Samoistny shutdown systemu :( i potem res z trybami

[macius]

Witam, nie jestem w stanie sam sobie poradzić z problemem samoistnego wyłączania się komputera...
Do tego dochodzi fakt ze jak sys sie podnosi to wchodzi w wybór trybów awaryjny itd a wylanczac sie moze w nieskonczonosc sprawdzalem
Co ciekawe jak wyjezdzam z domu problem jakby znika albo przynajmniej wydaje się być w mniejszym natężeniu. Dodatkowo niezwykle wolno chodzi VISTA ale mimo to Proszę zatem jeszcze raz o pomoc.

Kod: Zaznacz wszystko

OTL logfile created on: 2009-11-06 12:05:44 - Run 1
OTL by OldTimer - Version 3.1.3.4     Folder = C:\Users\lolek\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1013,38 Mb Total Physical Memory | 164,42 Mb Available Physical Memory | 16,23% Memory free
2,24 Gb Paging File | 1,16 Gb Available in Paging File | 51,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,15 Gb Total Space | 17,43 Gb Free Space | 34,08% Space Free | Partition Type: NTFS
Drive D: | 50,88 Gb Total Space | 12,88 Gb Free Space | 25,31% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LOLKINUS
Current User Name: lolek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-11-06 12:03:38 | 00,527,872 | ---- | M] (OldTimer Tools) -- C:\Users\lolek\Desktop\OTL.exe
PRC - [2009-08-31 17:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2009-08-31 15:56:26 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-08-27 06:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-08-27 06:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-07-18 04:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
PRC - [2009-05-14 14:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-05-14 14:47:08 | 02,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-03-03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2008-10-29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-10-16 16:26:20 | 00,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008-10-16 15:54:34 | 00,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008-02-11 19:13:12 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008-02-11 19:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008-02-11 19:13:08 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008-02-11 19:13:02 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008-01-19 08:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-19 08:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-19 08:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2008-01-19 08:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2008-01-19 08:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008-01-19 08:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2007-04-24 18:17:34 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007-02-09 09:40:00 | 00,013,312 | ---- | M] (HiTRUST co.) -- C:\Acer\Empowering Technology\eDSMSNfix.exe
PRC - [2007-02-06 23:04:26 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007-02-06 23:04:16 | 00,464,168 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2007-01-31 17:18:42 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007-01-02 08:33:24 | 00,135,168 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2006-12-28 19:07:22 | 00,126,976 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2006-12-22 13:43:18 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2006-12-14 16:49:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006-11-24 11:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2006-10-23 04:00:36 | 00,815,104 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006-08-05 01:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2006-07-19 19:36:58 | 00,262,247 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2003-08-06 20:24:20 | 12,037,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-11-06 12:03:38 | 00,527,872 | ---- | M] (OldTimer Tools) -- C:\Users\lolek\Desktop\OTL.exe
MOD - [2008-01-19 08:26:34 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
MOD - [2006-12-28 19:07:22 | 00,090,112 | ---- | M] (acer) -- C:\Windows\System32\eNetHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found --  -- (CLTNetCnService)
SRV - [2009-05-14 14:54:22 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-05-14 14:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008-10-16 16:26:20 | 00,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008-10-16 15:54:34 | 00,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008-07-27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-06-20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-06-20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-06-20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-01-19 08:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-19 08:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008-01-19 08:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2007-04-24 18:17:34 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007-03-13 01:23:18 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007-03-13 01:23:18 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2007-02-06 23:04:26 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007-01-31 17:18:42 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007-01-02 08:33:24 | 00,135,168 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2006-12-28 19:07:22 | 00,126,976 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2006-12-22 13:43:18 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2006-12-14 16:49:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006-11-24 11:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2006-11-08 15:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2006-11-08 15:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2006-11-02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006-11-02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006-08-05 01:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2006-07-19 19:36:58 | 00,262,247 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-05-14 14:49:34 | 00,093,312 | ---- | M] (ESET) -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009-05-14 14:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-05-14 14:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009-03-27 01:16:28 | 00,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2008-11-17 06:40:22 | 03,668,480 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008-02-11 18:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008-02-11 18:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2007-07-24 08:53:44 | 00,682,232 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007-05-02 10:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 10:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 10:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2007-04-24 05:32:58 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007-03-01 09:21:10 | 01,744,928 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - [2007-02-24 23:14:00 | 02,216,448 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007-02-06 23:04:54 | 00,016,680 | ---- | M] (HiTRUST) -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2007-02-06 23:04:50 | 00,060,712 | ---- | M] (HiTRUST) -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007-02-06 23:04:48 | 00,020,264 | ---- | M] (HiTRUST) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2006-12-27 02:57:12 | 00,817,968 | ---- | M] (Bison Electronics. Inc. ) -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2006-12-19 05:18:28 | 00,534,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2006-12-19 05:18:28 | 00,534,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006-12-07 17:12:02 | 00,076,584 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006-11-09 00:55:10 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006-11-09 00:53:58 | 00,206,848 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006-11-09 00:53:48 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006-11-03 05:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006-11-03 05:27:36 | 00,020,112 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006-11-02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 10:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 10:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid)
DRV - [2006-11-02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006-11-02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2006-11-02 08:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006-11-02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006-10-25 07:36:48 | 00,042,240 | ---- | M] (ENE Technology Inc.) -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006-10-25 07:36:44 | 00,076,928 | ---- | M] (ENE Technology Inc.) -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006-10-25 07:36:36 | 00,062,208 | ---- | M] (ENE Technology Inc.) -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006-10-23 04:17:32 | 00,179,896 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2006-09-18 14:59:08 | 00,090,800 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\se27unic.sys -- (se27unic)
DRV - [2006-09-18 14:59:02 | 00,086,560 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006-09-18 14:59:00 | 00,018,704 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\se27nd5.sys -- (se27nd5)
DRV - [2006-09-18 14:58:58 | 00,088,688 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\SE27mgmt.sys -- (SE27mgmt)
DRV - [2006-09-18 14:58:54 | 00,097,184 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006-09-18 14:58:52 | 00,009,360 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006-09-18 14:58:48 | 00,061,600 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\SE27bus.sys -- (SE27bus)
DRV - [2006-08-05 01:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006-07-24 15:05:00 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-06-19 22:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2006-05-16 21:23:54 | 00,046,080 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.miastomuzyki.pl/radio,31,depechemode [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.poczta.interia.pl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-06-24 09:39:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-07-20 15:38:04 | 00,000,000 | ---D | M]


O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\lolek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe (HiTRUST co.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE File not found
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: mks.com.pl ([]http in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1e4c286c-4e6b-11de-920a-0016d4d57704}\Shell\AutoRun\command - "" = G:\abk.bat -- File not found
O33 - MountPoints2\{1e4c286c-4e6b-11de-920a-0016d4d57704}\Shell\explore\Command - "" = G:\abk.bat -- File not found
O33 - MountPoints2\{1e4c286c-4e6b-11de-920a-0016d4d57704}\Shell\open\Command - "" = G:\abk.bat -- File not found
O33 - MountPoints2\{4af84078-6342-11de-aa60-0016d4d57704}\Shell\AutoRun - "" = Autorun
O33 - MountPoints2\{5643c356-39bb-11dc-81ca-0016d4d57704}\Shell - "" = AutoRun
O33 - MountPoints2\{5643c356-39bb-11dc-81ca-0016d4d57704}\Shell\AutoRun\command - "" = F:\StartBTB.exe -- File not found
O33 - MountPoints2\{6196556d-d2be-11dd-880d-0016d4d57704}\Shell\AutoRun\command - "" = J:\iqe68o.bat -- File not found
O33 - MountPoints2\{6196556d-d2be-11dd-880d-0016d4d57704}\Shell\explore\Command - "" = J:\iqe68o.bat -- File not found
O33 - MountPoints2\{6196556d-d2be-11dd-880d-0016d4d57704}\Shell\open\Command - "" = J:\iqe68o.bat -- File not found
O33 - MountPoints2\{c979db1e-04b4-11de-9e65-0016d4d57704}\Shell\AutoRun\command - "" = G:\a2h2.com -- File not found
O33 - MountPoints2\{c979db1e-04b4-11de-9e65-0016d4d57704}\Shell\open\Command - "" = G:\a2h2.com -- File not found
O33 - MountPoints2\{ce9469de-d75a-11dd-a5ef-0016d4d57704}\Shell\AutoRun\command - "" = abk.bat
O33 - MountPoints2\{ce9469de-d75a-11dd-a5ef-0016d4d57704}\Shell\explore\Command - "" = abk.bat
O33 - MountPoints2\{ce9469de-d75a-11dd-a5ef-0016d4d57704}\Shell\open\Command - "" = abk.bat
O33 - MountPoints2\{d141a87b-b255-11dd-8f37-0016d4d57704}\Shell\AutoRun\command - "" = I:\d.com -- File not found
O33 - MountPoints2\{d141a87b-b255-11dd-8f37-0016d4d57704}\Shell\explore\Command - "" = I:\d.com -- File not found
O33 - MountPoints2\{d141a87b-b255-11dd-8f37-0016d4d57704}\Shell\open\Command - "" = I:\d.com -- File not found
O33 - MountPoints2\{d6d0e7e5-06b5-11dd-aa81-0016d4d57704}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{ea513c5f-30b7-11dc-aa7d-0016d4d57704}\Shell\AutoRun\command - "" = G:\s.exe -- File not found
O33 - MountPoints2\{ea513c5f-30b7-11dc-aa7d-0016d4d57704}\Shell\open\Command - "" = G:\s.exe -- File not found
O33 - MountPoints2\{ea513c65-30b7-11dc-aa7d-0016d4d57704}\Shell\AutoRun\command - "" = J:\s.exe -- File not found
O33 - MountPoints2\{ea513c65-30b7-11dc-aa7d-0016d4d57704}\Shell\open\Command - "" = J:\s.exe -- File not found
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-11-06 12:02:53 | 00,527,872 | ---- | C] (OldTimer Tools) -- C:\Users\lolek\Desktop\OTL.exe
[2009-11-05 19:59:04 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009-11-04 14:12:12 | 00,012,672 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\cpuz132_x32.sys
[2009-11-04 14:12:10 | 00,000,000 | ---D | C] -- C:\Program Files\CPUID
[2009-11-03 08:20:42 | 05,939,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009-11-03 08:20:40 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009-10-29 08:54:56 | 10,626,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009-10-29 08:54:53 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2009-10-29 08:54:45 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009-10-26 18:04:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Recisio
[2009-10-26 18:04:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Recisio
[2009-10-26 18:04:28 | 00,000,000 | ---D | C] -- C:\Program Files\KaraFun
[2009-10-25 09:27:44 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009-10-25 09:27:43 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009-10-25 09:27:38 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009-10-25 09:27:37 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009-10-25 09:27:36 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009-10-25 09:27:11 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009-10-25 09:27:07 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2009-10-17 08:27:25 | 00,000,000 | ---D | C] -- C:\Users\lolek\Desktop\ostatnie wesele
[2009-10-15 21:41:51 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009-10-15 21:41:49 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009-10-15 21:41:49 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009-10-15 21:41:48 | 00,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009-10-15 21:41:47 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009-10-15 21:41:47 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009-10-15 21:41:47 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009-10-15 21:41:46 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009-10-15 21:41:46 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009-10-15 21:41:45 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009-10-15 21:41:45 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009-10-15 21:41:45 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009-10-15 21:41:45 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009-10-15 21:41:45 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009-10-15 21:41:44 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009-10-15 21:41:44 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009-10-15 21:41:44 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009-10-15 21:41:44 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009-10-15 21:37:14 | 03,597,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009-10-15 21:37:13 | 03,546,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009-10-15 21:31:07 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009-10-15 21:13:26 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
[2009-10-15 21:13:20 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2009-10-15 21:12:46 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2007-04-24 05:38:32 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-11-06 12:05:47 | 03,670,016 | -HS- | M] () -- C:\Users\lolek\ntuser.dat
[2009-11-06 12:04:53 | 00,781,909 | ---- | M] () -- C:\Users\lolek\Desktop\RSIT.exe
[2009-11-06 12:03:38 | 00,527,872 | ---- | M] (OldTimer Tools) -- C:\Users\lolek\Desktop\OTL.exe
[2009-11-06 11:56:29 | 00,025,600 | ---- | M] () -- C:\Users\lolek\Desktop\Nowy Dokument programu Microsoft Word.doc
[2009-11-06 11:56:18 | 00,000,162 | -H-- | M] () -- C:\Users\lolek\Desktop\~$wy Dokument programu Microsoft Word.doc
[2009-11-06 11:45:14 | 00,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2009-11-06 11:45:13 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009-11-06 11:45:13 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009-11-06 11:45:08 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009-11-06 11:45:02 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009-11-06 11:44:59 | 10,633,78944 | -HS- | M] () -- C:\hiberfil.sys
[2009-11-06 11:25:09 | 00,018,341 | ---- | M] () -- C:\Users\lolek\Desktop\VA_-_X-Mix_Dance_Series_125_ 2009 _[mp3 202][Torrenty.org].torrent
[2009-11-06 11:23:39 | 00,018,451 | ---- | M] () -- C:\Users\lolek\Desktop\Dziubek_ De_Press _-_Total_Blaga_ 2003 _[mp3 320][Torrenty.org].torrent
[2009-11-05 19:59:05 | 00,001,674 | ---- | M] () -- C:\Users\lolek\Desktop\CCleaner.lnk
[2009-11-05 08:15:43 | 07,766,531 | ---- | M] () -- C:\Users\lolek\Desktop\plakat eldo (2).jpg
[2009-11-04 14:12:13 | 00,000,861 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2009-11-04 08:24:46 | 00,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2009-11-04 08:24:46 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009-11-04 08:24:46 | 00,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2009-11-04 08:24:45 | 01,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009-11-04 08:24:45 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009-11-03 21:24:46 | 00,132,910 | ---- | M] () -- C:\Users\lolek\Desktop\weekend.jpg
[2009-11-03 21:13:55 | 00,087,244 | ---- | M] () -- C:\Users\lolek\Desktop\d99bc5de98.jpg
[2009-11-02 22:15:07 | 00,524,288 | -HS- | M] () -- C:\Users\lolek\ntuser.dat{24c719f4-13bd-11de-8f33-0016d4d57704}.TMContainer00000000000000000001.regtrans-ms
[2009-11-02 22:15:07 | 00,065,536 | -HS- | M] () -- C:\Users\lolek\ntuser.dat{24c719f4-13bd-11de-8f33-0016d4d57704}.TM.blf
[2009-11-02 21:29:19 | 00,164,352 | ---- | M] () -- C:\Users\lolek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-31 02:23:09 | 03,873,933 | -H-- | M] () -- C:\Users\lolek\AppData\Local\IconCache.db
[2009-10-27 07:52:43 | 00,343,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-10-26 18:07:55 | 00,001,620 | ---- | M] () -- C:\Users\lolek\Desktop\Edytor KaraFun.lnk
[2009-10-26 18:07:55 | 00,000,742 | ---- | M] () -- C:\Users\lolek\Desktop\KaraFun.lnk
[2009-10-26 00:14:00 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009-10-21 11:40:08 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009-10-21 09:19:16 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009-10-11 19:53:02 | 00,074,752 | ---- | M] () -- C:\Users\lolek\Desktop\ARTYSCI INFO.doc

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-06 12:04:38 | 00,781,909 | ---- | C] () -- C:\Users\lolek\Desktop\RSIT.exe
[2009-11-06 11:56:18 | 00,000,162 | -H-- | C] () -- C:\Users\lolek\Desktop\~$wy Dokument programu Microsoft Word.doc
[2009-11-06 11:55:56 | 00,025,600 | ---- | C] () -- C:\Users\lolek\Desktop\Nowy Dokument programu Microsoft Word.doc
[2009-11-06 11:25:09 | 00,018,341 | ---- | C] () -- C:\Users\lolek\Desktop\VA_-_X-Mix_Dance_Series_125_ 2009 _[mp3 202][Torrenty.org].torrent
[2009-11-06 11:23:39 | 00,018,451 | ---- | C] () -- C:\Users\lolek\Desktop\Dziubek_ De_Press _-_Total_Blaga_ 2003 _[mp3 320][Torrenty.org].torrent
[2009-11-05 19:59:05 | 00,001,674 | ---- | C] () -- C:\Users\lolek\Desktop\CCleaner.lnk
[2009-11-05 08:15:41 | 07,766,531 | ---- | C] () -- C:\Users\lolek\Desktop\plakat eldo (2).jpg
[2009-11-04 14:12:13 | 00,000,861 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2009-11-03 21:26:15 | 00,087,244 | ---- | C] () -- C:\Users\lolek\Desktop\d99bc5de98.jpg
[2009-11-03 21:09:08 | 00,132,910 | ---- | C] () -- C:\Users\lolek\Desktop\weekend.jpg
[2009-10-26 18:04:34 | 00,001,620 | ---- | C] () -- C:\Users\lolek\Desktop\Edytor KaraFun.lnk
[2009-10-26 18:04:34 | 00,000,742 | ---- | C] () -- C:\Users\lolek\Desktop\KaraFun.lnk
[2009-10-11 19:52:56 | 00,074,752 | ---- | C] () -- C:\Users\lolek\Desktop\ARTYSCI INFO.doc
[2008-05-06 16:57:39 | 00,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008-05-06 16:47:51 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008-02-22 19:27:20 | 00,000,680 | ---- | C] () -- C:\Users\lolek\AppData\Local\d3d9caps.dat
[2008-02-11 18:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007-08-08 14:39:33 | 00,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2007-07-24 08:53:42 | 00,682,232 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007-06-25 15:56:50 | 00,002,652 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007-06-19 10:15:27 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007-06-19 10:15:27 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007-06-19 10:15:25 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007-06-19 10:15:23 | 00,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007-06-19 10:15:23 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007-06-19 06:14:02 | 00,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2007-06-19 06:14:00 | 00,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007-06-19 00:06:31 | 00,164,352 | ---- | C] () -- C:\Users\lolek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-06-18 21:36:02 | 03,873,933 | -H-- | C] () -- C:\Users\lolek\AppData\Local\IconCache.db
[2007-06-18 21:30:32 | 00,084,344 | ---- | C] () -- C:\Users\lolek\AppData\Local\GDIPFONTCACHEV1.DAT
[2007-06-18 21:29:02 | 00,000,037 | ---- | C] () -- C:\Windows\Acer.ini
[2007-04-24 16:15:57 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007-04-24 13:32:07 | 00,000,115 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007-04-24 13:32:02 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2007-04-24 13:31:59 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007-04-24 13:31:10 | 00,015,190 | ---- | C] () -- C:\Windows\M2000T07.ini
[2007-04-24 05:49:12 | 00,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007-04-24 05:49:12 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007-04-24 05:48:18 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007-04-24 05:38:32 | 00,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007-04-24 05:18:43 | 00,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll
[2007-04-24 05:10:16 | 00,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007-02-06 22:58:10 | 00,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007-02-06 22:57:58 | 00,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007-02-06 22:57:20 | 00,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007-02-06 22:56:30 | 00,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007-02-06 22:56:28 | 00,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007-02-06 22:52:08 | 00,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006-12-25 14:44:48 | 00,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006-11-02 13:50:50 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006-11-02 13:37:35 | 00,030,808 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006-11-02 13:37:35 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006-11-02 13:37:35 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006-11-02 13:37:35 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006-11-02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006-11-02 11:23:31 | 00,000,203 | ---- | C] () -- C:\Windows\win.ini
[2006-11-02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001-12-26 14:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-03 21:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-30 14:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-23 20:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Users\lolek\Desktop\VID00130.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\lolek\Desktop\VID00128.AVI:TOC.WMV
< End of report >


[tomj]

kiedyś też miałem takie numery ,myślałem że to virus ,okazało się że robił to program, po odinstalowaniu wszystko było ok

[NieWiem]

• Pobierz program Malwarebytes' Anti-Malware i zainstaluj.
• Wersja freeware nie ma opcji automatycznych aktualizacji, dlatego pod koniec instalacji upewnij się, że zaznaczone są opcje:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Wciśnij Finish.
• Przeprowadź pełne skanowanie komputera.
• Raport z tego skanowania proszę wkleić na forum w tagach [code], lub na stronie http://www.wklej.org a w odpowiedzi podać tylko linka do tej strony.

[macius]

jeszcze kod RSIT

Kod: Zaznacz wszystko

Logfile of random's system information tool 1.06 (written by random/random)
Run by lolek at 2009-11-06 12:30:09
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 19 GB (35%) free of 52 GB
Total RAM: 1013 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:30:50, on 2009-11-06
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\lolek\Desktop\RSIT.exe
C:\Program Files\trend micro\lolek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.poczta.interia.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\lolek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mks.com.pl
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{8877928C-AFD0-4A5E-9D78-E8949AF4DE50}: NameServer = 213.172.186.4,213.172.186.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6608 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-04-16 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-02-06 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Users\lolek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-14 42088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552]
{37B85A29-692B-4205-9CAD-2626E4993404}
{D4027C7F-154A-4066-A1AD-4243D8127440}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-06 464168]
"eDSMSNfix"=C:\Acer\Empowering Technology\eDSMSNfix.exe [2007-02-09 13312]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="eNetHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e4c286c-4e6b-11de-920a-0016d4d57704}]
shell\AutoRun\command - G:\abk.bat
shell\explore\command - G:\abk.bat
shell\open\command - G:\abk.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e76fbac-3203-11dc-8001-0019d23325bd}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL pAŁAC.exE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4af84078-6342-11de-aa60-0016d4d57704}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\m.exe /s

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5643c356-39bb-11dc-81ca-0016d4d57704}]
shell\AutoRun\command - F:\StartBTB.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6196556d-d2be-11dd-880d-0016d4d57704}]
shell\AutoRun\command - J:\iqe68o.bat
shell\explore\command - J:\iqe68o.bat
shell\open\command - J:\iqe68o.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8d83bc1d-d716-11dc-8c5a-0016d4d57704}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c979db1e-04b4-11de-9e65-0016d4d57704}]
shell\AutoRun\command - G:\a2h2.com
shell\open\command - G:\a2h2.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce9469de-d75a-11dd-a5ef-0016d4d57704}]
shell\AutoRun\command - abk.bat
shell\explore\command - abk.bat
shell\open\command - abk.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d141a87b-b255-11dd-8f37-0016d4d57704}]
shell\AutoRun\command - I:\d.com
shell\explore\command - I:\d.com
shell\open\command - I:\d.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6d0e7e5-06b5-11dd-aa81-0016d4d57704}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
shell\Open(&0)\command - I:\Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea513c5f-30b7-11dc-aa7d-0016d4d57704}]
shell\AutoRun\command - G:\s.exe
shell\open\command - G:\s.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea513c65-30b7-11dc-aa7d-0016d4d57704}]
shell\AutoRun\command - J:\s.exe
shell\open\command - J:\s.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2009-11-06 12:19:07 ----D---- C:\Program Files\trend micro
2009-11-06 12:19:01 ----D---- C:\rsit
2009-11-05 19:59:04 ----D---- C:\Program Files\CCleaner
2009-11-04 14:12:10 ----D---- C:\Program Files\CPUID
2009-11-03 08:20:42 ----A---- C:\Windows\system32\mshtml.dll
2009-10-29 08:54:56 ----A---- C:\Windows\system32\wmp.dll
2009-10-29 08:54:53 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-29 08:54:45 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-26 18:04:28 ----D---- C:\ProgramData\Recisio
2009-10-26 18:04:28 ----D---- C:\Program Files\KaraFun
2009-10-25 09:27:44 ----A---- C:\Windows\system32\EncDec.dll
2009-10-25 09:27:38 ----A---- C:\Windows\system32\psisdecd.dll
2009-10-25 09:27:11 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-10-25 09:27:07 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-10-15 21:41:51 ----A---- C:\Windows\system32\ieframe.dll
2009-10-15 21:41:49 ----A---- C:\Windows\system32\urlmon.dll
2009-10-15 21:41:49 ----A---- C:\Windows\system32\iertutil.dll
2009-10-15 21:41:48 ----A---- C:\Windows\system32\wininet.dll
2009-10-15 21:41:47 ----A---- C:\Windows\system32\occache.dll
2009-10-15 21:41:47 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-15 21:41:47 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-15 21:41:46 ----A---- C:\Windows\system32\ieui.dll
2009-10-15 21:41:45 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-15 21:41:45 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-15 21:41:45 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-15 21:41:45 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-15 21:41:45 ----A---- C:\Windows\system32\iepeers.dll
2009-10-15 21:41:44 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-15 21:41:44 ----A---- C:\Windows\system32\iesetup.dll
2009-10-15 21:41:44 ----A---- C:\Windows\system32\iernonce.dll
2009-10-15 21:41:44 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-15 21:37:14 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-15 21:37:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-15 21:31:07 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-15 21:13:26 ----A---- C:\Windows\system32\msasn1.dll
2009-10-15 21:12:46 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-03 02:57:52 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-09 09:21:47 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 09:21:47 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 09:21:46 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 09:21:45 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 09:21:19 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 09:21:09 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 09:21:07 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 09:21:07 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 09:21:07 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 09:21:07 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 09:21:07 ----A---- C:\Windows\system32\finger.exe
2009-09-09 09:21:07 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 09:21:06 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 09:21:05 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 09:20:36 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 09:20:35 ----A---- C:\Windows\system32\mf.dll
2009-08-28 02:01:04 ----A---- C:\Windows\system32\tzres.dll
2009-08-18 07:34:42 ----A---- C:\Windows\system32\kerberos.dll
2009-08-18 07:34:40 ----A---- C:\Windows\system32\wdigest.dll
2009-08-18 07:34:40 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-18 07:34:39 ----A---- C:\Windows\system32\schannel.dll
2009-08-18 07:34:36 ----A---- C:\Windows\system32\lsass.exe
2009-08-18 07:34:35 ----A---- C:\Windows\system32\secur32.dll
2009-08-14 00:31:12 ----A---- C:\Windows\system32\atl.dll
2009-08-14 00:31:04 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-14 00:30:55 ----A---- C:\Windows\system32\mstscax.dll
2009-08-14 00:30:49 ----A---- C:\Windows\system32\avifil32.dll
2009-08-14 00:30:17 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-14 00:30:14 ----A---- C:\Windows\system32\spwmp.dll
2009-08-14 00:30:12 ----A---- C:\Windows\system32\dxmasf.dll

======List of files/folders modified in the last 3 months======

2009-11-06 12:30:11 ----D---- C:\Windows\Temp
2009-11-06 12:27:12 ----D---- C:\Windows\Prefetch
2009-11-06 12:19:07 ----RD---- C:\Program Files
2009-11-06 11:56:51 ----D---- C:\Windows\tracing
2009-11-06 11:49:42 ----D---- C:\Users\lolek\AppData\Roaming\Nowe Gadu-Gadu
2009-11-06 01:50:49 ----SHD---- C:\System Volume Information
2009-11-05 23:17:20 ----D---- C:\Windows\Debug
2009-11-05 23:17:19 ----D---- C:\Windows
2009-11-05 19:50:29 ----D---- C:\Users\lolek\AppData\Roaming\uTorrent
2009-11-05 18:19:09 ----D---- C:\Windows\system32\catroot2
2009-11-05 18:17:52 ----D---- C:\Windows\winsxs
2009-11-05 18:17:51 ----D---- C:\Windows\System32
2009-11-04 14:12:12 ----D---- C:\Windows\system32\drivers
2009-11-04 14:12:08 ----SHD---- C:\Windows\Installer
2009-11-04 14:12:03 ----D---- C:\Windows\system32\Tasks
2009-11-04 08:24:45 ----D---- C:\Windows\inf
2009-11-04 08:24:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-03 08:01:08 ----D---- C:\Windows\system32\catroot
2009-10-30 07:44:22 ----D---- C:\Windows\rescache
2009-10-30 06:56:22 ----D---- C:\Program Files\Internet Explorer
2009-10-30 06:56:21 ----D---- C:\Windows\system32\pl-PL
2009-10-30 06:56:21 ----D---- C:\Program Files\Windows Media Player
2009-10-26 22:44:48 ----D---- C:\Windows\Microsoft.NET
2009-10-26 22:44:23 ----D---- C:\Program Files\Windows Mail
2009-10-26 22:43:55 ----D---- C:\Windows\ehome
2009-10-26 22:42:24 ----D---- C:\Windows\AppPatch
2009-10-26 18:04:28 ----HD---- C:\ProgramData
2009-10-22 22:29:21 ----D---- C:\Windows\system32\config
2009-10-22 22:28:50 ----D---- C:\Windows\Tasks
2009-10-22 22:28:50 ----D---- C:\Windows\system32\spool
2009-10-22 22:28:48 ----D---- C:\Users\lolek\AppData\Roaming\GHISLER
2009-10-22 22:28:46 ----D---- C:\Windows\system32\wbem
2009-10-22 22:28:45 ----D---- C:\Windows\registration
2009-10-16 07:45:15 ----RSD---- C:\Windows\assembly
2009-10-16 07:11:36 ----D---- C:\Windows\system32\migration
2009-10-02 19:01:57 ----A---- C:\Windows\system32\mrt.exe
2009-09-13 19:29:57 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-13 19:28:25 ----D---- C:\Program Files\Nowe Gadu-Gadu
2009-09-12 03:23:36 ----D---- C:\Windows\system32\Msdtc
2009-08-14 07:52:01 ----D---- C:\ProgramData\Lavasoft
2009-08-14 07:51:24 ----DC---- C:\Windows\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-03 20112]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 bcm4sbxp;Sterownik XP zintegrowanego kontrolera Broadcom 440x 10/100; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 Cam5607;Acer OrbiCam; C:\Windows\System32\Drivers\BisonC07.sys [2006-12-27 817968]
R3 CmBatt;Sterownik baterii Microsoft o metodzie kontroli ACPI; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-09 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-09 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-04-24 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-09 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 axvy43ww;axvy43ww; C:\Windows\system32\drivers\axvy43ww.sys []
S3 BCM43XV;Sterownik karty sieciowej Broadcom Extensible 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
S3 BCM43XX;Sterownik karty sieciowej Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Sterownik karty Intel(R) Wireless WiFi Link dla systemu Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-24 2216448]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\Windows\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\Windows\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\Windows\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-06 457512]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-04-24 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------


[NieWiem]

• Uruchom ponownie program OTL
• W okienku na dole Custom Scans / Fixes wklej to, co poniżej w ramce:
  

  Kod: Zaznacz wszystko

  :Processes
explorer.exe
:OTL
SRV - File not found --  -- (CLTNetCnService)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O33 - MountPoints2\{1e4c286c-4e6b-11de-920a-0016d4d57704}\Shell\AutoRun\command - "" = G:\abk.bat -- File not found
O33 - MountPoints2\{1e4c286c-4e6b-11de-920a-0016d4d57704}\Shell\explore\Command - "" = G:\abk.bat -- File not found
O33 - MountPoints2\{1e4c286c-4e6b-11de-920a-0016d4d57704}\Shell\open\Command - "" = G:\abk.bat -- File not found
O33 - MountPoints2\{4af84078-6342-11de-aa60-0016d4d57704}\Shell\AutoRun - "" = Autorun
O33 - MountPoints2\{5643c356-39bb-11dc-81ca-0016d4d57704}\Shell - "" = AutoRun
O33 - MountPoints2\{5643c356-39bb-11dc-81ca-0016d4d57704}\Shell\AutoRun\command - "" = F:\StartBTB.exe -- File not found
O33 - MountPoints2\{6196556d-d2be-11dd-880d-0016d4d57704}\Shell\AutoRun\command - "" = J:\iqe68o.bat -- File not found
O33 - MountPoints2\{6196556d-d2be-11dd-880d-0016d4d57704}\Shell\explore\Command - "" = J:\iqe68o.bat -- File not found
O33 - MountPoints2\{6196556d-d2be-11dd-880d-0016d4d57704}\Shell\open\Command - "" = J:\iqe68o.bat -- File not found
O33 - MountPoints2\{c979db1e-04b4-11de-9e65-0016d4d57704}\Shell\AutoRun\command - "" = G:\a2h2.com -- File not found
O33 - MountPoints2\{c979db1e-04b4-11de-9e65-0016d4d57704}\Shell\open\Command - "" = G:\a2h2.com -- File not found
O33 - MountPoints2\{ce9469de-d75a-11dd-a5ef-0016d4d57704}\Shell\AutoRun\command - "" = abk.bat
O33 - MountPoints2\{ce9469de-d75a-11dd-a5ef-0016d4d57704}\Shell\explore\Command - "" = abk.bat
O33 - MountPoints2\{ce9469de-d75a-11dd-a5ef-0016d4d57704}\Shell\open\Command - "" = abk.bat
O33 - MountPoints2\{d141a87b-b255-11dd-8f37-0016d4d57704}\Shell\AutoRun\command - "" = I:\d.com -- File not found
O33 - MountPoints2\{d141a87b-b255-11dd-8f37-0016d4d57704}\Shell\explore\Command - "" = I:\d.com -- File not found
O33 - MountPoints2\{d141a87b-b255-11dd-8f37-0016d4d57704}\Shell\open\Command - "" = I:\d.com -- File not found
O33 - MountPoints2\{d6d0e7e5-06b5-11dd-aa81-0016d4d57704}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{ea513c5f-30b7-11dc-aa7d-0016d4d57704}\Shell\AutoRun\command - "" = G:\s.exe -- File not found
O33 - MountPoints2\{ea513c5f-30b7-11dc-aa7d-0016d4d57704}\Shell\open\Command - "" = G:\s.exe -- File not found
O33 - MountPoints2\{ea513c65-30b7-11dc-aa7d-0016d4d57704}\Shell\AutoRun\command - "" = J:\s.exe -- File not found
O33 - MountPoints2\{ea513c65-30b7-11dc-aa7d-0016d4d57704}\Shell\open\Command - "" = J:\s.exe -- File not found
:Services
CLTNetCnService
:Files
C:\s.exe
C:\d.com
C:\abk.bat
C:\a2h2.com
C:\iqe68o.bat
D:\s.exe
D:\d.com
D:\abk.bat
D:\a2h2.com
D:\iqe68o.bat
:Commands
[purity]
[emptytemp]
[clearrestorepoint]
[start explorer]
[reboot]

• Upewnij się, że wszystkie inne okna, programy, komunikatory są wyłączone.
• Kliknij przycisk Run Fix i poczekaj cierpliwie. To może chwilę potrwać!
• Na prośbę komputera o restart zgódź się.
• Po restarcie program automatycznie wyświetli raport z czyszczenia, który należy zapisać i wkleić w poście w tagach [code], lub na stronie http://www.wklej.org
• Wykonaj także nowego loga OTL.txt z OTL z opcji Run Scan i także go dołącz. Plik extras.txt nie będzie potrzebny.

I chcę zobaczyć raport z MBAM!