Wolno działa internet

**Posty:** 2 · przez **jarogt** 18 Paź 2009, 21:07

Witam

Potrzebuję pomocy. Internet mi się muli na całego mam łącze 6Mb/s a jak sprawdzam łącze np. na http://www.numion.com to jest ok 180kb/s
Pomóżcie mi przeanalizować logi z HijackThis, może mam jakiś syf na kompie.

Kod: Zaznacz wszystko: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:54:19, on 2009-10-18 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Program Files (x86)\Dexpot\dexpot.exe C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe C:\Program Files (x86)\Panasonic\HD Writer AE 1\HDWriterAutoStart.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe C:\Program Files (x86)\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Jarek\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.7.2.11\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Jarek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-781cd0e19f00} - c:\program files (x86)\steganos internet anonym pro 7\siapro7iep.dll O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe" O4 - HKCU\..\Run: [EPSON Stylus Photo RX585 Series] "C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLE.EXE" /FU "C:\Users\Jarek\AppData\Local\Temp\E_SD2DA.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [FlashGet] "C:\Program Files (x86)\FlashGet Network\FlashGet universal\flashget.exe" /min O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [SIAPRO7] "C:\Program Files (x86)\Steganos Internet Anonym Pro 7\SIAPRO7.exe" -firstboot (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [SIAPRO7] "C:\Program Files (x86)\Steganos Internet Anonym Pro 7\SIAPRO7.exe" -firstboot (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\RunOnce: [SIAPRO7] "C:\Program Files (x86)\Steganos Internet Anonym Pro 7\SIAPRO7.exe" -firstboot (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SIAPRO7] "C:\Program Files (x86)\Steganos Internet Anonym Pro 7\SIAPRO7.exe" -firstboot (User 'Default user') O4 - Startup: E-mail — skrót.lnk = ? O4 - Global Startup: HD Writer AE 1.0.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: NCProTray.lnk = ? O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm O8 - Extra context menu item: &Download by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/pl-pl/wlscctrl2.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Common Files\BricsCad\BrxProtIE.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10133 bytes

po wydaniu w konsolce polecenia netstat pokazuje się coś takiego:

Kod: Zaznacz wszystko: C:\Windows\system32>netstat -b Aktywne połączenia Protokół Adres lokalny Obcy adres Stan TCP 192.168.1.11:49586 fx-in-f104:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49587 fx-in-f105:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49588 a213-135-50-71:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49592 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:49596 bw-in-f113:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49597 fx-in-f104:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49599 bw-in-f102:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49601 bw-in-f102:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49602 209.85.129.113:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49609 bw-in-f101:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49615 bw-in-f139:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49616 node20:http CZAS_OCZEKIWANIA TCP 192.168.1.11:49731 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:50212 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:51789 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:52122 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:52776 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:53237 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:53858 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:54217 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:54946 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:55239 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:55816 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:57231 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:58347 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:59211 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:59534 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:59605 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:59957 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:61491 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:62029 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:62080 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:62441 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:62890 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:63678 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:63853 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:63873 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:65058 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:65152 gate:41382 OCZEKIWANIE_FIN__1 [System] TCP 192.168.1.11:65518 gate:41382 OCZEKIWANIE_FIN__1 [System] C:\Windows\system32>

Będę wdzięczny za pomoc :wink:

**Posty:** 18165 · przez **wojtas** 19 Paź 2009, 11:50

Daj loga z OTL

**Posty:** 2 · przez **jarogt** 19 Paź 2009, 19:08

oto log z OTL:

Kod: Zaznacz wszystko: OTL logfile created on: 2009-10-19 19:01:49 - Run 1 OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Jarek\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18828) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 59,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,65 Gb Total Space | 55,28 Gb Free Space | 56,61% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 39,86 Gb Free Space | 68,02% Space Free | Partition Type: NTFS Drive E: | 76,63 Gb Total Space | 66,78 Gb Free Space | 87,15% Space Free | Partition Type: NTFS Drive F: | 576,99 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 97,66 Gb Total Space | 6,76 Gb Free Space | 6,92% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JAREK-PC Current User Name: Jarek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-10-19 18:57:50 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Jarek\Desktop\OTL.exe PRC - [2009-08-31 18:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe PRC - [2009-08-31 16:56:26 | 00,077,824 | ---- | M] () -- C:\Program Files (x86)\Nowe Gadu-Gadu\spellchecker_gg.exe PRC - [2009-08-24 22:23:38 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2009-08-22 08:32:54 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009-07-25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe PRC - [2009-07-20 04:00:00 | 00,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe PRC - [2009-04-30 12:23:26 | 00,090,112 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2009-03-08 13:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe PRC - [2009-03-06 23:54:06 | 24,095,528 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe PRC - [2009-02-17 17:32:02 | 00,049,263 | ---- | M] (Samsung) -- C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe PRC - [2009-02-17 13:03:52 | 00,193,880 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Panasonic\HD Writer AE 1\HDWriterAutoStart.exe PRC - [2009-02-02 14:51:28 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe PRC - [2009-01-26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008-08-19 09:47:38 | 01,795,656 | ---- | M] (FLASHGET) -- C:\Program Files (x86)\FlashGet Network\FlashGet universal\flashget.exe PRC - [2008-01-28 12:55:10 | 01,413,120 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe PRC - [2008-01-28 10:42:10 | 01,352,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe PRC - [2008-01-24 18:53:16 | 00,613,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe PRC - [2008-01-09 10:17:18 | 00,627,200 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe PRC - [2007-06-15 12:57:42 | 00,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe PRC - [2007-06-06 08:35:18 | 01,261,568 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-07-20 12:36:14 | 00,160,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped]) SRV:[b]64bit:[/b] - [2008-01-19 01:06:52 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped]) SRV:[b]64bit:[/b] - [2008-01-19 01:00:48 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running]) SRV:[b]64bit:[/b] - [2007-06-07 01:41:54 | 00,089,088 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters [Auto | Running]) SRV - [2009-08-22 08:32:54 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe -- (Norton AntiVirus [Auto | Running]) SRV - [2009-04-30 12:23:26 | 00,090,112 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service [Auto | Running]) SRV - [2009-04-11 08:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped]) SRV - [2009-03-30 06:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2009-03-30 06:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) SRV - [2009-02-18 20:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2009-02-18 20:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009-01-26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Running]) SRV - [2008-01-19 01:00:16 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped]) SRV - [2008-01-19 01:00:16 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped]) SRV - [2007-08-23 18:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Disabled | Stopped]) SRV - [2007-06-29 20:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [Disabled | Stopped]) SRV - [2007-06-27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [Disabled | Stopped]) SRV - [2007-06-15 12:57:42 | 00,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen [Auto | Running]) SRV - [2006-11-02 17:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped]) SRV - [2006-11-02 15:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped]) SRV - [2006-11-02 11:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Running]) SRV - [2006-11-02 08:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped]) SRV - [2006-11-02 08:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2009-09-11 18:40:46 | 00,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent [On_Demand | Running]) DRV:[b]64bit:[/b] - [2009-09-11 18:40:30 | 00,583,296 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\NAVx64\1007020.00B\ccHPx64.sys -- (ccHP [System | Running]) DRV:[b]64bit:[/b] - [2009-08-22 08:32:55 | 00,476,720 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\NAVx64\1007020.00B\SRTSP64.SYS -- (SRTSP [System | Running]) DRV:[b]64bit:[/b] - [2009-08-22 08:32:55 | 00,402,992 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1007020.00B\SYMEFA64.SYS -- (SymEFA [Boot | Running]) DRV:[b]64bit:[/b] - [2009-08-22 08:32:55 | 00,334,384 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\NAVx64\1007020.00B\BHDrvx64.sys -- (BHDrvx64 [System | Running]) DRV:[b]64bit:[/b] - [2009-08-22 08:32:55 | 00,278,576 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\NAVx64\1007020.00B\SYMTDI.SYS -- (SYMTDI [System | Running]) DRV:[b]64bit:[/b] - [2009-08-22 08:32:55 | 00,120,880 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\NAVx64\1007020.00B\SYMFW.SYS -- (SYMFW [On_Demand | Running]) DRV:[b]64bit:[/b] - [2009-08-22 08:32:55 | 00,056,880 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\NAVx64\1007020.00B\SYMNDISV.SYS -- (SYMNDISV [On_Demand | Running]) DRV:[b]64bit:[/b] - [2009-08-22 08:32:55 | 00,032,304 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1007020.00B\SRTSPX64.SYS -- (SRTSPX [System | Running]) DRV:[b]64bit:[/b] - [2009-08-22 08:32:55 | 00,031,280 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM [System | Running]) DRV:[b]64bit:[/b] - [2009-06-17 18:54:30 | 00,057,872 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt [On_Demand | Running]) DRV:[b]64bit:[/b] - [2009-06-17 18:54:22 | 00,055,312 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt [On_Demand | Running]) DRV:[b]64bit:[/b] - [2009-06-17 18:53:34 | 00,030,736 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\DRIVERS\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running]) DRV:[b]64bit:[/b] - [2009-04-25 19:11:49 | 00,871,408 | ---- | M] () -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV:[b]64bit:[/b] - [2009-02-02 15:47:42 | 00,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\DRIVERS\akshasp.sys -- (akshasp [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2009-02-02 15:34:10 | 00,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock [Auto | Running]) DRV:[b]64bit:[/b] - [2009-01-28 15:02:54 | 00,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\DRIVERS\aksusb.sys -- (aksusb [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-06-27 07:51:10 | 00,088,632 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs [Auto | Running]) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 00,158,760 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\s0016mdm.sys -- (s0016mdm [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 00,151,592 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\s0016unic.sys -- (s0016unic [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 00,137,256 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\s0016mgmt.sys -- (s0016mgmt [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 00,136,744 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\s0016obex.sys -- (s0016obex [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 00,034,344 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\s0016nd5.sys -- (s0016nd5 [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-05-16 11:33:04 | 00,019,496 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\s0016mdfl.sys -- (s0016mdfl [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-05-16 11:32:56 | 00,115,240 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\s0016bus.sys -- (s0016bus [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-02-11 15:57:10 | 00,070,272 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf [Auto | Running]) DRV:[b]64bit:[/b] - [2008-01-18 23:47:14 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2008-01-09 11:28:20 | 00,034,032 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\DRIVERS\seehcri.sys -- (seehcri [On_Demand | Running]) DRV:[b]64bit:[/b] - [2007-12-06 10:51:00 | 00,391,680 | ---- | M] (Marvell) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64 [On_Demand | Running]) DRV:[b]64bit:[/b] - [2007-07-18 22:15:12 | 00,432,640 | ---- | M] (Analog Devices, Inc.) -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running]) DRV:[b]64bit:[/b] - [2007-04-10 18:50:20 | 00,880,640 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr [On_Demand | Running]) DRV:[b]64bit:[/b] - [2006-11-02 07:28:10 | 00,273,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped]) DRV:[b]64bit:[/b] - [2006-10-31 17:23:42 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running]) DRV:[b]64bit:[/b] - [2006-08-25 14:36:52 | 00,039,208 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv [System | Running]) DRV - [2009-09-26 01:42:40 | 01,742,896 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091019.002\EX64.SYS -- (NAVEX15 [On_Demand | Running]) DRV - [2009-09-26 01:42:40 | 00,116,272 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091019.002\ENG64.SYS -- (NAVENG [On_Demand | Running]) DRV - [2009-09-10 22:10:17 | 00,466,480 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090916.003\IDSvia64.sys -- (IDSVia64 [System | Running]) DRV - [2009-08-27 10:00:00 | 00,475,696 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl [System | Running]) DRV - [2009-08-27 10:00:00 | 00,132,656 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running]) DRV - [2008-10-31 19:13:06 | 00,014,080 | ---- | M] (Samsung Electronics, Inc. ) -- C:\Windows\system32\drivers\MTictwl.sys -- (NaturalColor [System | Running]) DRV - [2007-12-18 01:14:12 | 00,014,392 | ---- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys -- (AsIO [System | Running]) DRV - [2006-09-18 23:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running]) DRV - [2006-09-18 23:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 23 BD 70 2D BF 28 CA 01 [binary data] IE - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000\S-1-5-21-1762677132-2822316560-4059749007-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.1 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.3 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.2.9 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15 FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.2 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8 FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - prefs.js..network.proxy.type: 2 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-06-29 20:59:49 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009-10-09 17:22:13 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009-10-09 17:22:12 | 00,000,000 | ---D | M] [2009-02-17 14:05:49 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Extensions [2009-02-17 14:05:49 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-10-19 18:47:53 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Firefox\Profiles\3l6t224d.default\extensions [2009-06-29 21:49:57 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Firefox\Profiles\3l6t224d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-02-17 14:10:20 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Firefox\Profiles\3l6t224d.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2009-09-23 21:23:16 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Firefox\Profiles\3l6t224d.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE} [2009-07-01 20:31:57 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Firefox\Profiles\3l6t224d.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2009-08-10 20:41:03 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Firefox\Profiles\3l6t224d.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2009-10-01 18:50:05 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Firefox\Profiles\3l6t224d.default\extensions\firebug@software.joehewitt.com [2009-09-11 18:50:49 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\mozilla\Firefox\Profiles\3l6t224d.default\extensions\piclens@cooliris.com [2009-03-15 13:45:25 | 00,001,196 | ---- | M] () -- C:\Users\Jarek\AppData\Roaming\Mozilla\FireFox\Profiles\3l6t224d.default\searchplugins\winamp-search.xml [2009-10-19 18:37:05 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009-10-09 17:22:12 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-03-25 13:41:32 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-08-05 19:22:29 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009-08-24 22:23:38 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll [2009-08-24 22:23:38 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll [2009-07-25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2009-08-24 22:23:38 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2008-09-10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2008-09-10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2009-08-24 21:19:13 | 00,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2009-08-24 21:19:13 | 00,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-24 21:19:13 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2009-08-24 21:19:13 | 00,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2009-08-24 21:19:13 | 00,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2009-08-24 21:19:13 | 00,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-08-24 21:19:13 | 00,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.7.2.11\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Jarek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-781CD0E19F00} - No CLSID value found. O3 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.EXE (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Ai Nap] C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe () O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe () O4 - HKLM..\Run: [CPU Power Monitor] C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe () O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation) O4 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000..\Run: [EPSON Stylus Photo RX585 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATICLE.EXE File not found O4 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000..\Run: [FlashGet] C:\Program Files (x86)\FlashGet Network\FlashGet universal\flashget.exe (FLASHGET) O4 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000..\Run: [Nowe Gadu-Gadu] C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKU\S-1-5-21-1762677132-2822316560-4059749007-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O4 - Startup: C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\E-mail — skrót.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8:[b]64bit:[/b] - Extra context menu item: &Download All by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm () O8:[b]64bit:[/b] - Extra context menu item: &Download by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm () O8:[b]64bit:[/b] - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm () O8 - Extra context menu item: &Download by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm () O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File not found O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/pl-pl/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\brx {9C160F90-74D1-11D3-AB60-0060977C1F29} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\brx {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Common Files\BricsCad\BrxProtIE.dll (BricsCad) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{368b0409-909b-11de-8902-001e8c8e1e4f}\Shell\AutoRun\command - "" = RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe O33 - MountPoints2\{368b0409-909b-11de-8902-001e8c8e1e4f}\Shell\open\command - "" = RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found [b]64bit:[/b] O35 - comfile [open] -- "%1" %* File not found [b]64bit:[/b] O35 - exefile [open] -- "%1" %* File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-09-27 14:04:12 | 00,000,000 | -H-D | C] -- C:\ProgramData\{C4C0E335-EDDF-46A0-A57D-F3802AE44275} [2009-10-15 17:41:42 | 00,000,000 | ---D | C] -- C:\ProgramData\Panasonic [2009-10-04 21:46:55 | 00,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Roaming\Notepad++ [2009-10-15 17:40:43 | 00,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Roaming\Panasonic [2009-10-04 21:46:55 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++ [2009-10-15 17:37:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Panasonic [2009-10-19 18:56:39 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Users\Jarek\Desktop\OTL.exe [2009-10-18 22:59:08 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\TS-119219_ENG [2009-10-18 22:59:01 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\M_TS-119_20090313_V2-3-0_ENG [2009-10-18 22:17:58 | 02,321,304 | ---- | C] (A9Tech, Inc. ) -- C:\Users\Jarek\Desktop\A9ConverterSetup.exe [2009-10-18 20:51:18 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jarek\Desktop\HiJackThis.exe [2009-10-16 14:31:35 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2009-10-16 14:31:03 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL [2009-10-16 14:31:03 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL [2009-10-16 14:30:53 | 05,940,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll [2009-10-16 14:30:52 | 09,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2009-10-16 14:30:51 | 12,461,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2009-10-16 14:30:50 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll [2009-10-16 14:30:50 | 02,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2009-10-16 14:30:50 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll [2009-10-16 14:30:50 | 01,484,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2009-10-16 14:30:50 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll [2009-10-16 14:30:50 | 01,147,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2009-10-16 14:30:50 | 00,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2009-10-16 14:30:50 | 00,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2009-10-16 14:30:50 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2009-10-16 14:30:49 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2009-10-16 14:30:49 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2009-10-16 14:30:49 | 00,700,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2009-10-16 14:30:49 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2009-10-16 14:30:49 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll [2009-10-16 14:30:49 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2009-10-16 14:30:48 | 00,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2009-10-16 14:30:48 | 00,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2009-10-16 14:30:48 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2009-10-16 14:30:48 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2009-10-16 14:30:48 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2009-10-16 14:30:48 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2009-10-16 14:30:48 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2009-10-16 14:30:48 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2009-10-16 14:30:48 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2009-10-16 14:30:48 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2009-10-16 14:30:48 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2009-10-16 14:30:48 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2009-10-16 14:30:48 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2009-10-16 14:30:48 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2009-10-16 14:30:48 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll [2009-10-16 14:30:48 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2009-10-16 14:30:48 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll [2009-10-16 14:30:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2009-10-16 14:30:48 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2009-10-16 14:30:47 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb [2009-10-16 14:30:47 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.tlb [2009-10-16 14:30:47 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2009-10-16 14:30:40 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll [2009-10-16 14:30:40 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll [2009-10-16 14:30:33 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys [2009-10-16 14:30:28 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2009-10-16 14:30:28 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll [2009-10-15 19:41:51 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\aaaaa [2009-10-15 17:40:27 | 00,000,000 | ---D | C] -- C:\MC_TMP [2009-10-15 17:38:43 | 00,039,208 | ---- | C] (B.H.A Corporation) -- C:\Windows\SysNative\drivers\cdrbsdrv.sys [2009-10-15 17:38:42 | 00,145,504 | ---- | C] (B.H.A Corporation) -- C:\Windows\SysWow64\bgsvcgen.exe [2009-10-15 17:38:42 | 00,059,488 | ---- | C] (B.H.A Corporation) -- C:\Windows\SysWow64\GenSvcInst.exe [2009-10-13 18:28:41 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\promocje [2009-10-09 17:17:39 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\Nowy folder [2009-10-09 16:58:11 | 75,843,616 | ---- | C] (AVG Technologies) -- C:\Users\Jarek\Desktop\avg_free_stf_eu_85_420a1708.exe [2009-10-08 20:07:06 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\allegr [2009-09-26 21:39:28 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\polos [2009-09-26 19:39:03 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\zx_instrukcja [2009-09-23 23:19:47 | 00,000,000 | ---D | C] -- C:\dell [2009-09-23 22:30:23 | 00,000,000 | ---D | C] -- C:\Users\Jarek\Desktop\SYNOLOGY DS107 [2009-08-15 12:13:18 | 00,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeF316.dll [2009-08-08 20:18:37 | 00,099,840 | R--- | C] ( ) -- C:\Windows\SysWow64\Zipdll.dll [2009-08-08 20:18:37 | 00,094,208 | R--- | C] ( ) -- C:\Windows\SysWow64\Unzdll.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-10-19 18:57:50 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Jarek\Desktop\OTL.exe [2009-10-19 18:55:06 | 00,000,474 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A4CBE02B-D97B-4CAD-93F7-05A0CA424710}.job [2009-10-19 18:36:45 | 00,074,855 | ---- | M] () -- C:\ProgramData\nvModes.dat [2009-10-19 18:36:44 | 00,074,855 | ---- | M] () -- C:\ProgramData\nvModes.001 [2009-10-19 18:36:38 | 00,003,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009-10-19 18:36:37 | 00,003,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009-10-19 18:36:34 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009-10-19 18:36:29 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009-10-19 18:36:20 | 42,940,41600 | -HS- | M] () -- C:\hiberfil.sys [2009-10-18 23:10:12 | 02,853,360 | -H-- | M] () -- C:\Users\Jarek\AppData\Local\IconCache.db [2009-10-18 22:59:03 | 02,338,857 | ---- | M] () -- C:\Users\Jarek\Desktop\TS-119219_ENG.zip [2009-10-18 22:58:26 | 06,842,567 | ---- | M] () -- C:\Users\Jarek\Desktop\M_TS-119_20090313_V2-3-0_ENG.zip [2009-10-18 22:18:10 | 02,321,304 | ---- | M] (A9Tech, Inc. ) -- C:\Users\Jarek\Desktop\A9ConverterSetup.exe [2009-10-18 20:53:11 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jarek\Desktop\HiJackThis.exe [2009-10-17 16:50:20 | 30,343,167 | ---- | M] () -- C:\Users\Jarek\Documents\TempImage.nrg [2009-10-16 17:40:09 | 00,001,724 | -H-- | M] () -- C:\Users\Jarek\Documents\Default.rdp [2009-10-15 19:07:06 | 01,468,980 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2009-10-15 19:07:06 | 00,661,818 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2009-10-15 19:07:06 | 00,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2009-10-15 19:07:06 | 00,126,702 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2009-10-15 19:07:06 | 00,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2009-10-15 17:38:56 | 00,001,896 | ---- | M] () -- C:\Users\Public\Desktop\HD Writer AE 1.0.lnk [2009-10-15 17:37:50 | 00,001,767 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer AE 1.0.lnk [2009-10-13 21:03:27 | 00,056,683 | ---- | M] () -- C:\Users\Jarek\Desktop\wwwzefir.jpg [2009-10-09 17:22:16 | 00,001,742 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009-10-09 17:02:38 | 75,843,616 | ---- | M] (AVG Technologies) -- C:\Users\Jarek\Desktop\avg_free_stf_eu_85_420a1708.exe [2009-10-05 23:31:58 | 00,049,664 | ---- | M] () -- C:\Users\Jarek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-04 21:46:56 | 00,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Notepad++.lnk [2009-10-02 20:40:19 | 26,575,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe [2009-09-26 19:37:44 | 07,348,599 | ---- | M] () -- C:\Users\Jarek\Desktop\zx_instrukcja.zip [2009-09-25 05:53:56 | 79,573,180 | ---- | M] () -- C:\Users\Jarek\Desktop\Sam Naprawiam PEUGEOT 306 PL .pdf [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-18 22:58:54 | 02,338,857 | ---- | C] () -- C:\Users\Jarek\Desktop\TS-119219_ENG.zip [2009-10-18 22:58:00 | 06,842,567 | ---- | C] () -- C:\Users\Jarek\Desktop\M_TS-119_20090313_V2-3-0_ENG.zip [2009-10-17 16:28:21 | 30,343,167 | ---- | C] () -- C:\Users\Jarek\Documents\TempImage.nrg [2009-10-15 17:38:56 | 00,001,896 | ---- | C] () -- C:\Users\Public\Desktop\HD Writer AE 1.0.lnk [2009-10-15 17:37:50 | 00,001,767 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer AE 1.0.lnk [2009-10-13 21:03:25 | 00,056,683 | ---- | C] () -- C:\Users\Jarek\Desktop\wwwzefir.jpg [2009-10-04 21:46:56 | 00,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Notepad++.lnk [2009-10-02 07:55:23 | 00,001,742 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009-09-26 19:31:56 | 07,348,599 | ---- | C] () -- C:\Users\Jarek\Desktop\zx_instrukcja.zip [2009-09-25 05:49:35 | 79,573,180 | ---- | C] () -- C:\Users\Jarek\Desktop\Sam Naprawiam PEUGEOT 306 PL .pdf [2009-08-15 11:40:33 | 00,074,855 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009-08-15 11:25:58 | 00,074,855 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009-08-13 19:46:11 | 00,000,600 | ---- | C] () -- C:\Users\Jarek\AppData\Local\PUTTY.RND [2009-08-08 20:18:40 | 00,618,496 | R--- | C] () -- C:\Windows\SysWow64\stlpmt45.dll [2009-08-08 20:18:40 | 00,618,496 | R--- | C] () -- C:\Windows\SysWow64\stlp45.dll [2009-08-08 20:18:40 | 00,147,456 | R--- | C] () -- C:\Windows\SysWow64\vc4_jpeg.dll [2009-08-08 20:18:40 | 00,090,112 | R--- | C] () -- C:\Windows\SysWow64\sdr.dll [2009-08-08 20:18:39 | 04,677,632 | R--- | C] () -- C:\Windows\SysWow64\ri.dll [2009-08-08 20:18:39 | 00,040,720 | R--- | C] () -- C:\Windows\SysWow64\oledb32r.dll [2009-08-08 20:18:39 | 00,005,392 | R--- | C] () -- C:\Windows\SysWow64\oledb32x.dll [2009-08-08 20:18:38 | 00,315,904 | R--- | C] () -- C:\Windows\SysWow64\glu.dll [2009-08-08 20:18:38 | 00,172,032 | R--- | C] () -- C:\Windows\SysWow64\glut32.dll [2009-08-08 20:18:37 | 00,230,912 | R--- | C] () -- C:\Windows\SysWow64\Zipit.dll [2009-08-08 20:18:37 | 00,098,304 | R--- | C] () -- C:\Windows\SysWow64\VC4_TIFF.dll [2009-08-08 20:18:37 | 00,033,280 | R--- | C] () -- C:\Windows\SysWow64\SP32W.DLL [2009-08-08 20:18:37 | 00,008,192 | R--- | C] () -- C:\Windows\SysWow64\bcbmm.dll [2009-08-08 20:18:35 | 00,084,992 | R--- | C] () -- C:\Windows\SysWow64\HASPVB32.DLL [2009-07-12 17:06:38 | 00,000,680 | ---- | C] () -- C:\Users\Jarek\AppData\Local\d3d9caps.dat [2009-07-09 17:32:46 | 00,000,180 | ---- | C] () -- C:\Users\Jarek\AppData\Roaming\setup.log [2009-07-09 17:32:44 | 00,000,760 | ---- | C] () -- C:\Users\Jarek\AppData\Roaming\setup_ldm.iss [2009-07-01 19:44:41 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-07-01 19:44:19 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009-07-01 19:29:58 | 02,853,360 | -H-- | C] () -- C:\Users\Jarek\AppData\Local\IconCache.db [2009-06-09 21:22:01 | 00,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2009-06-09 21:22:01 | 00,014,392 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2009-06-09 21:21:59 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2009-06-09 21:21:59 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2009-06-06 17:55:57 | 00,368,656 | ---- | C] () -- C:\Users\Jarek\AppData\Local\dd_vcredistMSI24F7.txt [2009-06-06 17:55:57 | 00,011,130 | ---- | C] () -- C:\Users\Jarek\AppData\Local\dd_vcredistUI24F7.txt [2009-05-01 14:24:30 | 00,044,344 | ---- | C] () -- C:\Windows\SysWow64\drivers\EyeOneDp.sys [2009-05-01 14:24:30 | 00,012,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\Spyder3.sys [2009-03-16 19:37:24 | 00,012,802 | ---- | C] () -- C:\Users\Jarek\AppData\Local\dd_vcredistUI6BB5.txt [2009-03-14 18:19:33 | 00,382,044 | ---- | C] () -- C:\Users\Jarek\AppData\Local\dd_vcredistMSI13DB.txt [2009-03-14 18:19:33 | 00,011,140 | ---- | C] () -- C:\Users\Jarek\AppData\Local\dd_vcredistUI13DB.txt [2009-03-14 18:18:56 | 00,560,836 | ---- | C] () -- C:\Users\Jarek\AppData\Local\dd_vcredistMSI135F.txt [2009-03-14 18:18:55 | 00,014,336 | ---- | C] () -- C:\Users\Jarek\AppData\Local\dd_vcredistUI135F.txt [2009-02-18 19:04:29 | 00,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2009-02-18 19:00:12 | 00,000,026 | ---- | C] () -- C:\Windows\CDERX585EXPORT.ini [2009-02-02 20:00:21 | 00,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009-02-02 20:00:21 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2009-02-02 19:59:40 | 00,049,664 | ---- | C] () -- C:\Users\Jarek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-02-01 20:05:57 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-02-01 19:37:22 | 00,023,300 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009-02-01 11:32:13 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2009-02-01 11:26:20 | 00,052,776 | ---- | C] () -- C:\Users\Jarek\AppData\Local\GDIPFONTCACHEV1.DAT [2009-02-01 11:25:59 | 00,000,732 | ---- | C] () -- C:\Users\Jarek\AppData\Local\d3d9caps64.dat [2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2007-08-01 05:39:28 | 00,012,536 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2006-11-02 17:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006-11-02 17:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2006-11-02 14:34:27 | 00,000,256 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 14:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [color=#E56717]========== LOP Check ==========[/color] [2006-11-02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming [2006-11-02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs [2006-11-02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming [2006-11-02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs [2009-10-18 21:12:47 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming [2009-02-17 15:20:32 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Ahead [2009-10-19 19:04:21 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\BITS [2009-02-18 20:14:43 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\CORPUS [2009-04-25 19:15:26 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\DAEMON Tools Lite [2009-09-18 20:01:32 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Dexpot [2009-04-24 19:39:39 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Download Manager [2009-02-26 15:49:57 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\EPSON [2009-10-15 22:18:24 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\FileZilla [2009-02-02 19:52:59 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Foxit [2009-02-01 21:05:51 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Gadu-Gadu [2009-10-08 21:11:36 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\gtk-2.0 [2009-02-09 22:51:08 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\JAlbum [2006-11-02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Media Center Programs [2009-10-04 21:51:44 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Notepad++ [2009-02-19 20:56:44 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Nowe Gadu-Gadu [2009-03-15 17:27:07 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Nvu [2009-07-19 16:22:39 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\OpenFM [2009-02-01 21:47:56 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\OpenOffice.org [2009-08-17 19:42:21 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Opera [2009-10-15 17:40:43 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Panasonic [2009-06-12 19:27:05 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\SmartDraw [2009-03-22 12:59:43 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\Thinstall [2009-10-18 21:16:34 | 00,000,000 | ---D | M] -- C:\Users\Jarek\AppData\Roaming\uTorrent [2009-10-19 18:36:34 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2009-10-18 23:10:18 | 00,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009-10-19 18:55:06 | 00,000,474 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A4CBE02B-D97B-4CAD-93F7-05A0CA424710}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 650 bytes -> C:\Users\Jarek\Documents\allegro.eml:OECustomProperty @Alternate Data Stream - 482 bytes -> C:\Users\Jarek\Documents\Fw_.eml:OECustomProperty @Alternate Data Stream - 191 bytes -> C:\ProgramData\TEMP:D00F0074 < End of report >

**Posty:** 18165 · przez **wojtas** 19 Paź 2009, 21:18

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware (usuń co znajdzie )