Problem z win32/adware

**Posty:** 6 · przez **eMbe87** 31 Sty 2010, 19:37

mój komp złapał wirusa Win32/Adware
mieszczącego się : C:\DOCUME~1\Madzia\USTAWI~1\Temp\cvasds0.dll i mój NOD sobie z tym nie radzi. znajduje go, ale mówi - wyleczony przez usunięcie (po następnym uruchomieniu) - poddany kwarantannie

co robić, co robić?
nie jestem dobra w te klocki

**Posty:** 12734 · przez **Mikou@j** 31 Sty 2010, 19:38

eMbe87 napisał(a):co robić, co robić?

przeczytać zasady-wstawiania-logow-vt93842.html

**Posty:** 6 · przez **eMbe87** 31 Sty 2010, 19:42

jestem tylko marną humanistką, nie za bardzo rozumiem co tam jest napisane.
nie może mi ktoś po prostu pomóc?

Dodano Dzisiaj, 18:43:
Na samym starcie dajemy loga z OTL lub z DSS
<- tego nie rozumiem

**Posty:** 12734 · przez **Mikou@j** 31 Sty 2010, 19:44

No przecież wszystko tam jest napisane.
Ściągasz OTL, robisz wszystko wg instrukcji.
Program po zakończeniu skanowania wygeneruje LOGI, które wstawiasz tutaj w tagach [code]

**Posty:** 6 · przez **eMbe87** 31 Sty 2010, 20:05

Kod: Zaznacz wszystko: OTL logfile created on: 2010-01-31 18:58:34 - Run 1 OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Madzia\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,00 Mb Total Physical Memory | 56,00 Mb Available Physical Memory | 15,00% Memory free 920,00 Mb Paging File | 423,00 Mb Available in Paging File | 46,00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43,64 Gb Total Space | 19,28 Gb Free Space | 44,17% Space Free | Partition Type: FAT32 Drive D: | 29,00 Gb Total Space | 4,31 Gb Free Space | 14,87% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TWOJA-9D184A9B8 Current User Name: Madzia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-01-31 18:56:50 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Madzia\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-01-29 20:12:24 | 000,058,744 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice139.exe PRC - [2010-01-29 20:12:24 | 000,058,744 | ---- | M] () -- C:\Program Files\QuestService\questservice.exe PRC - [2010-01-29 12:00:00 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-12-13 23:21:44 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-12-13 23:21:42 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-11-26 18:27:36 | 000,348,160 | ---- | M] () -- C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe PRC - [2009-01-08 21:20:06 | 000,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2008-07-01 09:02:28 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2008-07-01 09:01:04 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-09-06 13:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2007-07-06 08:40:38 | 000,405,504 | ---- | M] (Fine Point Technologies, Inc.) -- C:\Program Files\DialNet\WinPPPoverEthernet.exe PRC - [2007-07-04 16:27:24 | 000,135,168 | ---- | M] (Fine Point Technologies, Inc.) -- C:\Program Files\DialNet\WrOS.exe PRC - [2006-07-25 18:03:44 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2006-06-01 14:02:54 | 000,491,520 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\Asus\Asus MultiFrame\MultiFrame.exe PRC - [2006-03-08 21:05:00 | 000,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe PRC - [2006-03-08 09:42:00 | 000,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2006-03-02 15:34:50 | 001,101,824 | ---- | M] (ASUS) -- C:\Program Files\Asus\Net4Switch\Net4Switch.exe PRC - [2006-02-22 23:40:40 | 000,106,496 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe PRC - [2006-02-21 02:25:58 | 002,170,880 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe PRC - [2005-10-21 02:26:48 | 000,761,945 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2005-10-17 17:09:34 | 000,987,136 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2005-09-13 21:55:14 | 001,668,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files\Asus\WLAN Card Utilities\Center.exe PRC - [2005-06-06 13:23:08 | 001,183,744 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe PRC - [2005-04-06 16:03:28 | 000,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe PRC - [2004-11-02 20:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe PRC - [2004-05-06 12:21:04 | 000,496,640 | ---- | M] () -- C:\WINDOWS\system32\ASWLSVC.exe PRC - [2003-09-12 20:25:30 | 000,032,768 | ---- | M] (asus) -- C:\Program Files\Asus\Asus ChkMail\ChkMail.exe PRC - [2002-04-12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe PRC - [2001-12-13 00:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-01-31 18:56:50 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Madzia\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-01-29 20:12:18 | 000,589,824 | ---- | M] () -- C:\Program Files\QuestService\questservice.dll MOD - [2006-05-17 16:39:26 | 000,028,672 | ---- | M] () -- C:\Program Files\Asus\Asus MultiFrame\HookTitle.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (SNDSrvc) SRV - [2010-01-29 20:12:24 | 000,058,744 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice139.exe -- (QuestService Service) SRV - [2009-12-13 23:21:42 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-03-27 02:46:06 | 000,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009-02-19 00:58:30 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c99224d4912af2) Usługa Google Update (gupdate1c99224d4912af2) SRV - [2008-07-01 09:08:00 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2008-07-01 09:02:28 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2008-04-14 19:20:34 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\irmon.dll -- (Irmon) SRV - [2008-03-30 10:36:30 | 000,504,104 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2007-09-06 13:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2007-07-04 16:27:24 | 000,135,168 | ---- | M] (Fine Point Technologies, Inc.) [Auto | Running] -- C:\Program Files\DialNet\WrOS.exe -- (WinPPPoverEthernet) SRV - [2006-07-25 18:03:44 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate) SRV - [2006-07-25 18:03:44 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2006-03-08 09:42:00 | 000,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2005-04-06 16:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - [2004-05-06 12:21:04 | 000,496,640 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC) SRV - [2002-04-12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2008-11-20 21:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2008-07-01 09:04:40 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-07-01 08:57:14 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv) DRV - [2008-07-01 08:56:22 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2008-04-13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2008-01-29 12:01:28 | 000,016,168 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2007-11-13 11:25:56 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2007-10-31 14:09:14 | 000,030,464 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL) DRV - [2007-07-04 16:27:24 | 000,065,604 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys -- (WRSWanDD) DRV - [2007-07-04 16:27:24 | 000,052,214 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\DialNet\WrKPoET2000.sys -- (WrKPoET2000) DRV - [2007-07-04 16:27:24 | 000,052,214 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WrKPoET2000.sys -- (TopWinPoETDriver) DRV - [2007-07-04 16:27:22 | 000,030,336 | ---- | M] (Politecnico di Torino) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fpd.sys -- (FPD) DRV - [2007-06-28 11:44:58 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd) DRV - [2007-06-28 11:44:18 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm) DRV - [2007-06-28 11:44:18 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj) DRV - [2007-06-28 11:44:16 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc) DRV - [2007-03-16 11:31:08 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\STEC3.sys -- (STEC3) DRV - [2006-09-18 16:31:56 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x) DRV - [2006-09-15 22:52:12 | 000,124,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent) DRV - [2006-07-02 22:33:24 | 001,056,512 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini) DRV - [2006-06-29 22:40:52 | 000,008,064 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan) DRV - [2006-05-04 04:13:52 | 004,271,616 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-03-08 09:49:20 | 001,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006-01-24 10:45:56 | 000,034,944 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipswuio.sys -- (ipswuio) DRV - [2006-01-19 23:44:42 | 000,862,340 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2006-01-18 05:41:58 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2005-10-21 02:13:08 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005-07-14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk) DRV - [2005-07-12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005-05-31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2005-05-31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2005-04-30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBTEnum.sys -- (BTHidEnum) DRV - [2005-04-30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2005-04-30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT) DRV - [2005-03-25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2005-02-17 10:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2005-02-11 21:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2004-10-19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2004-10-15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) DRV - [2004-08-04 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2004-08-04 13:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM) DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2002-09-09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5) DRV - [2001-08-17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [1999-09-10 12:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.sys -- (Aspi32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.asus.com [binary data] IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\S-1-5-21-1738470603-1126907014-1058378149-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\S-1-5-21-1738470603-1126907014-1058378149-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.dziennik.pl/" FF - prefs.js..extensions.enabledItems: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5190 FF - prefs.js..extensions.enabledItems: BSToolbar@toolbarnet.com:1.0.0.4 FF - prefs.js..extensions.enabledItems: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1800 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {F2DDDB92-1605-4260-9B25-45A4DAE87B50}:1.0 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.6 FF - prefs.js..extensions.enabledItems: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:3.1.0.1840 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009-01-08 21:21:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\3.1.0.1840\FF [2009-12-05 22:51:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF [2009-12-05 22:52:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1800\FF [2009-12-05 22:52:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006-10-09 20:03:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2006-10-09 20:03:06 | 000,000,000 | ---D | M] [2008-08-28 11:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Extensions [2006-10-09 20:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\extensions [2008-02-07 16:54:16 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-09-09 14:56:56 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2008-02-07 17:09:40 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\searchplugins\aolsearch.xml [2008-08-26 22:25:22 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\searchplugins\bsplayer-search.xml [2006-10-09 20:03:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2006-10-11 21:43:06 | 000,000,000 | ---D | M] (WhenU) -- C:\Program Files\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34} [2010-01-30 09:20:44 | 000,000,000 | ---D | M] (QuestService) -- C:\Program Files\Mozilla Firefox\extensions\{F2DDDB92-1605-4260-9B25-45A4DAE87B50} [2009-09-09 22:25:18 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-09-09 22:25:18 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-09-09 22:25:18 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-09-09 22:25:18 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-09-09 22:25:18 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-09-09 22:25:18 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml [2009-12-06 00:11:06 | 000,002,405 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\questservice129.xml [2010-01-01 13:37:50 | 000,002,405 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\questservice133.xml [2010-01-30 09:20:44 | 000,002,405 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\questservice139.xml O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll () O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1800\CPAIEAddOn.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll () O2 - BHO: (TCP) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\3.1.0.1840\WSO.dll () O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll () O3 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\..\Toolbar\WebBrowser: (no name) - {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [a-winpoet-service] C:\Program Files\DialNet\winpppoverethernet.exe (Fine Point Technologies, Inc.) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [Control Center] C:\Program Files\Asus\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe () O4 - HKLM..\Run: [Internet Today Task] C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe () O4 - HKLM..\Run: [z-WrDialer] C:\Program Files\DialNet\WrDialer.exe (Fine Point Technologies, Inc.) O4 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005..\Run: [cdoosoft] C:\Documents and Settings\Madzia\Ustawienia lokalne\Temp\herss.exe () O4 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005..\Run: [Gadu-Gadu 10] D:\GaduGadu\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005..\Run: [Net4Switch] C:\Program Files\Asus\Net4Switch\Net4Switch.exe (ASUS) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe (asus) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MultiFrame.lnk = C:\Program Files\Asus\Asus MultiFrame\MultiFrame.exe (ASUSTek Computer Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10) O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 16:01:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2010-01-31 18:59:12 | 000,000,057 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2010-01-31 18:59:12 | 000,000,057 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{3a910d6e-b66d-11de-b13d-0009dd600c27}\Shell\AutoRun\command - "" = F:\vlvtdflx.exe -- File not found O33 - MountPoints2\{3a910d6e-b66d-11de-b13d-0009dd600c27}\Shell\open\Command - "" = F:\vlvtdflx.exe -- File not found O33 - MountPoints2\{3a910d6f-b66d-11de-b13d-0009dd600c27}\Shell\AutoRun\command - "" = G:\USBNB.exe -- File not found O33 - MountPoints2\{ac499ea4-0da2-11de-b04c-0009dd600c27}\Shell\AutoRun\command - "" = F:\sp1jensi.exe -- File not found O33 - MountPoints2\{ac499ea4-0da2-11de-b04c-0009dd600c27}\Shell\open\Command - "" = F:\sp1jensi.exe -- File not found O33 - MountPoints2\{c1b90448-57bd-11db-a9aa-806d6172696f}\Shell\AutoRun\command - "" = C:\1hqup.exe -- [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] () O33 - MountPoints2\{c1b90448-57bd-11db-a9aa-806d6172696f}\Shell\open\Command - "" = C:\1hqup.exe -- [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] () O33 - MountPoints2\{c1b90449-57bd-11db-a9aa-806d6172696f}\Shell\AutoRun\command - "" = D:\1hqup.exe -- [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] () O33 - MountPoints2\{c1b90449-57bd-11db-a9aa-806d6172696f}\Shell\open\Command - "" = D:\1hqup.exe -- [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-01-30 00:24:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-01-30 00:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Dane aplikacji\Gadu-Gadu 10 [2010-01-29 23:25:04 | 000,000,000 | -HSD | C] -- C:\FOUND.009 [2010-01-27 23:11:50 | 000,000,000 | -HSD | C] -- C:\FOUND.008 [2010-01-26 18:31:44 | 000,000,000 | -HSD | C] -- C:\FOUND.007 [2010-01-18 12:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Pulpit\akty prawne do pracy lic [2010-01-13 08:19:36 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2009-02-19 16:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2009-02-19 00:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2008-10-09 18:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2007-11-17 13:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple [2006-09-18 16:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2006-09-18 16:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2006-09-18 15:53:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2006-09-18 15:53:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-01-31 19:01:02 | 000,000,057 | RHS- | M] () -- C:\autorun.inf [2010-01-31 18:20:40 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Madzia\Pulpit\Microsoft Word.lnk [2010-01-31 18:18:16 | 000,000,170 | ---- | M] () -- C:\ASWL2K.ini [2010-01-31 18:17:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-01-31 18:17:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-01-31 18:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-01-31 18:17:14 | 402,051,072 | -HS- | M] () -- C:\hiberfil.sys [2010-01-31 18:16:34 | 000,000,640 | ---- | M] () -- C:\WINDOWS\win.ini [2010-01-31 18:16:28 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\Madzia\NTUSER.DAT [2010-01-31 18:16:20 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2010-01-31 18:16:14 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Madzia\ntuser.ini [2010-01-31 18:08:12 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] () -- C:\1hqup.exe [2010-01-30 21:48:52 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-01-30 21:19:02 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-30 19:08:08 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-01-30 00:24:28 | 000,000,470 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-01-30 00:24:28 | 000,000,451 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-01-29 19:47:18 | 000,097,280 | RHS- | M] () -- C:\mvmdh.exe [2010-01-28 00:53:12 | 000,120,832 | RHS- | M] () -- C:\e9naq.exe [2010-01-15 16:40:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-01-13 08:42:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-01-11 22:39:24 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2010-01-04 09:41:56 | 000,120,320 | RHS- | M] () -- C:\h0.exe [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-01-31 09:34:35 | 000,090,624 | RHS- | C] () -- C:\1hqup.exe [2010-01-30 00:24:27 | 000,000,470 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-01-30 00:24:27 | 000,000,451 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-01-29 19:48:00 | 000,097,280 | RHS- | C] () -- C:\mvmdh.exe [2010-01-28 00:53:41 | 000,120,832 | RHS- | C] () -- C:\e9naq.exe [2010-01-02 09:50:49 | 000,120,320 | RHS- | C] () -- C:\h0.exe [2009-10-15 00:26:09 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2009-01-08 21:23:17 | 000,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008-10-09 15:13:06 | 000,065,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoETNic2000.sys [2008-10-09 15:13:06 | 000,052,214 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoET2000.sys [2008-08-29 13:14:45 | 000,000,179 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2008-07-01 09:04:40 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys [2008-01-04 17:44:02 | 000,000,462 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2008-01-04 17:44:02 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini [2008-01-04 17:44:02 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2008-01-04 17:18:47 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll [2008-01-04 17:17:07 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2007-08-31 19:10:37 | 000,000,020 | ---- | C] () -- C:\WINDOWS\naglos.INI [2007-03-16 12:12:54 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI [2007-01-06 21:02:32 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-12-30 19:22:28 | 000,000,137 | ---- | C] () -- C:\WINDOWS\disney.ini [2006-12-30 19:22:19 | 000,000,182 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2006-11-02 18:58:19 | 000,000,057 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2006-10-09 20:06:15 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys [2006-10-09 20:06:15 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\VBTEnum.sys [2006-10-09 19:59:54 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-10-09 19:59:54 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2006-10-09 19:59:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI [2006-10-09 14:30:32 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-10-09 14:25:17 | 000,000,325 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2006-09-18 16:33:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56spn.dll [2006-09-18 16:33:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56itl.dll [2006-09-18 16:33:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56eng.dll [2006-09-18 16:33:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56brz.dll [2006-09-18 16:33:52 | 000,061,440 | R--- | C] () -- C:\WINDOWS\sm56ger.dll [2006-09-18 16:33:52 | 000,061,440 | R--- | C] () -- C:\WINDOWS\sm56fra.dll [2006-09-18 16:33:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\sm56jpn.dll [2006-09-18 16:33:52 | 000,049,152 | R--- | C] () -- C:\WINDOWS\sm56cht.dll [2006-09-18 16:33:52 | 000,049,152 | R--- | C] () -- C:\WINDOWS\sm56chs.dll [2006-09-18 16:31:30 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS [2006-09-18 16:29:08 | 000,014,848 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynSam.sys [2006-09-18 16:29:08 | 000,008,064 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynScan.sys [2006-09-18 16:29:07 | 001,056,512 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynMini.sys [2006-09-18 16:29:07 | 000,498,688 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynPin.sys [2006-09-18 16:29:07 | 000,030,592 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynCamd.sys [2006-09-18 16:18:56 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-09-18 10:35:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-01-02 21:16:32 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini [2005-02-17 10:07:48 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys [2004-11-24 07:38:18 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS [2004-11-24 07:38:18 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2002-09-06 11:36:16 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2002-03-04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [2002-01-14 14:37:00 | 000,459,776 | ---- | C] () -- C:\WINDOWS\System32\converter.dll [1999-01-22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

Dodano Dzisiaj, 19:06:
czy tak to ma być? :]

Dodano Dzisiaj, 19:07:
jeszcze jest drugi.

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2010-01-31 18:58:34 - Run 1 OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Madzia\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,00 Mb Total Physical Memory | 56,00 Mb Available Physical Memory | 15,00% Memory free 920,00 Mb Paging File | 423,00 Mb Available in Paging File | 46,00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43,64 Gb Total Space | 19,28 Gb Free Space | 44,17% Space Free | Partition Type: FAT32 Drive D: | 29,00 Gb Total Space | 4,31 Gb Free Space | 14,87% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TWOJA-9D184A9B8 Current User Name: Madzia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "20337:TCP" = 20337:TCP:*:Enabled:BitComet 20337 TCP "20337:UDP" = 20337:UDP:*:Enabled:BitComet 20337 UDP "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "13403:TCP" = 13403:TCP:*:Enabled:BitComet 13403 TCP "13403:UDP" = 13403:UDP:*:Enabled:BitComet 13403 UDP [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation) "C:\Program Files\Wapster\AQQ\AQQ.exe" = C:\Program Files\Wapster\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- File not found "C:\PROGRA~1\Wapster\AQQ\AQQ.exe" = C:\PROGRA~1\Wapster\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- File not found "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Program Files\Gadu-Gadu\GG.EXE" = C:\Program Files\Gadu-Gadu\GG.EXE:*:Enabled:Gadu-Gadu - program główny -- File not found "D:\last.fm\Last.fm\LastFM.exe" = D:\last.fm\Last.fm\LastFM.exe:*:Enabled:Last.fm -- (Last.fm) "D:\BitComet\BitComet\BitComet.exe" = D:\BitComet\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (http://www.BitComet.com) "C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:Orb -- File not found "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "D:\Nowe Gadu-Gadu\gg.exe" = D:\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu beta -- File not found "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00010415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Panel sterowania ATI "{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0 "{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15 "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10 "{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{44734179-8A79-4DEE-BB08-73037F065543}" = Obsługa urządzeń mobilnych Apple "{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD "{71FF9607-1710-45D6-95AD-D4A27272DAD3}" = ASUS World Clock "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver "{94CFF341-2471-44E7-8439-2D12A2611D2F}" = DialNet "{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = Asus MultiFrame "{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch "{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9 "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet NIC Driver "{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil "{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update "{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9 "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E6B6FA66-92E7-4859-B0C6-1E70FC9700FD}" = ESET NOD32 Antivirus "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Asus ChkMail" = Asus ChkMail "ATI Display Driver" = ATI Display Driver "BitComet" = BitComet 0.73 "BS.Player ControlBar" = BS.Player ControlBar "BSPlayer1" = BSPlayer "BSPlayerf" = BS.Player FREE "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Google Updater" = Aktualizator Google "HControl" = ATK0100 ACPI UTILITY "ie8" = Windows Internet Explorer 8 "InterActual Player" = InterActual Player "LastFM_is1" = Last.fm 1.5.4.24567 "LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation) "Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero OEM "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "Picasa 3" = Picasa 3 "QuestService" = QuestService 1.0 build 139 "RealPlayer 6.0" = RealPlayer "SaveNow" = WhenU SaveNow "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SMSERIAL" = Motorola SM56 Data Fax Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam "Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WinZip" = WinZip "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "foobar2000" = foobar2000 v0.9.5.6 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-01-28 07:08:14 | Computer Name = TWOJA-9D184A9B8 | Source = Google Update | ID = 20 Description = Error - 2010-01-28 14:50:11 | Computer Name = TWOJA-9D184A9B8 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.1.3622, moduł powodujący błąd questservice.dll, wersja 0.0.0.0, adres błędu 0x00003b02. Error - 2010-01-29 04:05:14 | Computer Name = TWOJA-9D184A9B8 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-01-29 14:54:17 | Computer Name = TWOJA-9D184A9B8 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-01-29 18:25:37 | Computer Name = TWOJA-9D184A9B8 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-01-30 14:53:49 | Computer Name = TWOJA-9D184A9B8 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AcroRd32.exe, wersja 7.0.8.218, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-01-30 14:53:49 | Computer Name = TWOJA-9D184A9B8 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AcroRd32.exe, wersja 7.0.8.218, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-01-30 14:53:51 | Computer Name = TWOJA-9D184A9B8 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AcroRd32.exe, wersja 7.0.8.218, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-01-30 19:15:37 | Computer Name = TWOJA-9D184A9B8 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd gg.exe, wersja 10.0.0.10547, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-01-30 19:18:03 | Computer Name = TWOJA-9D184A9B8 | Source = ASWLSVC | ID = 0 Description =

**Posty:** 18165 · przez **wojtas** 31 Sty 2010, 21:42

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
FF - prefs.js..extensions.enabledItems: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5190
FF - prefs.js..extensions.enabledItems: BSToolbar@toolbarnet.com:1.0.0.4
FF - prefs.js..extensions.enabledItems: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1800
FF - prefs.js..extensions.enabledItems: {F2DDDB92-1605-4260-9B25-45A4DAE87B50}:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.6
FF - prefs.js..extensions.enabledItems: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:3.1.0.1840
FF - HKLM\software\mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\3.1.0.1840\FF [2009-12-05 22:51:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF [2009-12-05 22:52:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1800\FF [2009-12-05 22:52:36 | 000,000,000 | ---D | M]
O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll ()
O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1800\CPAIEAddOn.dll ()
O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll ()
O2 - BHO: (TCP) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll ()
O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\3.1.0.1840\WSO.dll ()
O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
O3 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\..\Toolbar\WebBrowser: (no name) - {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005..\Run: [cdoosoft] C:\Documents and Settings\Madzia\Ustawienia lokalne\Temp\herss.exe ()
O32 - AutoRun File - [2010-01-31 18:59:12 | 000,000,057 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-01-31 18:59:12 | 000,000,057 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{3a910d6e-b66d-11de-b13d-0009dd600c27}\Shell\AutoRun\command - "" = F:\vlvtdflx.exe -- File not found
O33 - MountPoints2\{3a910d6e-b66d-11de-b13d-0009dd600c27}\Shell\open\Command - "" = F:\vlvtdflx.exe -- File not found
O33 - MountPoints2\{3a910d6f-b66d-11de-b13d-0009dd600c27}\Shell\AutoRun\command - "" = G:\USBNB.exe -- File not found
O33 - MountPoints2\{ac499ea4-0da2-11de-b04c-0009dd600c27}\Shell\AutoRun\command - "" = F:\sp1jensi.exe -- File not found
O33 - MountPoints2\{ac499ea4-0da2-11de-b04c-0009dd600c27}\Shell\open\Command - "" = F:\sp1jensi.exe -- File not found
O33 - MountPoints2\{c1b90448-57bd-11db-a9aa-806d6172696f}\Shell\AutoRun\command - "" = C:\1hqup.exe -- [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] ()
O33 - MountPoints2\{c1b90448-57bd-11db-a9aa-806d6172696f}\Shell\open\Command - "" = C:\1hqup.exe -- [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] ()
O33 - MountPoints2\{c1b90449-57bd-11db-a9aa-806d6172696f}\Shell\AutoRun\command - "" = D:\1hqup.exe -- [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] ()
O33 - MountPoints2\{c1b90449-57bd-11db-a9aa-806d6172696f}\Shell\open\Command - "" = D:\1hqup.exe -- [2010-01-31 16:52:48 | 000,090,624 | RHS- | M] ()

:Files
C:\mvmdh.exe
C:\e9naq.exe
C:\autorun.inf
C:\1hqup.exe
C:\h0.exe
d:\mvmdh.exe
d:\e9naq.exe
d:\autorun.inf
d:\1hqup.exe
d:\h0.exe
C:\Program Files\BS.Player ControlBar
C:\Program Files\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34}
C:\Program Files\Mozilla Firefox\extensions\{F2DDDB92-1605-4260-9B25-45A4DAE87B50}
C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\searchplugins\aolsearch.xml
C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\searchplugins\bsplayer-search.xml
C:\Program Files\Mozilla Firefox\searchplugins\questservice129.xml
C:\Program Files\Mozilla Firefox\searchplugins\questservice133.xml
C:\Program Files\Mozilla Firefox\searchplugins\questservice139.xml
C:\Program Files\Web Search Operator
C:\Program Files\Automated Content Enhancer
C:\Program Files\Customized Platform Advancer
C:\Program Files\Content Management Wizard
C:\Program Files\Textual Content Provider
C:\Program Files\QuestService

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Services
QuestService Service

:Commands
[emptytemp]

Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTL z opcją Run Scan. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia komputera

**Posty:** 6 · przez **eMbe87** 31 Sty 2010, 22:46

Otl.tht

Kod: Zaznacz wszystko: OTL logfile created on: 2010-01-31 21:42:33 - Run 2 OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Madzia\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,00 Mb Total Physical Memory | 154,00 Mb Available Physical Memory | 40,00% Memory free 920,00 Mb Paging File | 582,00 Mb Available in Paging File | 63,00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43,64 Gb Total Space | 20,10 Gb Free Space | 46,06% Space Free | Partition Type: FAT32 Drive D: | 29,00 Gb Total Space | 4,31 Gb Free Space | 14,87% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TWOJA-9D184A9B8 Current User Name: Madzia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-01-31 18:56:50 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Madzia\Moje dokumenty\Pobieranie\OTL.exe PRC - [2009-12-13 23:21:44 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-12-13 23:21:42 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-11-26 18:27:36 | 000,348,160 | ---- | M] () -- C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe PRC - [2009-01-08 21:20:06 | 000,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2008-07-01 09:02:28 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2008-07-01 09:01:04 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-09-06 13:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2007-07-06 08:40:38 | 000,405,504 | ---- | M] (Fine Point Technologies, Inc.) -- C:\Program Files\DialNet\WinPPPoverEthernet.exe PRC - [2007-07-04 16:27:24 | 000,135,168 | ---- | M] (Fine Point Technologies, Inc.) -- C:\Program Files\DialNet\WrOS.exe PRC - [2006-07-25 18:03:44 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2006-06-01 14:02:54 | 000,491,520 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\Asus\Asus MultiFrame\MultiFrame.exe PRC - [2006-03-08 21:05:00 | 000,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe PRC - [2006-03-08 09:42:00 | 000,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2006-03-02 15:34:50 | 001,101,824 | ---- | M] (ASUS) -- C:\Program Files\Asus\Net4Switch\Net4Switch.exe PRC - [2006-02-22 23:40:40 | 000,106,496 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe PRC - [2006-02-21 02:25:58 | 002,170,880 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe PRC - [2005-10-21 02:26:48 | 000,761,945 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2005-10-17 17:09:34 | 000,987,136 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2005-09-13 21:55:14 | 001,668,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files\Asus\WLAN Card Utilities\Center.exe PRC - [2005-06-06 13:23:08 | 001,183,744 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe PRC - [2005-04-06 16:03:28 | 000,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe PRC - [2004-11-02 20:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe PRC - [2004-05-06 12:21:04 | 000,496,640 | ---- | M] () -- C:\WINDOWS\system32\ASWLSVC.exe PRC - [2003-09-12 20:25:30 | 000,032,768 | ---- | M] (asus) -- C:\Program Files\Asus\Asus ChkMail\ChkMail.exe PRC - [2002-04-12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe PRC - [2001-12-13 00:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-01-31 18:56:50 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Madzia\Moje dokumenty\Pobieranie\OTL.exe MOD - [2006-05-17 16:39:26 | 000,028,672 | ---- | M] () -- C:\Program Files\Asus\Asus MultiFrame\HookTitle.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (SNDSrvc) SRV - [2009-12-13 23:21:42 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-03-27 02:46:06 | 000,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009-02-19 00:58:30 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c99224d4912af2) Usługa Google Update (gupdate1c99224d4912af2) SRV - [2008-07-01 09:08:00 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2008-07-01 09:02:28 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2008-04-14 19:20:34 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\irmon.dll -- (Irmon) SRV - [2008-03-30 10:36:30 | 000,504,104 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2007-09-06 13:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2007-07-04 16:27:24 | 000,135,168 | ---- | M] (Fine Point Technologies, Inc.) [Auto | Running] -- C:\Program Files\DialNet\WrOS.exe -- (WinPPPoverEthernet) SRV - [2006-07-25 18:03:44 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate) SRV - [2006-07-25 18:03:44 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2006-03-08 09:42:00 | 000,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2005-04-06 16:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - [2004-05-06 12:21:04 | 000,496,640 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC) SRV - [2002-04-12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2008-11-20 21:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2008-07-01 09:04:40 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-07-01 08:57:14 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv) DRV - [2008-07-01 08:56:22 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2008-04-13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2008-01-29 12:01:28 | 000,016,168 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2007-11-13 11:25:56 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2007-10-31 14:09:14 | 000,030,464 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL) DRV - [2007-07-04 16:27:24 | 000,065,604 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys -- (WRSWanDD) DRV - [2007-07-04 16:27:24 | 000,052,214 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\DialNet\WrKPoET2000.sys -- (WrKPoET2000) DRV - [2007-07-04 16:27:24 | 000,052,214 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WrKPoET2000.sys -- (TopWinPoETDriver) DRV - [2007-07-04 16:27:22 | 000,030,336 | ---- | M] (Politecnico di Torino) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fpd.sys -- (FPD) DRV - [2007-06-28 11:44:58 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd) DRV - [2007-06-28 11:44:18 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm) DRV - [2007-06-28 11:44:18 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj) DRV - [2007-06-28 11:44:16 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc) DRV - [2007-03-16 11:31:08 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\STEC3.sys -- (STEC3) DRV - [2006-09-18 16:31:56 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x) DRV - [2006-09-15 22:52:12 | 000,124,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent) DRV - [2006-07-02 22:33:24 | 001,056,512 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini) DRV - [2006-06-29 22:40:52 | 000,008,064 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan) DRV - [2006-05-04 04:13:52 | 004,271,616 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-03-08 09:49:20 | 001,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006-01-24 10:45:56 | 000,034,944 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipswuio.sys -- (ipswuio) DRV - [2006-01-19 23:44:42 | 000,862,340 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2006-01-18 05:41:58 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2005-10-21 02:13:08 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005-07-14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk) DRV - [2005-07-12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005-05-31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2005-05-31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2005-04-30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBTEnum.sys -- (BTHidEnum) DRV - [2005-04-30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2005-04-30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT) DRV - [2005-03-25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2005-02-17 10:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2005-02-11 21:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2004-10-19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2004-10-15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) DRV - [2004-08-04 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2004-08-04 13:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM) DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2002-09-09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5) DRV - [2001-08-17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [1999-09-10 12:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.sys -- (Aspi32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.asus.com [binary data] IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\S-1-5-21-1738470603-1126907014-1058378149-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\S-1-5-21-1738470603-1126907014-1058378149-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.dziennik.pl/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.6 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009-01-08 21:21:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006-10-09 20:03:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2006-10-09 20:03:06 | 000,000,000 | ---D | M] [2008-08-28 11:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Extensions [2006-10-09 20:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\extensions [2008-02-07 16:54:16 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-09-09 14:56:56 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Madzia\Dane aplikacji\Mozilla\Firefox\Profiles\9quso2cr.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2006-10-09 20:03:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-09-09 22:25:18 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-09-09 22:25:18 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-09-09 22:25:18 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-09-09 22:25:18 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-09-09 22:25:18 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-09-09 22:25:18 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [a-winpoet-service] C:\Program Files\DialNet\winpppoverethernet.exe (Fine Point Technologies, Inc.) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [Control Center] C:\Program Files\Asus\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe () O4 - HKLM..\Run: [Internet Today Task] C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe () O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe () O4 - HKLM..\Run: [z-WrDialer] C:\Program Files\DialNet\WrDialer.exe (Fine Point Technologies, Inc.) O4 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005..\Run: [Gadu-Gadu 10] D:\GaduGadu\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005..\Run: [Net4Switch] C:\Program Files\Asus\Net4Switch\Net4Switch.exe (ASUS) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe (asus) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MultiFrame.lnk = C:\Program Files\Asus\Asus MultiFrame\MultiFrame.exe (ASUSTek Computer Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10) O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 16:01:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-01-31 21:40:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Pulpit\Nowy folder [2010-01-31 21:31:21 | 000,000,000 | ---D | C] -- C:\_OTL [2010-01-30 00:24:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-01-30 00:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Dane aplikacji\Gadu-Gadu 10 [2010-01-29 23:25:04 | 000,000,000 | -HSD | C] -- C:\FOUND.009 [2010-01-27 23:11:50 | 000,000,000 | -HSD | C] -- C:\FOUND.008 [2010-01-26 18:31:44 | 000,000,000 | -HSD | C] -- C:\FOUND.007 [2010-01-18 12:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Pulpit\akty prawne do pracy lic [2010-01-13 08:19:36 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2009-02-19 16:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2009-02-19 00:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2008-10-09 18:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2007-11-17 13:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple [2006-09-18 16:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2006-09-18 16:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2006-09-18 15:53:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2006-09-18 15:53:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-01-31 21:43:08 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\Madzia\NTUSER.DAT [2010-01-31 21:39:08 | 000,000,170 | ---- | M] () -- C:\ASWL2K.ini [2010-01-31 21:38:52 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-01-31 21:37:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-01-31 21:37:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-01-31 21:37:22 | 402,051,072 | -HS- | M] () -- C:\hiberfil.sys [2010-01-31 21:33:18 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2010-01-31 21:33:12 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Madzia\ntuser.ini [2010-01-31 21:08:14 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-01-31 19:08:04 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-01-31 18:20:40 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Madzia\Pulpit\Microsoft Word.lnk [2010-01-31 18:16:34 | 000,000,640 | ---- | M] () -- C:\WINDOWS\win.ini [2010-01-30 21:48:52 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-01-30 21:19:02 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-30 00:24:28 | 000,000,470 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-01-30 00:24:28 | 000,000,451 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-01-15 16:40:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-01-13 08:42:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-01-11 22:39:24 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-01-30 00:24:27 | 000,000,470 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-01-30 00:24:27 | 000,000,451 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2009-10-15 00:26:09 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2009-01-08 21:23:17 | 000,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008-10-09 15:13:06 | 000,065,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoETNic2000.sys [2008-10-09 15:13:06 | 000,052,214 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoET2000.sys [2008-08-29 13:14:45 | 000,000,179 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2008-07-01 09:04:40 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys [2008-01-04 17:44:02 | 000,000,462 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2008-01-04 17:44:02 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini [2008-01-04 17:44:02 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2008-01-04 17:18:47 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll [2008-01-04 17:17:07 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2007-08-31 19:10:37 | 000,000,020 | ---- | C] () -- C:\WINDOWS\naglos.INI [2007-03-16 12:12:54 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI [2007-01-06 21:02:32 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-12-30 19:22:28 | 000,000,137 | ---- | C] () -- C:\WINDOWS\disney.ini [2006-12-30 19:22:19 | 000,000,182 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2006-11-02 18:58:19 | 000,000,057 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2006-10-09 20:06:15 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys [2006-10-09 20:06:15 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\VBTEnum.sys [2006-10-09 19:59:54 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-10-09 19:59:54 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2006-10-09 19:59:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI [2006-10-09 14:30:32 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-10-09 14:25:17 | 000,000,325 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2006-09-18 16:33:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56spn.dll [2006-09-18 16:33:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56itl.dll [2006-09-18 16:33:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56eng.dll [2006-09-18 16:33:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56brz.dll [2006-09-18 16:33:52 | 000,061,440 | R--- | C] () -- C:\WINDOWS\sm56ger.dll [2006-09-18 16:33:52 | 000,061,440 | R--- | C] () -- C:\WINDOWS\sm56fra.dll [2006-09-18 16:33:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\sm56jpn.dll [2006-09-18 16:33:52 | 000,049,152 | R--- | C] () -- C:\WINDOWS\sm56cht.dll [2006-09-18 16:33:52 | 000,049,152 | R--- | C] () -- C:\WINDOWS\sm56chs.dll [2006-09-18 16:31:30 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS [2006-09-18 16:29:08 | 000,014,848 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynSam.sys [2006-09-18 16:29:08 | 000,008,064 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynScan.sys [2006-09-18 16:29:07 | 001,056,512 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynMini.sys [2006-09-18 16:29:07 | 000,498,688 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynPin.sys [2006-09-18 16:29:07 | 000,030,592 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynCamd.sys [2006-09-18 16:18:56 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-09-18 10:35:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-01-02 21:16:32 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini [2005-02-17 10:07:48 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys [2004-11-24 07:38:18 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS [2004-11-24 07:38:18 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2002-09-06 11:36:16 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2002-03-04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [2002-01-14 14:37:00 | 000,459,776 | ---- | C] () -- C:\WINDOWS\System32\converter.dll [1999-01-22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL < End of report >

Dodano Dzisiaj, 21:46:
extras.tht

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2010-01-31 21:42:33 - Run 2 OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Madzia\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,00 Mb Total Physical Memory | 154,00 Mb Available Physical Memory | 40,00% Memory free 920,00 Mb Paging File | 582,00 Mb Available in Paging File | 63,00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43,64 Gb Total Space | 20,10 Gb Free Space | 46,06% Space Free | Partition Type: FAT32 Drive D: | 29,00 Gb Total Space | 4,31 Gb Free Space | 14,87% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TWOJA-9D184A9B8 Current User Name: Madzia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "20337:TCP" = 20337:TCP:*:Enabled:BitComet 20337 TCP "20337:UDP" = 20337:UDP:*:Enabled:BitComet 20337 UDP "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "13403:TCP" = 13403:TCP:*:Enabled:BitComet 13403 TCP "13403:UDP" = 13403:UDP:*:Enabled:BitComet 13403 UDP [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation) "C:\Program Files\Wapster\AQQ\AQQ.exe" = C:\Program Files\Wapster\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- File not found "C:\PROGRA~1\Wapster\AQQ\AQQ.exe" = C:\PROGRA~1\Wapster\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- File not found "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Program Files\Gadu-Gadu\GG.EXE" = C:\Program Files\Gadu-Gadu\GG.EXE:*:Enabled:Gadu-Gadu - program główny -- File not found "D:\last.fm\Last.fm\LastFM.exe" = D:\last.fm\Last.fm\LastFM.exe:*:Enabled:Last.fm -- (Last.fm) "D:\BitComet\BitComet\BitComet.exe" = D:\BitComet\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com) "C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:Orb -- File not found "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "D:\Nowe Gadu-Gadu\gg.exe" = D:\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu beta -- File not found "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00010415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Panel sterowania ATI "{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0 "{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15 "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10 "{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{44734179-8A79-4DEE-BB08-73037F065543}" = Obsługa urządzeń mobilnych Apple "{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD "{71FF9607-1710-45D6-95AD-D4A27272DAD3}" = ASUS World Clock "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver "{94CFF341-2471-44E7-8439-2D12A2611D2F}" = DialNet "{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = Asus MultiFrame "{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch "{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9 "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet NIC Driver "{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil "{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update "{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9 "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E6B6FA66-92E7-4859-B0C6-1E70FC9700FD}" = ESET NOD32 Antivirus "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Asus ChkMail" = Asus ChkMail "ATI Display Driver" = ATI Display Driver "BitComet" = BitComet 0.73 "BS.Player ControlBar" = BS.Player ControlBar "BSPlayer1" = BSPlayer "BSPlayerf" = BS.Player FREE "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Google Updater" = Aktualizator Google "HControl" = ATK0100 ACPI UTILITY "ie8" = Windows Internet Explorer 8 "InterActual Player" = InterActual Player "LastFM_is1" = Last.fm 1.5.4.24567 "LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation) "Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero OEM "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "Picasa 3" = Picasa 3 "QuestService" = QuestService 1.0 build 139 "RealPlayer 6.0" = RealPlayer "SaveNow" = WhenU SaveNow "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SMSERIAL" = Motorola SM56 Data Fax Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam "Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WinZip" = WinZip "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1738470603-1126907014-1058378149-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "foobar2000" = foobar2000 v0.9.5.6 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-01-28 14:50:11 | Computer Name = TWOJA-9D184A9B8 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.1.3622, moduł powodujący błąd questservice.dll, wersja 0.0.0.0, adres błędu 0x00003b02. Error - 2010-01-29 04:05:14 | Computer Name = TWOJA-9D184A9B8 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-01-29 14:54:17 | Computer Name = TWOJA-9D184A9B8 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-01-29 18:25:37 | Computer Name = TWOJA-9D184A9B8 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-01-30 14:53:49 | Computer Name = TWOJA-9D184A9B8 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AcroRd32.exe, wersja 7.0.8.218, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-01-30 14:53:49 | Computer Name = TWOJA-9D184A9B8 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AcroRd32.exe, wersja 7.0.8.218, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-01-30 14:53:51 | Computer Name = TWOJA-9D184A9B8 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AcroRd32.exe, wersja 7.0.8.218, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-01-30 19:15:37 | Computer Name = TWOJA-9D184A9B8 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd gg.exe, wersja 10.0.0.10547, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-01-30 19:18:03 | Computer Name = TWOJA-9D184A9B8 | Source = ASWLSVC | ID = 0 Description = Error - 2010-01-31 16:37:46 | Computer Name = TWOJA-9D184A9B8 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ] Error - 2010-01-31 16:31:49 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7034 Description = Usługa Ati HotKey Poller niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-01-31 16:31:49 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7034 Description = Usługa BrSplService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-01-31 16:31:50 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7031 Description = Usługa Urządzenie mobilne Apple niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-01-31 16:31:50 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7034 Description = Usługa ASWLSVC niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-01-31 16:31:50 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7034 Description = Usługa BlueSoleil Hid Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-01-31 16:31:50 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7034 Description = Usługa Automatic LiveUpdate Scheduler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-01-31 16:31:50 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7031 Description = Usługa Eset Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-01-31 16:31:50 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-01-31 16:31:50 | Computer Name = TWOJA-9D184A9B8 | Source = Service Control Manager | ID = 7034 Description = Usługa QuestService Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >

Dodano Dzisiaj, 21:48:
teraz, po zrobieniu tego na pulpicie mam jakieś dziwne ikony, nie wiem skąd, AlbumArt ... się zwą, co mam z nimi zrobić?

Dodano Dzisiaj, 21:52:
pilki zniknęły, same z siebie. pytanie odwołane. ;p

**Posty:** 18165 · przez **wojtas** 01 Lut 2010, 13:41

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie ) i daj raport ze skanu

**Posty:** 6 · przez **eMbe87** 01 Lut 2010, 18:34

co do optymalizacji windowsa, mam zrobić wszystkie 10 punktów? czy jak zrobiłam pierwsze dwa, to wystarczy?

Dodano Dzisiaj, 18:09:
nie wiem + nie mogę znaleźć loga ze skanu tego programu,bo jak skończył skanować i usunął pliki które dało się usunąć to kazał uruchomić ponownie komputer aby coś tam zrobić z tymi plikami których usunąć nie można było i nie wiem jak go wyszukać.

Dodano Dzisiaj, 18:17:
znalazłam!

Kod: Zaznacz wszystko: Malwarebytes' Anti-Malware 1.44 Wersja bazy definicji: 3672 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2010-02-01 17:47:37 mbam-log-2010-02-01 (17-47-37).txt Typ skanowania: Szybkie skanowanie Przeskanowane obiekty: 104723 Upłynęło: 4 minute(s), 12 second(s) Zainfekowane procesy w pamięci: 1 Zainfekowane moduły pamięci: 1 Zainfekowane klucze rejestru: 57 Zainfekowane wartości rejestru: 1 Zainfekowane pliki rejestru: 6 Zainfekowane foldery: 5 Zainfekowane pliki: 59 Zainfekowane procesy w pamięci: C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe (Adware.Agent) -> Unloaded process successfully. Zainfekowane moduły pamięci: C:\Program Files\Internet Today\1.1.0.1190\SkinCrafterDll.dll (Adware.Agent) -> Delete on reboot. Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a9aae1ab-9688-42c5-86f5-c12f6b9015ad} (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\ACM.dll (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenU) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet today task (Adware.Agent) -> Quarantined and deleted successfully. Zainfekowane pliki rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Zainfekowane foldery: C:\Program Files\Save (Adware.WhenU) -> Quarantined and deleted successfully. C:\Documents and Settings\Madzia\Menu Start\Programy\WhenU (Adware.WhenU) -> Quarantined and deleted successfully. C:\Program Files\Internet Today (Adware.Agent) -> Delete on reboot. C:\Program Files\Internet Today\1.1.0.1190 (Adware.Agent) -> Delete on reboot. C:\Documents and Settings\All Users\Dane aplikacji\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully. Zainfekowane pliki: C:\Program Files\Save\ACM.dll (Adware.WhenU) -> Quarantined and deleted successfully. C:\mranjm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\l61yyp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\rg9g9bgq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\t2hjo0.exe (Worm.Taterf) -> Quarantined and deleted successfully. C:\sp1jensi.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\ctu8r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\f9o8o.exe (Worm.Taterf) -> Quarantined and deleted successfully. C:\r2g20.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\1di1w.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\vlvtdflx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\ycvvj.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\s3ek.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\wcgswa.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\b00ijwpu.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\eexyv.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\hjvjte.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\3n8awsyg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\uqgvf.exe (Worm.Taterf) -> Quarantined and deleted successfully. C:\a2g21.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\vk0w.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\g12g.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\pbudsara.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\6ruaqx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\9g86.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\lphfa.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\curqp.exe (Worm.Taterf) -> Quarantined and deleted successfully. C:\i9bwjpqc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\wu1n.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\ngp8l.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\wfx062.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\q3kku.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\mbdm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\mbvd.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\k8jc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\2id9.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\anoataly.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Program Files\Save\ffext.mod (Adware.WhenU) -> Quarantined and deleted successfully. C:\Program Files\Save\Save.exe (Adware.WhenU) -> Quarantined and deleted successfully. C:\Program Files\Save\save.htm (Adware.WhenU) -> Quarantined and deleted successfully. C:\Program Files\Save\SaveUninst.exe (Adware.WhenU) -> Quarantined and deleted successfully. C:\Documents and Settings\Madzia\Menu Start\Programy\WhenU\Learn More About WhenU Save.url (Adware.WhenU) -> Quarantined and deleted successfully. C:\Documents and Settings\Madzia\Menu Start\Programy\WhenU\Learn More About WhenU SaveNow.url (Adware.WhenU) -> Quarantined and deleted successfully. C:\Documents and Settings\Madzia\Menu Start\Programy\WhenU\WhenU.com Website.url (Adware.WhenU) -> Quarantined and deleted successfully. C:\Documents and Settings\Madzia\Menu Start\Programy\WhenU\Uninstall Instructions.lnk (Adware.WhenU) -> Quarantined and deleted successfully. C:\Documents and Settings\Madzia\Menu Start\Programy\WhenU\Customer Support.lnk (Adware.WhenU) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe (Adware.Agent) -> Delete on reboot. C:\Program Files\Internet Today\1.1.0.1190\PixelLogExe.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\SkinCrafterDll.dll (Adware.Agent) -> Delete on reboot. C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice139.exe (Adware.DoubleD) -> Quarantined and deleted successfully. C:\0qw6vege.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\mje12tni.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\opdux.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.

**Posty:** 18165 · przez **wojtas** 01 Lut 2010, 21:17

powinno być ok

**Posty:** 6 · przez **eMbe87** 01 Lut 2010, 21:51

dziekuje, dziekuje, dziekuje!

Kto jest na forum