:\Sabaton - Primo Victoria (napisy PL) [zapiska.pl].flv
[22/05/2011 - 18:46:52 | N | 5676836] G:\Sabaton - Primo Victoria __POLSKIE NAPISY__ www.zerknij.eu.3gp
[22/05/2011 - 19:05:40 | N | 4441076] G:\Sabaton - Purple Heart - Polskie napisy [ Pl ].3gp
[22/05/2011 - 20:38:56 | N | 10766202] G:\Sabaton - Rise Of Evil PL (polskie napisy).3gp
[22/05/2011 - 20:19:10 | N | 4662467] G:\Sabaton - Saboteurs PL (polskie napisy).3gp
[22/05/2011 - 20:08:44 | N | 5751547] G:\Sabaton - Screaming Eagles PL (polskie napisy).3gp
[22/05/2011 - 21:22:30 | N | 1791789] G:\Sabaton - Shadows [polskie napisy].3gp
[22/05/2011 - 21:20:34 | N | 7179702] G:\Sabaton - Stalingrad PL (polskie napisy).3gp
[22/05/2011 - 21:00:16 | N | 5720144] G:\Sabaton - Swedish Pagans HD PL (polskie napisy)~1.3gp
[13/06/2011 - 15:04:16 | N | 23226747] G:\Sabaton - Talvisota - napisy PL [zapiska.pl].flv
[22/05/2011 - 19:02:36 | N | 6793572] G:\Sabaton - The Art Of War [Polskie Napisy - Polish Subs]~1.3gp
[13/06/2011 - 14:11:54 | N | 7528107] G:\Sabaton - The Hammer Has Fallen HD PL (polskie napisy) [zapiska.pl].3gp
[13/06/2011 - 14:11:54 | N | 49358158] G:\Sabaton - The Hammer Has Fallen HD PL (polskie napisy) [zapiska.pl].flv
[22/05/2011 - 19:26:58 | N | 7869292] G:\Sabaton - Unbreakable (polskie napisy).3gp
[26/09/2011 - 20:11:34 | N | 32090268] G:\Sabaton - Unbreakable [polskie napisy] [zapiska.pl].flv
[22/05/2011 - 19:29:18 | N | 3813193] G:\Sabaton - Union (Polish subs, Polskie napisy).3gp
[22/05/2011 - 19:37:26 | N | 4710494] G:\Sabaton - We Burn PL HD (polskie napisy)~1.3gp
[22/05/2011 - 20:55:24 | N | 5905754] G:\Sabaton - Wehrmacht PL (polskie napisy).3gp
[22/05/2011 - 18:54:36 | N | 5854661] G:\Sabaton - White Death PL (polskie napisy)~1.3gp
[22/05/2011 - 18:34:48 | N | 8158236] G:\Sabaton _Wolf Pack_ Polskie Napisy~1.3gp
[22/05/2011 - 18:38:30 | N | 5532837] G:\Sabaton 40 1 POLSKIE NAPISY~1.3gp
[22/05/2011 - 19:55:20 | N | 4778193] G:\Sabaton Coat of Arms (Polskie napisy)~1.3gp
[22/05/2011 - 18:43:02 | N | 6704574] G:\Sabaton The Final Solution (polskie napisy PL polish subtitles)~1.3gp
[13/06/2011 - 14:11:02 | N | 5595390] G:\Sabaton White Death (polskie napisy PL) [zapiska.pl].3gp
[13/06/2011 - 14:11:02 | N | 24918323] G:\Sabaton White Death (polskie napisy PL) [zapiska.pl].flv
[26/09/2011 - 20:10:44 | N | 6514218] G:\Sabaton-7734 polskie napisy [zapiska.pl].flv
[22/05/2011 - 19:40:02 | N | 3125793] G:\Sabaton-Firestorm [polskie napisy]~1.3gp
[13/06/2011 - 15:17:46 | N | 16411126] G:\Sabaton-Ghost Division (napisy PL) [zapiska.pl].flv
[22/05/2011 - 19:18:20 | N | 6425242] G:\Sabaton-Ptaki Wojny POLSKIE NAPISY!!!!!.3gp
[07/09/2011 - 20:19:54 | N | 6993713] G:\The Who Who' re You [zapiska.pl].3gp
[04/12/2011 - 20:33:12 | HD ] G:\RECYCLER
[16/11/2011 - 18:50:16 | HD ] H:\RECYCLER
[26/09/2010 - 21:11:10 | D ] H:\GRY
[26/09/2010 - 21:11:46 | D ] H:\PENDRIVE
[24/09/2010 - 15:30:26 | D ] H:\gizynskik
[16/11/2011 - 19:51:12 | N | 12739923] H:\Badanie trwałści ostrza.docx
[25/01/2011 - 18:09:18 | N | 7462394] I:\diadem - nocy czar disco polo 2011.mp3
[24/01/2011 - 18:55:54 | HD ] I:\RECYCLER
[25/01/2011 - 18:13:38 | N | 4149575] I:\drossel - to ten klub.mp3
[24/01/2011 - 18:55:54 | D ] I:\guglmail
[25/01/2011 - 18:35:34 | N | 4044666] I:\impuls___seksualnie_niebezpieczna_2011_(3).mp3
[05/10/2011 - 19:26:46 | D ] I:\Bad Boys Blue
[05/10/2011 - 19:27:08 | D ] I:\C.C. Catch
[05/10/2011 - 19:27:28 | D ] I:\Deluxe Ski Jump 3.1.7.0
[05/10/2011 - 19:28:18 | D ] I:\Modern Talking 2011
[05/10/2011 - 19:29:28 | D ] I:\muza new
[05/10/2011 - 19:30:46 | D ] I:\Old Disco-Super hits
[05/10/2011 - 19:30:58 | D ] I:\Papa Dance
[05/10/2011 - 19:31:12 | D ] I:\Sami Swoi
[21/08/2008 - 20:31:04 | D ] I:\Diablo 2
[28/01/2011 - 09:29:36 | N | 37505011] I:\MOV_0494.mp4
[16/11/2011 - 19:33:04 | D ] J:\a
[19/09/2011 - 22:58:40 | N | 635731968] J:\Call of Duty CD-1.ISO
[19/09/2011 - 22:58:32 | N | 669204480] J:\Call of Duty CD-2.ISO
[27/02/2010 - 11:18:14 | N | 363379] J:\Wykład1_OK.pdf
[13/11/2011 - 20:50:02 | N | 2713600] J:\krzyżówki testowe.ppt
[13/11/2011 - 21:25:20 | N | 2258432] J:\teoria morgana.ppt
[04/12/2011 - 20:32:30 | HD ] J:\RECYCLER

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_KRZYSIEK.zip
http://eldesaparecido.com/upload.html
Thank you for your contribution.

################## | Reboot |

(!) The computer was restarted.

################## | E.O.F |

[ordynat]

Wg mnie - jest już OK.
A jak Ty to oceniasz?

.

[borsuk444]

Widzę, że narazie nie ma skrótów i jest dobrze. A można jakoś zabezpieczyć te pendrivy na przyszłość?:)

[ordynat]

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

USBFix postawił obiekty zaporowe, więc w przyszłości nie będzie automatycznej infekcji.
Przynajmniej teoretycznie.

Kończymy:

W USBFix kliknij na przycisk UNINSTALL

W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.

.

[borsuk444]

A po formatowaniu te obiekty zostaną? Czy trzeba uruchomić UsbFixa w trybie Deletion?

[ordynat]

Formatowanie usuwa wszystko, więc także te obiekty zostaną usunięte.

Nie rozumiem, po co chcesz teraz uruchamiać USBFix z opcji DELETION?
Zaleciłem z opcji UNINSTAL - w celu usunięcia USBFixa.

.

[borsuk444]

Jeślibym za jakiś czas sformatował pendrivy to wtedy, żeby utrzymać tą ochronę to muszę zainstalować UsbFix i wziąć opcje deletion?

[ordynat]

Wystarczy z opcji VACCINE. Oczywiście z opcji DELETION też może być, (ale nie musi)

.

Autor postu otrzymał pochwałę

[borsuk444]

Wielkie dzięki za pomoc.

Dodano Dzisiaj, 17:20:
Pokazał mi się na tych pendrivach ukryty folder recycler? Można go usunąć?

[wojtas]

możesz jak dasz radę ale chyba się pojawi po ponownym podłączeniu