Problem z wyskakującymi reklamami i zamuleniem kompa

**Posty:** 2 · przez **offek** 26 Sty 2011, 19:16

od wczoraj mam mały problem po instalacji autocada 2010 otworzylem pewien plik info dotyczący cracka i od tego momentu same wyskakuja mi reklamy z IE chociaż że moja domyślną przeglądarką jest opera pozatym zauważyłem że zaczyna mi mulić kompa gdy korzystam z innych programów czy ogólnie korzystam z jakiejs gry pod spodem wstawiam loga
Gmer

Kod: Zaznacz wszystko: GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2011-01-26 19:49:44 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\00000075 SAMSUNG_HD642JJ rev.1AA01113 Running: gmer.exe; Driver: C:\DOCUME~1\USER\USTAWI~1\Temp\axlyifog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0x9FE9C6B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0x9FE9C574] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0x9FE9CA52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0x9FE9C14C] SSDT spvh.sys ZwEnumerateKey [0xB9EC6CA2] SSDT spvh.sys ZwEnumerateValueKey [0xB9EC7030] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0x9FE9C64E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0x9FE9C08C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0x9FE9C0F0] SSDT spvh.sys ZwQueryKey [0xB9EC7108] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0x9FE9C76E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0x9FE9C72E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0x9FE9C8AE] INT 0x63 ? 8A413BF8 INT 0x73 ? 8A413BF8 INT 0x82 ? 8A3A7BF8 INT 0x94 ? 8A14ABF8 ---- Kernel code sections - GMER 1.0.15 ---- ? spvh.sys Nie można odnaleźć określonego pliku. ! .text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB8133000, 0x1C5D58, 0xE8000020] .text USBPORT.SYS!DllUnload B80FE8AC 5 Bytes JMP 8A14A1D8 .text am12z1qd.SYS B7975386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text am12z1qd.SYS B79753AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text am12z1qd.SYS B79753C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH} .text am12z1qd.SYS B79753C9 1 Byte [2E] .text am12z1qd.SYS B79753C9 11 Bytes [2E, 00, 00, 00, 5C, 02, 00, ...] {ADD CS:[EAX], AL; ADD [EDX+EAX+0x0], BL; ADD [EAX], AL; ADD [EAX], AL} .text ... init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xA33ABA00] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA9040] spvh.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA913C] spvh.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA90BE] spvh.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA97FC] spvh.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA96D2] spvh.sys IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!KfAcquireSpinLock] 4B8BDF8B IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!READ_PORT_UCHAR] 8D3F0304 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!KeGetCurrentIrql] CB033043 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!KfRaiseIrql] 0673C13B IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!KfLowerIrql] C13B0003 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!HalGetInterruptVector] 8366FA72 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!HalTranslateBusAddress] 75000E7B IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!KeStallExecutionProcessor] 0B7D80E3 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!KfReleaseSpinLock] 307B8D00 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 00AA840F IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!READ_PORT_USHORT] 83660000 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 6A000E7A IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[HAL.dll!WRITE_PORT_UCHAR] C6647400 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[WMILIB.SYS!WmiSystemControl] 4F8B0200 IAT \SystemRoot\System32\Drivers\am12z1qd.SYS[WMILIB.SYS!WmiCompleteRequest] 968D5140 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\services.exe[832] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002 IAT C:\WINDOWS\system32\services.exe[832] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000 IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\OLE32.DLL [USER32.dll!CreateWindowExA] [00419F13] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\OLE32.DLL [USER32.dll!CreateWindowExW] [00419F8B] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\OLE32.DLL [USER32.dll!DialogBoxParamW] [0041A11D] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\OLE32.DLL [USER32.dll!MessageBoxW] [0041A129] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\OLE32.DLL [USER32.dll!ShowWindow] [0041A003] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!CreateWindowExW] [00419F8B] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!MessageBoxW] [0041A129] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!SetWindowPos] [0041A0B1] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!DialogBoxParamW] [0041A11D] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [0041A11D] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [0041A11D] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00419F13] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00419F8B] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!MessageBoxA] [0041A129] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [0041A129] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!MessageBoxIndirectA] [0041A117] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!MessageBoxIndirectW] [0041A117] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [0041A0B1] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!ShowWindow] [0041A003] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!CreateWindowExW] [00419F8B] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DialogBoxParamW] [0041A11D] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!ShowWindow] [0041A003] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!SetWindowPos] [0041A0B1] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!MessageBoxW] [0041A129] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!MessageBoxA] [0041A129] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\WINDOWS\Ymelob.exe[1856] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!MessageBoxIndirectW] [0041A117] C:\WINDOWS\Ymelob.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\OLE32.dll [USER32.dll!CreateWindowExA] [0041B08D] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\OLE32.dll [USER32.dll!CreateWindowExW] [0041B107] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\OLE32.dll [USER32.dll!ShowWindow] [0041B181] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!CreateWindowExW] [0041B107] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowPos] [0041B233] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [0041B08D] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [0041B107] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [0041B233] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!ShowWindow] [0041B181] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!CreateWindowExW] [0041B107] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!ShowWindow] [0041B181] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe[4848] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!SetWindowPos] [0041B233] C:\DOCUME~1\USER\USTAWI~1\Temp\Yth.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateWindowExA] [00412F7F] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateWindowExW] [00412FF7] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!ShowWindow] [0041306F] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!CreateWindowExW] [00412FF7] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!SetWindowPos] [0041311D] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00412F7F] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00412FF7] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [0041311D] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!ShowWindow] [0041306F] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!CreateWindowExW] [00412FF7] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!ShowWindow] [0041306F] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) IAT C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe[5456] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!SetWindowPos] [0041311D] C:\DOCUME~1\USER\USTAWI~1\Temp\Ytm.exe (Windows Setup API/Avira GmbH) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8A4111F8 AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\usbohci \Device\USBPDO-0 8A0991F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A4141F8 Device \Driver\dmio \Device\DmControl\DmConfig 8A4141F8 Device \Driver\dmio \Device\DmControl\DmPnP 8A4141F8 Device \Driver\dmio \Device\DmControl\DmInfo 8A4141F8 Device \Driver\usbehci \Device\USBPDO-1 8A03E1F8 Device \Driver\sptd \Device\2611999402 spvh.sys Device \Driver\PCI_PNP8152 \Device\00000053 spvh.sys AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\Ftdisk \Device\HarddiskVolume1 8A3A81F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 8A3A81F8 Device \Driver\Cdrom \Device\CdRom0 8A0E9500 Device \Driver\atapi \Device\Ide\IdePort0 [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort1 [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-5 [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\Cdrom \Device\CdRom1 8A0E9500 Device \Driver\Ftdisk \Device\HarddiskVolume3 8A3A81F8 Device \Driver\Cdrom \Device\CdRom2 8A0E9500 Device \Driver\nvata \Device\00000075 8A4131F8 Device \Driver\Cdrom \Device\CdRom3 8A0E9500 Device \Driver\nvata \Device\00000076 8A4131F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 8A141500 Device \Driver\NetBT \Device\NetbiosSmb 8A141500 Device \Driver\USBSTOR \Device\00000095 89E81318 AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\usbohci \Device\USBFDO-0 8A0991F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{A9642B98-DB5A-42A5-B573-7BE00B586861} 8A141500 Device \Driver\usbehci \Device\USBFDO-1 8A03E1F8 Device \Driver\nvata \Device\NvAta0 8A4131F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A129430 Device \Driver\nvata \Device\NvAta1 8A4131F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A129430 Device \Driver\Ftdisk \Device\FtControl 8A3A81F8 Device \Driver\USBSTOR \Device\0000008b 89E81318 Device \Driver\am12z1qd \Device\Scsi\am12z1qd1Port4Path0Target0Lun0 8A01E1F8 Device \Driver\am12z1qd \Device\Scsi\am12z1qd1 8A01E1F8 Device \Driver\am12z1qd \Device\Scsi\am12z1qd1Port4Path0Target1Lun0 8A01E1F8 Device \FileSystem\Cdfs \Cdfs 8A10F500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA1 0xB2 0x32 0x47 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x7C 0xC1 0x49 0xDD ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xB9 0x2B 0xAF 0x12 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x3B 0x46 0x44 0xBC ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA1 0xB2 0x32 0x47 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x7C 0xC1 0x49 0xDD ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xB9 0x2B 0xAF 0x12 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x3B 0x46 0x44 0xBC ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher@TracesProcessed 184 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F997DBE9-E53D-770F-0559-DCDF0FDCFBEA} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F997DBE9-E53D-770F-0559-DCDF0FDCFBEA}@abmajpjobenkkjagemhlhcdjlhcndgfdel 0x61 0x61 0x00 0x00 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F997DBE9-E53D-770F-0559-DCDF0FDCFBEA}@bbmajpjobenkkjagemolgcopbhllkedpmkeo 0x61 0x61 0x00 0x00 ---- Files - GMER 1.0.15 ---- File C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Opera\Opera\cache\opr0J03M 1306 bytes File C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Opera\Opera\cache\opr0J03N 7263 bytes File C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Opera\Opera\cache\opr0J03O 2265 bytes File C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Opera\Opera\cache\opr0J03P 25 bytes File C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Opera\Opera\cache\opr0J03Q 25 bytes File C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Opera\Opera\opcache\opr0J03T 403 bytes ---- EOF - GMER 1.0.15 ----

OTl 1

Kod: Zaznacz wszystko: OTL logfile created on: 2011-01-26 18:43:35 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\USER\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 98,13 Gb Total Space | 69,05 Gb Free Space | 70,36% Space Free | Partition Type: NTFS Drive D: | 397,42 Gb Total Space | 282,90 Gb Free Space | 71,18% Space Free | Partition Type: NTFS Drive E: | 100,62 Gb Total Space | 93,55 Gb Free Space | 92,97% Space Free | Partition Type: NTFS Computer Name: STACJONARYN | User Name: USER | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-01-26 18:35:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe PRC - [2011-01-25 21:39:13 | 000,189,952 | ---- | M] (Avira GmbH) -- C:\Documents and Settings\USER\Ustawienia lokalne\Temp\Ytm.exe PRC - [2011-01-25 21:39:06 | 000,199,168 | ---- | M] (Avira GmbH) -- C:\WINDOWS\Ymelob.exe PRC - [2011-01-25 21:38:19 | 000,193,024 | ---- | M] (Avira GmbH) -- C:\Documents and Settings\USER\Ustawienia lokalne\Temp\Yth.exe PRC - [2010-11-16 22:36:46 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\games\Steam\steam.exe PRC - [2010-11-08 10:32:38 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\gmer.exe PRC - [2010-06-16 12:47:42 | 002,373,992 | ---- | M] (Mobile Leader Co.,Ltd.) -- C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe PRC - [2010-02-09 16:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe PRC - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-10-30 12:49:18 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE PRC - [2009-08-28 12:13:02 | 000,832,808 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-03-23 17:02:50 | 000,872,448 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe PRC - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2008-09-19 08:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2008-06-03 08:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-03-20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2007-04-23 03:00:00 | 000,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2007-04-11 14:32:22 | 000,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe PRC - [2006-12-18 21:34:36 | 000,868,352 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2006-07-13 07:12:26 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe PRC - [2006-02-17 10:40:36 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe PRC - [2006-02-17 10:39:02 | 000,139,264 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe PRC - [2006-02-17 10:35:58 | 000,127,035 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006-02-17 10:35:42 | 000,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006-02-17 10:17:08 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe PRC - [2003-04-06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe PRC - [2003-04-06 00:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-01-26 18:35:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009-07-12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll MOD - [2007-04-23 03:00:00 | 000,057,344 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll MOD - [2007-04-23 03:00:00 | 000,045,568 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2006-12-21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-06 10:50:45 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai) SRV - [2010-12-10 14:57:03 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-02-10 21:59:00 | 003,654,060 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2010-01-26 22:47:12 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-10-30 12:49:18 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2008-12-23 16:35:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2006-02-17 10:39:02 | 000,139,264 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2006-02-17 10:35:58 | 000,127,035 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2006-02-17 10:35:42 | 000,061,503 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2006-02-17 10:17:08 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface) SRV - [2003-04-07 07:21:46 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Disabled | Running] -- -- (sptd) DRV - [2010-03-30 08:24:52 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010-03-30 08:24:52 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps) DRV - [2010-03-30 08:24:50 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010-03-30 08:24:48 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus) DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-10-30 12:49:18 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA) DRV - [2009-09-29 07:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009-09-29 07:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009-09-29 07:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009-05-27 16:10:00 | 000,024,704 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKRgFtXp.sys -- (TKRgFt) DRV - [2009-05-13 16:54:20 | 000,080,672 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsFt2k.sys -- (TKFsFt) DRV - [2009-05-13 16:54:20 | 000,041,984 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKRgAc2k.sys -- (TKRgAc) DRV - [2009-04-21 08:06:20 | 000,088,864 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAc2k.sys -- (TKFsAc) DRV - [2009-04-21 08:06:20 | 000,031,488 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAv2k.sys -- (TKFsAv) DRV - [2009-02-25 23:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-02-17 18:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2009-02-04 03:31:17 | 000,170,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinavt2.sys -- (ATIAVAIW) DRV - [2008-12-23 16:35:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2008-09-15 07:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2008-09-15 07:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008-09-15 07:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-09-15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-02 07:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008-05-02 07:48:37 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2008-04-14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008-04-14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2008-04-13 23:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-04-11 15:33:14 | 000,028,688 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2007-04-11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007-04-11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2007-04-11 15:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007-01-16 09:09:06 | 000,293,888 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2006-03-17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2006-02-17 10:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-02-17 10:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-01-27 14:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2004-10-15 04:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.onet.pl" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}:1.0 FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-03-26 15:07:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ [2010-07-14 15:40:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-12 11:01:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-12 11:01:32 | 000,000,000 | ---D | M] [2009-03-25 22:24:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Extensions [2011-01-23 02:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\dioorvzf.default\extensions [2010-01-06 14:51:15 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\dioorvzf.default\extensions\DTToolbar@toolbarnet.com [2009-06-02 19:11:52 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\dioorvzf.default\searchplugins\daemon-search.xml [2011-01-23 02:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-06-16 11:21:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2009-03-24 22:35:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-07-14 15:40:31 | 000,000,000 | ---D | M] (LG Air Sync) -- C:\PROGRAM FILES\LG ELECTRONICS\LG PC SUITE IV\LINKAIR\{00ADD29A-66F4-4F22-BCC0-4C1D29DA647B} [2010-04-12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-12-21 06:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2009-08-24 20:19:13 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-08-24 20:19:13 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-08-24 20:19:13 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-08-24 20:19:13 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-08-24 20:19:13 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-08-24 20:19:13 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [CE8SIIFGSU] C:\Documents and Settings\USER\Ustawienia lokalne\Temp\Yth.exe (Avira GmbH) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKCU..\Run: [LG LinkAir] C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe (Mobile Leader Co.,Ltd.) O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKCU..\Run: [Steam] D:\games\steam\steam.exe (Valve Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) O4 - Startup: C:\Documents and Settings\USER\Menu Start\Programy\Autostart\Rejestracja produktu Logitech.lnk = File not found O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM () O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync Option - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\games\poker\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\games\poker\PartyPoker\RunApp.exe () O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} https://mpsnare.iesnare.com/StmOCX.cab (Stm Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-01 22:11:14 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2009-03-24 21:06:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-04-14 20:58:08 | 000,012,551 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2011-01-26 17:54:52 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-01-26 22:34:32 | 000,000,000 | ---D | M] - D:\AUTOCAD 2008 -- [ NTFS ] O32 - AutoRun File - [2010-12-10 14:35:40 | 000,000,000 | ---D | M] - D:\AutoCad 2010 -- [ NTFS ] O32 - AutoRun File - [2011-01-26 17:54:52 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-01-26 17:54:52 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{2728132c-d151-11de-b4c7-0017317fff0a}\Shell\AutoRun\command - "" = J:\Tender\InterPol\NkeY.exe O33 - MountPoints2\{2728132c-d151-11de-b4c7-0017317fff0a}\Shell\open\command - "" = J:\Tender\InterPol\NkeY.exe O33 - MountPoints2\{56c10ea5-8119-11df-b762-0017317fff0a}\Shell\AutoRun\command - "" = ljutis\\drugom.exe O33 - MountPoints2\{56c10ea5-8119-11df-b762-0017317fff0a}\Shell\explore\command - "" = ljutis\drugom.exe O33 - MountPoints2\{56c10ea5-8119-11df-b762-0017317fff0a}\Shell\install\command - "" = ljutis\drugom.exe O33 - MountPoints2\{56c10ea5-8119-11df-b762-0017317fff0a}\Shell\open\command - "" = ljutis\drugom.exe O33 - MountPoints2\{81cfde97-18b9-11de-b322-0017317fff0a}\Shell - "" = AutoRun O33 - MountPoints2\{81cfde97-18b9-11de-b322-0017317fff0a}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-01-26 18:35:51 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe [2011-01-26 18:02:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USER\Menu Start\Programy\HiJackThis [2011-01-26 18:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011-01-26 17:54:52 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2011-01-25 23:22:00 | 000,199,168 | ---- | C] (Avira GmbH) -- C:\WINDOWS\Ymelob.exe [2011-01-25 21:38:29 | 000,199,168 | ---- | C] (Avira GmbH) -- C:\WINDOWS\Ymeloa.exe [2011-01-23 00:24:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USER\Pulpit\Studniowka Żaby [2009-04-18 08:26:03 | 000,270,128 | ---- | C] (BitTorrent, Inc.) -- C:\Program Files\uTorrent.exe [2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-01-26 18:35:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe [2011-01-26 18:33:17 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-01-26 18:30:36 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-01-26 18:27:28 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-01-26 18:07:03 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\HiJackThis.lnk [2011-01-26 18:01:05 | 002,855,080 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\aawsepersonal(programosy.pl).exe [2011-01-26 16:46:20 | 028,404,616 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\Nowy folder.rar [2011-01-26 16:42:32 | 002,366,976 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\beton all.doc [2011-01-26 16:00:03 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\tasks\Snfeb.job [2011-01-26 15:59:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-01-25 23:20:30 | 000,352,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-25 22:33:42 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-25 21:39:42 | 000,079,360 | RHS- | M] () -- C:\WINDOWS\System32\imagehlpj.dll [2011-01-25 21:39:06 | 000,199,168 | ---- | M] (Avira GmbH) -- C:\WINDOWS\Ymelob.exe [2011-01-25 21:38:16 | 000,199,168 | ---- | M] (Avira GmbH) -- C:\WINDOWS\Ymeloa.exe [2011-01-25 21:29:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-01-25 21:13:11 | 000,361,464 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\zagospodarowanie.dwg [2011-01-20 20:00:39 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-01-10 13:24:18 | 000,266,757 | ---- | M] () -- C:\acadminidump.dmp [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-26 18:24:13 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\gmer.exe [2011-01-26 18:02:58 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\HiJackThis.lnk [2011-01-26 18:00:30 | 002,855,080 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\aawsepersonal(programosy.pl).exe [2011-01-26 16:42:46 | 028,404,616 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\Nowy folder.rar [2011-01-26 16:42:13 | 002,366,976 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\beton all.doc [2011-01-25 21:39:42 | 000,079,360 | RHS- | C] () -- C:\WINDOWS\System32\imagehlpj.dll [2011-01-25 21:39:42 | 000,000,302 | -HS- | C] () -- C:\WINDOWS\tasks\Snfeb.job [2011-01-25 21:38:33 | 000,000,278 | -H-- | C] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-01-25 21:38:28 | 000,000,278 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-01-25 21:38:19 | 000,000,244 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-01-25 21:13:11 | 000,361,464 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\zagospodarowanie.dwg [2010-11-14 21:03:50 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010-11-04 00:26:53 | 000,697,048 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-07-28 15:39:05 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI [2010-06-15 02:29:18 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\StarOpen.sys [2010-04-21 17:44:42 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-23 14:58:50 | 000,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini [2009-11-27 14:50:22 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini [2009-08-16 19:54:00 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2009-08-15 13:32:01 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2009-06-18 17:39:11 | 001,511,424 | ---- | C] () -- C:\WINDOWS\System32\sn3win.dll [2009-05-15 08:29:08 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\USER\Dane aplikacji\setup_ldm.iss [2009-03-26 20:40:42 | 000,001,259 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2009-03-26 14:56:49 | 000,000,262 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2009-03-24 23:59:16 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-03-24 22:29:58 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-03-24 21:54:45 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-03-24 21:40:14 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll [2008-12-23 16:33:18 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2008-12-19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-05-03 08:24:01 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007-03-29 22:00:40 | 000,203,264 | ---- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2003-04-07 07:21:58 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [color=#E56717]========== LOP Check ==========[/color] [2011-01-25 21:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-06-02 19:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-04-13 18:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DriverScanner [2009-08-07 18:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-03-26 15:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-01-13 23:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-01-10 00:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2009-04-13 18:47:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{66E2F539-12B6-4870-A500-7689CDE75C5E} [2010-12-10 14:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Autodesk [2009-06-02 19:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools [2009-06-02 18:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools Lite [2009-06-02 19:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools Pro [2010-10-01 14:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\FOG Downloader [2009-03-25 22:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Gadu-Gadu [2009-12-14 11:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Gadu-Gadu 10 [2009-10-30 12:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\InterTrust [2010-05-03 10:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\ipla [2009-03-26 15:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Leadertech [2010-01-10 00:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Nokia [2009-04-29 16:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Nowe Gadu-Gadu [2010-01-06 00:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Opera [2010-01-10 00:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\PC Suite [2009-04-13 18:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Uniblue [2011-01-09 15:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\uTorrent [2009-09-01 11:49:10 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1243766894.job [2011-01-26 16:00:03 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\Snfeb.job [2011-01-26 18:30:36 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-01-26 18:33:17 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-01-26 18:27:28 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\WINDOWS:B758B28ADAE55430 < End of report >

OTL 2

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-01-26 18:43:36 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\USER\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 98,13 Gb Total Space | 69,05 Gb Free Space | 70,36% Space Free | Partition Type: NTFS Drive D: | 397,42 Gb Total Space | 282,90 Gb Free Space | 71,18% Space Free | Partition Type: NTFS Drive E: | 100,62 Gb Total Space | 93,55 Gb Free Space | 92,97% Space Free | Partition Type: NTFS Computer Name: STACJONARYN | User Name: USER | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- Reg Error: Key error. File not found .scr [@ = AutoCADScriptFile] -- C:\Program Files\Windows NT\Accessories\WORDPAD.EXE (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1037:TCP" = 1037:TCP:*:Enabled:Akamai NetSession Interface "5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation) "H:\games\Steam\steamapps\common\trackmania nations forever\TmForever.exe" = H:\games\Steam\steamapps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever "H:\games\Steam\steamapps\common\trackmania nations forever\TmForeverLauncher.exe" = H:\games\Steam\steamapps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever "J:\Program Files\uTorrent\uTorrent.exe" = J:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Documents and Settings\USER\Pulpit\uTorrent.exe" = C:\Documents and Settings\USER\Pulpit\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\uTorrent.exe" = C:\Program Files\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\games\Steam\Steam.exe" = D:\games\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "D:\games\Steam\steamapps\kopiec\counter-strike\hl.exe" = D:\games\Steam\steamapps\kopiec\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}" = Opera 10.00 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20 "{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration "{4324BC93-C82F-ED16-BA86-5E34B9E05303}" = ccc-core-static "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New "{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper "{5783F2D7-0201-0415-0002-0060B0CE6BBA}" = AutoCAD 2004 "{5783F2D7-0211-0409-0000-0060B0CE6BBA}" = AutoCAD Express Tools Volumes 1-9 "{5783F2D7-0221-0409-0000-0060B0CE6BBA}" = DWG TrueConvert™ "{5783F2D7-6001-0415-0002-0060B0CE6BBA}" = AutoCAD 2008 - Polski "{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite "{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing "{5D309203-37B7-498A-B2CA-838E9FFD562B}" = Ventrilo Mix "{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6816248D-510A-45F8-AC79-24FF2C3A5D7F}" = LG Android Platform Drivers "{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full "{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Nawigator obrazów i fotografii HP 2.0 - All-in-One Sterowniki "{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{7EE9145D-C430-44E6-B5ED-61FF9C332100}_is1" = Battle of the Immortals "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B089D25-9CBF-4E84-BBFC-713A8F7F78B9}" = nProtect Security Platform 2007 "{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer "{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011 "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Nawigator obrazów i fotografii HP 2.0 - All-in-One "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.0 - Polish "{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers "{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted "{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser "{B47B025C-11F5-498A-8C90-0B487C78B58C}_is1" = Rappelz "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009 "{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation "{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series "{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Twierdza "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light "{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{F4933D9F-89CC-4CA9-B5B0-CF32968890C7}" = BookScan&Whiteboard Suite "{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}" = Mu "{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}" = FaceFilter Studio Brother Edition "{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J315W "{FFB768E4-E427-4553-BC36-A11F5E62A94D}" = Adobe Flash Player 10 ActiveX "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "5986551A16FD8E9B1B4C89E7AAD17C1BB3196D28" = Pakiet sterowników systemu Windows - Nokia Modem (10/27/2008 7.01.0.1) "6D296974BAB6CA8429D5E687B292A6DA3E9FBD4A" = Pakiet sterowników systemu Windows - Nokia Modem (10/27/2008 3.9) "7-Zip" = 7-Zip 4.65 "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 CE "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akamai" = Akamai NetSession Interface "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "AutoCAD 2008 - Polski" = AutoCAD 2008 - Polski "Autodesk Design Review 2011" = Autodesk Design Review 2011 "avast!" = avast! Antivirus "Bilard 3D" = Bilard 3D 2.1 "CABAL Online (Europe)_is1" = CABAL Online "CABAL Online: Illusion Castle Patch_is1" = Cabal Online Europe - Illusion Castle "Cain & Abel v4.9.31" = Cain & Abel v4.9.31 "CCleaner" = CCleaner (remove only) "CdaC13Ba" = SafeCast Shared Components "CloneCD" = CloneCD "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "EADM" = EA Download Manager "eMule" = eMule "FlashGet" = FlashGet 1.9.6.1073 "Gadu-Gadu" = Gadu-Gadu 7.7 "GAMEFORGE Nostale(PL)_is1" = Nostale Online PL (Remove) "Guild Wars" = Guild Wars "Heroes of Might and Magic® III" = Heroes of Might and Magic® III "HP PSC 1200 Series" = Nawigator obrazów i fotografii HP 2.0 - hp psc 1200 series "ICCup Launcher_is1" = ICCup Launcher "InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "Kalkulator geodezyjny" = Kalkulator geodezyjny "LG PC Suite IV" = LG PC Suite IV "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "mIRC" = mIRC "Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16) "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "PartyPoker" = PartyPoker "PFConfig" = PFConfig 1.0.232 "PFPortChecker" = PFPortChecker 1.0.28 "Picasa 3" = Picasa 3 "PITy 2009_is1" = PITy 2009 dla Windows kompilacja:1.1.2.7 "RealAlt_is1" = Real Alternative 2.0.2 "ST6UNST #1" = HLTooLz "StarCraft Brood War by Monikon 1.16.1" = StarCraft Brood War by Monikon 1.16.1 "Steam App 10" = Counter-Strike "SubEdit-Player_is1" = SubEdit-Player "Talisman Online_is1" = Talisman Online Ver.1534 "Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Winamp" = Winamp "WinPcapInst" = WinPcap 4.1 beta5 "WinRAR archiver" = Archiwizator WinRAR "Worms Armageddon" = Worms Armageddon "Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5 "XP Codec Pack" = XP Codec Pack "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2011-01-22 16:00:45 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\USER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\DIOORVZF.DEFAULT\PREFS.JS failed, 00000005. Error - 2011-01-24 09:16:59 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\USER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\DIOORVZF.DEFAULT\PREFS.JS failed, 00000005. Error - 2011-01-24 09:17:00 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\AśKA\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\SNGTEH9D.DEFAULT\PREFS.JS failed, 00000005. Error - 2011-01-25 03:53:10 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\USER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\DIOORVZF.DEFAULT\PREFS.JS failed, 00000005. Error - 2011-01-25 18:21:05 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\imagehlpj.dll failed, 00000005. Error - 2011-01-26 04:16:44 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\imagehlpj.dll failed, 00000005. Error - 2011-01-26 05:40:22 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\imagehlpj.dll failed, 00000005. Error - 2011-01-26 07:16:12 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\imagehlpj.dll failed, 00000005. Error - 2011-01-26 11:00:03 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\imagehlpj.dll failed, 00000005. Error - 2011-01-26 13:45:35 | Computer Name = STACJONARYN | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\System32\imagehlpj.dll failed, 00000005. [ Application Events ] Error - 2010-12-21 07:42:51 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/12/21 12:42:51.109]: [00000748]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-12-21 07:42:52 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/12/21 12:42:52.140]: [00000748]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-12-21 07:42:53 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/12/21 12:42:53.171]: [00000748]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-12-21 07:42:54 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/12/21 12:42:54.203]: [00000748]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-12-21 07:42:55 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/12/21 12:42:55.234]: [00000748]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-12-21 07:42:56 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/12/21 12:42:56.265]: [00000748]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-12-21 07:42:57 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/12/21 12:42:57.296]: [00000748]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-12-21 07:42:58 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/12/21 12:42:58.328]: [00000748]: CUsbScnDev: DeviceIoControl Illegal response Error - 2011-01-19 03:49:46 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2011/01/19 08:49:46.781]: [00002024]: CUsbScnDev: DeviceIoControl Illegal response Error - 2011-01-20 13:01:11 | Computer Name = STACJONARYN | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2011/01/20 18:01:11.125]: [00002248]: CUsbScnDev: DeviceIoControl Illegal response [ System Events ] Error - 2011-01-25 02:26:38 | Computer Name = STACJONARYN | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie 0017317FFF0A został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-01-25 03:48:47 | Computer Name = STACJONARYN | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie 0017317FFF0A został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-01-25 04:25:50 | Computer Name = STACJONARYN | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie 0017317FFF0A został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-01-25 08:00:41 | Computer Name = STACJONARYN | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie 0017317FFF0A został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-01-25 12:39:17 | Computer Name = STACJONARYN | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie 0017317FFF0A został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-01-25 16:07:26 | Computer Name = STACJONARYN | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie 0017317FFF0A został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-01-25 16:47:20 | Computer Name = STACJONARYN | Source = DCOM | ID = 10010 Description = Serwer {A41EC24F-7598-47E2-AFDF-01B8BAB33352} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2011-01-25 16:47:58 | Computer Name = STACJONARYN | Source = DCOM | ID = 10010 Description = Serwer {A41EC24F-7598-47E2-AFDF-01B8BAB33352} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2011-01-26 04:16:27 | Computer Name = STACJONARYN | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie 0017317FFF0A został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-01-26 07:15:54 | Computer Name = STACJONARYN | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie 0017317FFF0A został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). < End of report >

**Posty:** 12734 · przez **Mikou@j** 26 Sty 2011, 19:16

Przeczytaj obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html.
3 logi potrzebne. Odpowiednia nazwa tematu. Bo na razie to :lipa:

**Posty:** 2 · przez **offek** 26 Sty 2011, 19:19

przepraszam dopiero co zarejestrowałem się tutaj z powodu tego właśnie problemu zaraz poprawie

Dodano Dzisiaj, 19:56:
Tamto byl pierwszy log a teraz wstawiam drugi

Kod: Zaznacz wszystko: OTL logfile created on: 2011-01-26 19:54:41 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\USER\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 98,13 Gb Total Space | 69,03 Gb Free Space | 70,35% Space Free | Partition Type: NTFS Drive D: | 397,42 Gb Total Space | 282,90 Gb Free Space | 71,18% Space Free | Partition Type: NTFS Drive E: | 100,62 Gb Total Space | 93,55 Gb Free Space | 92,97% Space Free | Partition Type: NTFS Computer Name: STACJONARYN | User Name: USER | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-01-26 18:35:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe PRC - [2011-01-25 21:39:13 | 000,189,952 | ---- | M] (Avira GmbH) -- C:\Documents and Settings\USER\Ustawienia lokalne\Temp\Ytm.exe PRC - [2011-01-25 21:39:06 | 000,199,168 | ---- | M] (Avira GmbH) -- C:\WINDOWS\Ymelob.exe PRC - [2011-01-25 21:38:19 | 000,193,024 | ---- | M] (Avira GmbH) -- C:\Documents and Settings\USER\Ustawienia lokalne\Temp\Yth.exe PRC - [2010-11-16 22:36:46 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\games\Steam\steam.exe PRC - [2010-06-16 12:47:42 | 002,373,992 | ---- | M] (Mobile Leader Co.,Ltd.) -- C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe PRC - [2010-02-09 16:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe PRC - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-10-30 12:49:18 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE PRC - [2009-08-28 12:13:02 | 000,832,808 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-03-23 17:02:50 | 000,872,448 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe PRC - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2008-09-19 08:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2008-06-03 08:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-03-20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2007-04-23 03:00:00 | 000,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2007-04-11 14:32:22 | 000,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe PRC - [2006-12-18 21:34:36 | 000,868,352 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2006-07-13 07:12:26 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe PRC - [2006-02-17 10:40:36 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe PRC - [2006-02-17 10:39:02 | 000,139,264 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe PRC - [2006-02-17 10:35:58 | 000,127,035 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006-02-17 10:35:42 | 000,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006-02-17 10:17:08 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe PRC - [2003-04-06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe PRC - [2003-04-06 00:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-01-26 18:35:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009-07-12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll MOD - [2007-04-23 03:00:00 | 000,057,344 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll MOD - [2007-04-23 03:00:00 | 000,045,568 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2006-12-21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-06 10:50:45 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai) SRV - [2010-12-10 14:57:03 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-02-10 21:59:00 | 003,654,060 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2010-01-26 22:47:12 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-10-30 12:49:18 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2008-12-23 16:35:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2006-02-17 10:39:02 | 000,139,264 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2006-02-17 10:35:58 | 000,127,035 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2006-02-17 10:35:42 | 000,061,503 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2006-02-17 10:17:08 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface) SRV - [2003-04-07 07:21:46 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Disabled | Running] -- -- (sptd) DRV - [2010-03-30 08:24:52 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010-03-30 08:24:52 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps) DRV - [2010-03-30 08:24:50 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010-03-30 08:24:48 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus) DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-10-30 12:49:18 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA) DRV - [2009-09-29 07:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009-09-29 07:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009-09-29 07:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009-05-27 16:10:00 | 000,024,704 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKRgFtXp.sys -- (TKRgFt) DRV - [2009-05-13 16:54:20 | 000,080,672 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsFt2k.sys -- (TKFsFt) DRV - [2009-05-13 16:54:20 | 000,041,984 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKRgAc2k.sys -- (TKRgAc) DRV - [2009-04-21 08:06:20 | 000,088,864 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAc2k.sys -- (TKFsAc) DRV - [2009-04-21 08:06:20 | 000,031,488 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAv2k.sys -- (TKFsAv) DRV - [2009-02-25 23:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-02-17 18:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2009-02-04 03:31:17 | 000,170,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinavt2.sys -- (ATIAVAIW) DRV - [2008-12-23 16:35:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2008-09-15 07:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2008-09-15 07:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008-09-15 07:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-09-15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-02 07:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008-05-02 07:48:37 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2008-04-14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008-04-14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2008-04-13 23:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-04-11 15:33:14 | 000,028,688 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2007-04-11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007-04-11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2007-04-11 15:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007-01-16 09:09:06 | 000,293,888 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2006-03-17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2006-02-17 10:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-02-17 10:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-01-27 14:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2004-10-15 04:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.onet.pl" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}:1.0 FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-03-26 15:07:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ [2010-07-14 15:40:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-12 11:01:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-12 11:01:32 | 000,000,000 | ---D | M] [2009-03-25 22:24:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Extensions [2011-01-23 02:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\dioorvzf.default\extensions [2010-01-06 14:51:15 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\dioorvzf.default\extensions\DTToolbar@toolbarnet.com [2009-06-02 19:11:52 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\dioorvzf.default\searchplugins\daemon-search.xml [2011-01-23 02:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-06-16 11:21:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2009-03-24 22:35:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-07-14 15:40:31 | 000,000,000 | ---D | M] (LG Air Sync) -- C:\PROGRAM FILES\LG ELECTRONICS\LG PC SUITE IV\LINKAIR\{00ADD29A-66F4-4F22-BCC0-4C1D29DA647B} [2010-04-12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-12-21 06:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2009-08-24 20:19:13 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-08-24 20:19:13 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-08-24 20:19:13 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-08-24 20:19:13 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-08-24 20:19:13 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-08-24 20:19:13 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [CE8SIIFGSU] C:\Documents and Settings\USER\Ustawienia lokalne\Temp\Yth.exe (Avira GmbH) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKCU..\Run: [LG LinkAir] C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe (Mobile Leader Co.,Ltd.) O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKCU..\Run: [Steam] D:\games\steam\steam.exe (Valve Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) O4 - Startup: C:\Documents and Settings\USER\Menu Start\Programy\Autostart\Rejestracja produktu Logitech.lnk = File not found O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM () O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync Option - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\games\poker\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\games\poker\PartyPoker\RunApp.exe () O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} https://mpsnare.iesnare.com/StmOCX.cab (Stm Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-01 22:11:14 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2009-03-24 21:06:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-04-14 20:58:08 | 000,012,551 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2011-01-26 17:54:52 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-01-26 22:34:32 | 000,000,000 | ---D | M] - D:\AUTOCAD 2008 -- [ NTFS ] O32 - AutoRun File - [2010-12-10 14:35:40 | 000,000,000 | ---D | M] - D:\AutoCad 2010 -- [ NTFS ] O32 - AutoRun File - [2011-01-26 17:54:52 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-01-26 17:54:52 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{2728132c-d151-11de-b4c7-0017317fff0a}\Shell\AutoRun\command - "" = J:\Tender\InterPol\NkeY.exe O33 - MountPoints2\{2728132c-d151-11de-b4c7-0017317fff0a}\Shell\open\command - "" = J:\Tender\InterPol\NkeY.exe O33 - MountPoints2\{56c10ea5-8119-11df-b762-0017317fff0a}\Shell\AutoRun\command - "" = ljutis\\drugom.exe O33 - MountPoints2\{56c10ea5-8119-11df-b762-0017317fff0a}\Shell\explore\command - "" = ljutis\drugom.exe O33 - MountPoints2\{56c10ea5-8119-11df-b762-0017317fff0a}\Shell\install\command - "" = ljutis\drugom.exe O33 - MountPoints2\{56c10ea5-8119-11df-b762-0017317fff0a}\Shell\open\command - "" = ljutis\drugom.exe O33 - MountPoints2\{81cfde97-18b9-11de-b322-0017317fff0a}\Shell - "" = AutoRun O33 - MountPoints2\{81cfde97-18b9-11de-b322-0017317fff0a}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-01-26 18:35:51 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe [2011-01-26 18:02:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USER\Menu Start\Programy\HiJackThis [2011-01-26 18:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011-01-26 17:54:52 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2011-01-25 23:22:00 | 000,199,168 | ---- | C] (Avira GmbH) -- C:\WINDOWS\Ymelob.exe [2011-01-25 21:38:29 | 000,199,168 | ---- | C] (Avira GmbH) -- C:\WINDOWS\Ymeloa.exe [2011-01-23 00:24:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USER\Pulpit\Studniowka Żaby [2009-04-18 08:26:03 | 000,270,128 | ---- | C] (BitTorrent, Inc.) -- C:\Program Files\uTorrent.exe [2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-01-26 19:41:17 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-01-26 19:39:21 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-01-26 19:24:15 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-01-26 18:35:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe [2011-01-26 18:07:03 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\HiJackThis.lnk [2011-01-26 18:01:05 | 002,855,080 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\aawsepersonal(programosy.pl).exe [2011-01-26 16:46:20 | 028,404,616 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\Nowy folder.rar [2011-01-26 16:42:32 | 002,366,976 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\beton all.doc [2011-01-26 16:00:03 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\tasks\Snfeb.job [2011-01-26 15:59:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-01-25 23:20:30 | 000,352,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-25 22:33:42 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-25 21:39:42 | 000,079,360 | RHS- | M] () -- C:\WINDOWS\System32\imagehlpj.dll [2011-01-25 21:39:06 | 000,199,168 | ---- | M] (Avira GmbH) -- C:\WINDOWS\Ymelob.exe [2011-01-25 21:38:16 | 000,199,168 | ---- | M] (Avira GmbH) -- C:\WINDOWS\Ymeloa.exe [2011-01-25 21:29:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-01-25 21:13:11 | 000,361,464 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\zagospodarowanie.dwg [2011-01-20 20:00:39 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-01-10 13:24:18 | 000,266,757 | ---- | M] () -- C:\acadminidump.dmp [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-26 18:24:13 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\gmer.exe [2011-01-26 18:02:58 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\HiJackThis.lnk [2011-01-26 18:00:30 | 002,855,080 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\aawsepersonal(programosy.pl).exe [2011-01-26 16:42:46 | 028,404,616 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\Nowy folder.rar [2011-01-26 16:42:13 | 002,366,976 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\beton all.doc [2011-01-25 21:39:42 | 000,079,360 | RHS- | C] () -- C:\WINDOWS\System32\imagehlpj.dll [2011-01-25 21:39:42 | 000,000,302 | -HS- | C] () -- C:\WINDOWS\tasks\Snfeb.job [2011-01-25 21:38:33 | 000,000,278 | -H-- | C] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-01-25 21:38:28 | 000,000,278 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-01-25 21:38:19 | 000,000,244 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-01-25 21:13:11 | 000,361,464 | ---- | C] () -- C:\Documents and Settings\USER\Pulpit\zagospodarowanie.dwg [2010-11-14 21:03:50 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010-11-04 00:26:53 | 000,697,048 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-07-28 15:39:05 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI [2010-06-15 02:29:18 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\StarOpen.sys [2010-04-21 17:44:42 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-23 14:58:50 | 000,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini [2009-11-27 14:50:22 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini [2009-08-16 19:54:00 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2009-08-15 13:32:01 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2009-06-18 17:39:11 | 001,511,424 | ---- | C] () -- C:\WINDOWS\System32\sn3win.dll [2009-05-15 08:29:08 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\USER\Dane aplikacji\setup_ldm.iss [2009-03-26 20:40:42 | 000,001,259 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2009-03-26 14:56:49 | 000,000,262 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2009-03-24 23:59:16 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-03-24 22:29:58 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-03-24 21:54:45 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-03-24 21:40:14 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll [2008-12-23 16:33:18 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2008-12-19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-05-03 08:24:01 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007-03-29 22:00:40 | 000,203,264 | ---- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2003-04-07 07:21:58 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [color=#E56717]========== LOP Check ==========[/color] [2011-01-25 21:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-06-02 19:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-04-13 18:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DriverScanner [2009-08-07 18:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-03-26 15:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-01-13 23:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-01-10 00:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2009-04-13 18:47:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{66E2F539-12B6-4870-A500-7689CDE75C5E} [2010-12-10 14:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Autodesk [2009-06-02 19:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools [2009-06-02 18:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools Lite [2009-06-02 19:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools Pro [2010-10-01 14:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\FOG Downloader [2009-03-25 22:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Gadu-Gadu [2009-12-14 11:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Gadu-Gadu 10 [2009-10-30 12:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\InterTrust [2010-05-03 10:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\ipla [2009-03-26 15:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Leadertech [2010-01-10 00:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Nokia [2009-04-29 16:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Nowe Gadu-Gadu [2010-01-06 00:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Opera [2010-01-10 00:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\PC Suite [2009-04-13 18:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Uniblue [2011-01-09 15:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\uTorrent [2009-09-01 11:49:10 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1243766894.job [2011-01-26 16:00:03 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\Snfeb.job [2011-01-26 19:41:17 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-01-26 19:39:21 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-01-26 19:24:15 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\WINDOWS:B758B28ADAE55430 < End of report > [2011-01-26 19:41:17 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-01-26 19:39:21 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-01-26 19:24:15 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-01-26 18:35:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USER\Pulpit\OTL.exe [2011-01-26 18:07:03 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\HiJackThis.lnk [2011-01-26 18:01:05 | 002,855,080 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\aawsepersonal(programosy.pl).exe [2011-01-26 16:46:20 | 028,404,616 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\Nowy folder.rar [2011-01-26 16:42:32 | 002,366,976 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\beton all.doc [2011-01-26 16:00:03 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\tasks\Snfeb.job [2011-01-26 15:59:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-01-25 23:20:30 | 000,352,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-25 22:33:42 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-25 21:39:42 | 000,079,360 | RHS- | M] () -- C:\WINDOWS\System32\imagehlpj.dll [2011-01-25 21:39:06 | 000,199,168 | ---- | M] (Avira GmbH) -- C:\WINDOWS\Ymelob.exe [2011-01-25 21:38:16 | 000,199,168 | ---- | M] (Avira GmbH) -- C:\WINDOWS\Ymeloa.exe [2011-01-25 21:29:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-01-25 21:13:11 | 000,361,464 | ---- | M] () -- C:\Documents and Settings\USER\Pulpit\zagospodarowanie.dwg [2011-01-20 20:00:39 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== LOP Check ==========[/color] [2011-01-25 21:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-06-02 19:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-04-13 18:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DriverScanner [2009-08-07 18:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-03-26 15:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-01-13 23:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-01-10 00:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2009-04-13 18:47:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{66E2F539-12B6-4870-A500-7689CDE75C5E} [2010-12-10 14:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Autodesk [2009-06-02 19:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools [2009-06-02 18:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools Lite [2009-06-02 19:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\DAEMON Tools Pro [2010-10-01 14:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\FOG Downloader [2009-03-25 22:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Gadu-Gadu [2009-12-14 11:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Gadu-Gadu 10 [2009-10-30 12:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\InterTrust [2010-05-03 10:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\ipla [2009-03-26 15:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Leadertech [2010-01-10 00:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Nokia [2009-04-29 16:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Nowe Gadu-Gadu [2010-01-06 00:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Opera [2010-01-10 00:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\PC Suite [2009-04-13 18:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Uniblue [2011-01-09 15:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\uTorrent [2009-09-01 11:49:10 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1243766894.job [2011-01-26 16:00:03 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\Snfeb.job [2011-01-26 19:41:17 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-01-26 19:39:21 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-01-26 19:24:15 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [color=#E56717]========== Purity Check ==========[/color] < End of report >

**Posty:** 18165 · przez **wojtas** 30 Sty 2011, 00:26

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
SRV - [2011-01-06 10:50:45 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKCU..\Run: [CE8SIIFGSU] C:\Documents and Settings\USER\Ustawienia lokalne\Temp\Yth.exe (Avira GmbH)
O4 - Startup: C:\Documents and Settings\USER\Menu Start\Programy\Autostart\Rejestracja produktu Logitech.lnk = File not found
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:B758B28ADAE55430

:Files
c:\Program Files\Common Files\Akamai
C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\dioorvzf.default\extensions\DTToolbar@toolbarnet.com
C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\dioorvzf.default\searchplugins\daemon-search.xml
C:\Program Files\DAEMON Tools Toolbar
C:\WINDOWS\Ymelob.exe
C:\WINDOWS\Ymeloa.exe
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
C:\WINDOWS\tasks\Snfeb.job
C:\WINDOWS\System32\imagehlpj.dll
C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1243766894.job

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1037:TCP"=-
"5000:UDP"=-

:Commands
[emptytemp]
[emptyflash]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).