Logi otl do sprawdzenia (komp muli + resety przeglądarki)

[Melonix]

Witam
Mam dwa problemy. Pierwszy to kwestia mulącego kompa (nie ma jakiejś tragedii ale kiedyś z pewnością działał szybciej). Druga kwestia to samoczynne resety przeglądarki internetowej. Problem z przeglądarką występuje niezależnie czy jest to IE, Firefox, Maxthon czy też Opera. (Polega to na tym, iż wyskakuje komunikat w stylu: nastąpił niespodziewany błąd - uruchom przeglądarkę ponownie). Dodatkowo zaniepokoiły mnie nieznane programy w procesach systemowych. Poniżej logi z OTL

OTL:

Kod: Zaznacz wszystko

OTL logfile created on: 2009-10-24 15:43:47 - Run 1
OTL by OldTimer - Version 3.0.22.1     Folder = C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,48 Mb Total Physical Memory | 222,81 Mb Available Physical Memory | 43,56% Memory free
1,01 Gb Paging File | 0,58 Gb Available in Paging File | 57,67% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 7,23 Gb Free Space | 14,81% Space Free | Partition Type: NTFS
Drive D: | 137,48 Gb Total Space | 7,59 Gb Free Space | 5,52% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 26,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: A-E7E581A9253C4
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-10-24 15:37:36 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\OTL.exe
PRC - [2009-09-12 11:28:14 | 00,114,688 | ---- | M] () -- C:\Program Files\blueconnect\blueconnect.exe
PRC - [2009-08-28 13:13:02 | 00,832,808 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2008-12-23 10:54:01 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008-10-17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2008-10-11 19:07:14 | 00,659,456 | ---- | M] (Steamcore.se) -- C:\Documents and Settings\admin.A-E7E581A9253C4\Ustawienia lokalne\Dane aplikacji\Screamer Radio\screamer.exe
PRC - [2007-11-14 12:54:24 | 02,131,392 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2007-08-23 14:35:00 | 00,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007-06-13 08:16:02 | 00,528,384 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2006-11-23 15:10:42 | 00,056,928 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2004-08-04 01:55:54 | 01,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-04 00:44:24 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2003-12-12 11:31:00 | 00,335,872 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2003-12-12 06:40:50 | 00,397,312 | ---- | M] () -- C:\WINDOWS\System32\Ati2evxx.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-09-12 11:57:23 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Stopped])
SRV - [2009-06-05 23:00:14 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008-12-23 10:54:01 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [On_Demand | Running])
SRV - [2008-10-17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice [Auto | Running])
SRV - [2008-10-17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService [Auto | Running])
SRV - [2008-10-17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr [Auto | Running])
SRV - [2008-10-17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr [Auto | Running])
SRV - [2007-08-23 14:35:00 | 03,192,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2007-08-23 14:35:00 | 00,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
SRV - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Stopped])
SRV - [2005-08-08 06:54:00 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Stopped])
SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2003-12-12 11:31:00 | 00,516,096 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2003-12-12 06:40:50 | 00,397,312 | ---- | M] () -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-04-12 14:50:49 | 00,028,400 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2009-02-25 11:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2009-02-19 13:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP [On_Demand | Running])
DRV - [2009-02-19 13:31:42 | 00,031,280 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM [On_Demand | Stopped])
DRV - [2009-02-19 13:31:16 | 00,184,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI [System | Running])
DRV - [2009-02-19 13:31:16 | 00,096,560 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW [On_Demand | Running])
DRV - [2009-02-19 13:31:16 | 00,038,576 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS [On_Demand | Running])
DRV - [2009-02-19 13:31:16 | 00,037,424 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS [On_Demand | Running])
DRV - [2009-02-19 13:31:16 | 00,022,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV [On_Demand | Running])
DRV - [2009-02-19 13:31:16 | 00,013,616 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS [On_Demand | Running])
DRV - [2009-02-19 11:00:00 | 00,876,144 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090321.019\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
DRV - [2009-02-19 11:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090321.019\NAVENG.SYS -- (NAVENG [On_Demand | Running])
DRV - [2008-12-23 11:01:34 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
DRV - [2008-12-05 00:57:50 | 00,250,224 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20090310.004\SymIDSCo.sys -- (SYMIDSCO [On_Demand | Running])
DRV - [2008-09-05 15:31:42 | 00,447,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [System | Running])
DRV - [2008-07-30 18:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\COH_Mon.sys -- (COH_Mon [On_Demand | Stopped])
DRV - [2008-07-24 12:02:36 | 00,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard [On_Demand | Running])
DRV - [2007-12-01 00:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SRTSPL.SYS -- (SRTSPL [On_Demand | Stopped])
DRV - [2007-12-01 00:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SRTSP.SYS -- (SRTSP [System | Running])
DRV - [2007-12-01 00:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SRTSPX.SYS -- (SRTSPX [System | Running])
DRV - [2007-04-23 15:54:50 | 00,100,488 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115mgmt.sys -- (s115mgmt [On_Demand | Stopped])
DRV - [2007-04-23 15:54:50 | 00,098,568 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115obex.sys -- (s115obex [On_Demand | Stopped])
DRV - [2007-04-23 15:54:48 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115mdm.sys -- (s115mdm [On_Demand | Stopped])
DRV - [2007-04-23 15:54:48 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115mdfl.sys -- (s115mdfl [On_Demand | Stopped])
DRV - [2007-04-23 15:54:46 | 00,083,208 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115bus.sys -- (s115bus [On_Demand | Stopped])
DRV - [2005-04-18 13:30:20 | 00,805,440 | R--- | M] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys -- (cmuda [On_Demand | Running])
DRV - [2005-03-05 02:10:38 | 00,157,696 | R--- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2005-02-11 10:24:24 | 00,079,488 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k750obex.sys -- (k750obex [On_Demand | Stopped])
DRV - [2005-02-11 10:22:48 | 00,081,728 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k750mgmt.sys -- (k750mgmt [On_Demand | Stopped])
DRV - [2005-02-11 10:21:10 | 00,089,872 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k750mdm.sys -- (k750mdm [On_Demand | Stopped])
DRV - [2005-02-11 10:21:02 | 00,006,576 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k750mdfl.sys -- (k750mdfl [On_Demand | Stopped])
DRV - [2005-02-11 10:19:20 | 00,055,216 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k750bus.sys -- (k750bus [On_Demand | Stopped])
DRV - [2004-10-15 12:50:20 | 00,015,295 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys -- (BrScnUsb [On_Demand | Running])
DRV - [2004-08-04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2004-08-04 00:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2004-08-03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2003-12-12 06:50:04 | 00,647,680 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2002-07-17 08:53:02 | 00,016,877 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32 [System | Running])
DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2001-08-17 22:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\sfmanm.sys -- (sfman [On_Demand | Stopped])
DRV - [2001-08-17 22:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctlfacem.sys -- (emu10k1 [On_Demand | Stopped])
DRV - [2001-08-17 22:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\emu10k1m.sys -- (emu10k [On_Demand | Stopped])
DRV - [2001-08-17 22:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Stopped])

[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-10-24 15:37:36 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\OTL.exe
MOD - [2006-12-21 14:30:44 | 00,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll
MOD - [2004-08-04 00:42:34 | 01,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-789336058-220523388-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-789336058-220523388-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-789336058-220523388-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-789336058-220523388-682003330-1003\S-1-5-21-789336058-220523388-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: SignPlugin@bph.pl:1.3.0.90
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3789
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-09-12 11:57:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-12 00:29:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-12 11:57:45 | 00,000,000 | ---D | M]

[2008-12-14 20:25:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\mozilla\Extensions
[2008-12-14 20:25:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-10-02 15:26:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\mozilla\Firefox\Profiles\nfo5j38d.default\extensions
[2008-12-26 13:52:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\mozilla\Firefox\Profiles\nfo5j38d.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009-05-12 00:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\mozilla\Firefox\Profiles\nfo5j38d.default\extensions\SignPlugin@bph.pl
[2009-10-23 02:14:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-12 00:29:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-08-23 16:26:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-09-12 11:57:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009-09-12 00:29:13 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-12 00:29:14 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-09-12 11:57:24 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009-09-12 00:29:17 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2001-09-10 06:47:38 | 00,103,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009-07-26 12:02:06 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-03-30 20:27:19 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-03-30 20:27:19 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-03-30 20:27:19 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-03-30 20:27:19 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-03-30 20:27:19 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-03-30 20:27:19 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-789336058-220523388-682003330-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Cmaudio]  File not found
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton AntiVirus\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-789336058-220523388-682003330-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-789336058-220523388-682003330-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-220523388-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/pi/components/SignActivX.cab (SignActivX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll ()
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-09-09 21:40:51 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008-12-21 19:54:41 | 00,000,274 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008-10-26 19:52:16 | 00,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-10-11 13:01:18 | 00,000,049 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{030f7fca-e656-11dd-94ef-003005560bbf}\Shell\Auto\command - "" = E:\fun.xls.exe -- File not found
O33 - MountPoints2\{1c7cbbde-d446-11dd-94bf-003005560bbf}\Shell\AutoRun\command - "" = lcw.exe
O33 - MountPoints2\{1c7cbbde-d446-11dd-94bf-003005560bbf}\Shell\open\Command - "" = lcw.exe
O33 - MountPoints2\{2b179363-ed74-11dd-9509-003005560bbf}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe -- File not found
O33 - MountPoints2\{2b179363-ed74-11dd-9509-003005560bbf}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe -- File not found
O33 - MountPoints2\{33258c90-a85c-11de-9596-000b6a5088b3}\Shell - "" = AutoRun
O33 - MountPoints2\{33258c90-a85c-11de-9596-000b6a5088b3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2008-10-26 19:52:16 | 00,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{33258c91-a85c-11de-9596-000b6a5088b3}\Shell - "" = AutoRun
O33 - MountPoints2\{33258c91-a85c-11de-9596-000b6a5088b3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2008-10-26 19:52:16 | 00,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7020e716-9f7e-11de-958c-000b6a5088b3}\Shell - "" = AutoRun
O33 - MountPoints2\{7020e716-9f7e-11de-958c-000b6a5088b3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2008-10-26 19:52:16 | 00,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{af239c6c-cf95-11dd-a6ee-806d6172696f}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe
O33 - MountPoints2\{af239c6c-cf95-11dd-a6ee-806d6172696f}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-07-26 16:58:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\CyberLink
[2009-08-23 16:25:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Skype
[2009-07-29 15:48:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Sony Ericsson
[2009-07-29 15:48:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Teleca
[2009-07-29 16:22:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP
[2009-07-26 16:58:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\CyberLink
[2009-07-29 16:22:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\MyPhoneExplorer
[2009-10-02 15:21:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Opera
[2009-07-27 11:09:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\ScanSoft
[2009-08-23 16:29:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Skype
[2009-08-23 16:32:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\skypePM
[2009-07-29 15:52:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Sony Ericsson
[2009-09-12 11:55:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Sun
[2009-07-29 16:01:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Teleca
[2009-10-02 15:21:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Ustawienia lokalne\Dane aplikacji\Opera
[2009-07-29 15:53:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Ustawienia lokalne\Dane aplikacji\Sony Ericsson
[2009-08-23 16:25:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009-07-29 15:52:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Ericsson Shared
[2009-07-29 15:52:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Teleca Shared
[2009-09-12 11:27:43 | 00,000,000 | ---D | C] -- C:\Program Files\blueconnect
[2009-10-16 21:53:32 | 00,000,000 | ---D | C] -- C:\Program Files\Cool PDF Reader 2
[2009-07-26 16:55:05 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2009-08-17 13:31:24 | 00,000,000 | ---D | C] -- C:\Program Files\DBF Viewer 2000
[2009-09-12 11:59:19 | 00,000,000 | ---D | C] -- C:\Program Files\ELRATY DESKTOP
[2009-09-12 11:57:17 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009-07-29 16:22:19 | 00,000,000 | ---D | C] -- C:\Program Files\MyPhoneExplorer
[2009-10-02 15:20:36 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009-08-23 16:25:49 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009-07-29 15:52:00 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2009-10-24 15:37:34 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\OTL.exe
[2009-10-24 14:38:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\Lama, Betterwara, Nicolas
[2009-10-24 12:58:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2009-10-24 10:50:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009-10-24 04:09:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009-10-24 04:09:42 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009-10-24 04:09:41 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009-10-24 04:00:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009-10-15 15:49:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\NLP & Samodoskonalenie
[2009-09-12 11:57:45 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009-09-12 11:57:44 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009-09-12 11:57:44 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009-09-12 11:57:44 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009-09-12 11:57:44 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009-09-12 11:30:19 | 00,621,056 | ---- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys
[2009-09-12 11:30:19 | 00,113,664 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2009-09-12 11:30:19 | 00,101,376 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2009-09-12 11:30:19 | 00,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2009-09-05 15:21:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\gary (na własną rękę)
[2009-08-24 18:06:24 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2009-08-24 18:06:23 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009-08-24 18:06:22 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009-08-24 18:06:22 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009-08-17 14:13:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\dane do urlopów i wypadów
[2009-07-29 16:02:00 | 00,100,488 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mgmt.sys
[2009-07-29 16:01:56 | 00,098,568 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115obex.sys
[2009-07-29 16:01:43 | 00,108,680 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mdm.sys
[2009-07-29 16:01:43 | 00,015,112 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mdfl.sys
[2009-07-29 16:01:43 | 00,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115cmnt.sys
[2009-07-29 16:01:43 | 00,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115cm.sys
[2009-07-29 16:01:38 | 00,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115whnt.sys
[2009-07-29 16:01:37 | 00,083,208 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115bus.sys
[2009-07-29 16:01:37 | 00,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115wh.sys
[2009-07-29 15:51:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009-07-27 11:09:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Moje dokumenty\Moje dokumenty programu PaperPort
[2009-07-26 18:12:39 | 00,045,056 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\WNASPI2K.BAK
[2009-07-26 18:12:39 | 00,005,600 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WINASPI.BAK
[2009-07-26 18:12:39 | 00,004,672 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WOWPOST.BAK
[2009-07-26 18:12:38 | 00,016,877 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI2K.BAK
[2009-07-26 16:56:33 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll

[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-10-24 15:37:36 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\OTL.exe
[2009-10-24 13:06:38 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-10-24 10:49:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-24 10:49:19 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-24 10:49:09 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2009-10-21 22:22:37 | 00,079,360 | ---- | M] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-20 23:15:16 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\Microsoft Word.lnk
[2009-10-20 19:07:47 | 00,000,030 | ---- | M] () -- C:\WINDOWS\TextSpy.ini
[2009-10-19 20:00:11 | 00,000,602 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Uruchom pełne skanowanie systemu - admin.job
[2009-10-18 21:48:30 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-10-16 21:53:33 | 00,000,685 | ---- | M] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\Cool PDF Reader.lnk
[2009-10-05 23:36:06 | 00,000,366 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2009-10-05 23:31:01 | 00,000,447 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2009-10-02 15:20:46 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Opera.lnk
[2009-10-01 00:53:00 | 00,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2009-09-24 10:27:35 | 02,588,323 | ---- | M] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Moje dokumenty\DSC02365_2.JPG
[2009-09-12 11:59:18 | 00,001,427 | ---- | M] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\ED.lnk
[2009-09-12 11:57:22 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009-09-12 11:57:22 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009-09-12 11:57:22 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009-09-12 11:57:22 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009-09-12 11:57:21 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009-09-12 11:33:52 | 00,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-09-12 11:33:52 | 00,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-09-12 11:33:52 | 00,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-09-12 11:33:52 | 00,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-09-12 11:33:52 | 00,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-08-23 16:32:57 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-08-17 20:52:18 | 00,000,056 | ---- | M] () -- C:\WINDOWS\Kulki.ini
[2009-08-12 18:53:45 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\Nuance Image Printer Writer Port
[2009-08-05 16:12:57 | 00,029,184 | ---- | M] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Moje dokumenty\formularz pcc-3 jak wypełnić.doc
[2009-08-05 16:08:53 | 00,090,329 | ---- | M] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Moje dokumenty\formularz_pcc3.pdf
[2009-07-27 23:49:40 | 06,401,498 | -H-- | M] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Ustawienia lokalne\Dane aplikacji\IconCache.db

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-16 21:53:33 | 00,000,685 | ---- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\Cool PDF Reader.lnk
[2009-10-02 15:20:46 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Opera.lnk
[2009-09-24 10:27:30 | 02,588,323 | ---- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Moje dokumenty\DSC02365_2.JPG
[2009-09-12 11:59:18 | 00,001,427 | ---- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Pulpit\ED.lnk
[2009-08-23 16:32:57 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-08-05 16:13:11 | 00,029,184 | ---- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Moje dokumenty\formularz pcc-3 jak wypełnić.doc
[2009-08-05 16:13:10 | 00,090,329 | ---- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Moje dokumenty\formularz_pcc3.pdf
[2009-07-27 11:09:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\Nuance Image Printer Writer Port
[2009-06-06 14:25:11 | 00,000,056 | ---- | C] () -- C:\WINDOWS\Kulki.ini
[2009-06-06 01:01:31 | 00,023,920 | ---- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-06-05 10:18:41 | 00,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2009-06-05 10:18:34 | 00,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2009-05-20 20:32:39 | 00,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009-05-20 20:32:39 | 00,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009-05-20 20:26:45 | 00,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009-05-11 23:34:59 | 00,210,032 | ---- | C] () -- C:\WINDOWS\System32\DBCLIENT.DLL
[2009-04-27 22:47:30 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-04-27 22:47:27 | 00,453,138 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009-04-27 22:47:25 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-04-27 22:47:25 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-04-27 22:47:25 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-04-27 22:47:21 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009-04-27 22:47:21 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-04-11 19:35:16 | 00,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009-02-07 18:26:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Route.INI
[2009-01-10 15:37:44 | 00,000,447 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009-01-10 15:37:01 | 00,000,366 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009-01-03 02:43:06 | 00,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2008-12-24 21:19:15 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-12-24 21:19:14 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008-12-24 20:40:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2008-12-24 14:53:56 | 00,079,360 | ---- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-12-22 00:22:35 | 06,401,498 | -H-- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2008-12-22 00:19:50 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\desktop.ini
[2008-12-21 21:39:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\desktop.ini
[2004-08-04 00:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-07-17 11:36:38 | 00,028,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003-12-12 06:42:14 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2001-07-21 23:16:20 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 23:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-10-02 15:21:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji
[2009-06-05 10:22:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\ACD Systems
[2008-12-24 14:27:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Ashampoo
[2009-05-20 20:56:47 | 00,000,000 | R--D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Brother
[2009-07-26 16:58:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\CyberLink
[2009-10-24 15:39:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\foobar2000
[2008-09-09 23:27:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Gadu-Gadu
[2009-01-03 01:50:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\InterTrust
[2009-07-29 16:45:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\MyPhoneExplorer
[2009-10-02 15:21:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Opera
[2009-07-27 11:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\ScanSoft
[2009-07-29 16:02:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Teleca
[2009-08-16 00:13:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\uTorrent
[2009-01-15 15:20:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.A-E7E581A9253C4\Dane aplikacji\Watchtower
[2008-09-22 10:22:04 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2008-09-09 23:21:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2008-09-22 10:22:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2009-08-23 16:25:42 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji
[2009-05-20 20:22:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Brother
[2009-07-26 16:58:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\CyberLink
[2009-06-06 00:58:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\FLEXnet
[2009-05-20 20:26:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ScanSoft
[2009-07-29 15:52:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Teleca
[2009-07-29 16:22:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP
[2008-09-09 23:32:20 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2008-12-21 21:39:35 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User.WINDOWS\Dane aplikacji
[2008-09-09 21:44:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2008-09-29 22:05:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Dane aplikacji
[2008-10-06 12:08:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.ZARZĄDZANIE NT.000\Dane aplikacji
[2008-10-20 21:18:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.ZARZĄDZANIE NT.001\Dane aplikacji
[2008-10-26 21:54:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.ZARZĄDZANIE NT.002\Dane aplikacji
[2008-11-30 20:54:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.ZARZĄDZANIE NT.003\Dane aplikacji
[2008-12-14 19:02:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.ZARZĄDZANIE NT.004\Dane aplikacji
[2008-12-21 22:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.ZARZĄDZANIE NT.005\Dane aplikacji
[2008-09-09 21:44:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2008-09-29 22:05:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Dane aplikacji
[2008-10-06 12:08:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT.000\Dane aplikacji
[2008-10-20 21:18:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT.001\Dane aplikacji
[2008-10-26 21:54:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT.002\Dane aplikacji
[2008-11-30 20:54:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT.003\Dane aplikacji
[2008-12-14 19:02:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT.004\Dane aplikacji
[2008-12-21 22:16:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT.005\Dane aplikacji
[2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-10-19 20:00:11 | 00,000,602 | ---- | M] () -- C:\WINDOWS\Tasks\Norton AntiVirus - Uruchom pełne skanowanie systemu - admin.job
[2009-10-24 10:49:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:8FF81EB0
< End of report >



[wojtas]

odinstaluj:

AskBarDis

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - AutoRun File - [2008-12-21 19:54:41 | 00,000,274 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008-10-26 19:52:16 | 00,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-10-11 13:01:18 | 00,000,049 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{030f7fca-e656-11dd-94ef-003005560bbf}\Shell\Auto\command - "" = E:\fun.xls.exe -- File not found
O33 - MountPoints2\{1c7cbbde-d446-11dd-94bf-003005560bbf}\Shell\AutoRun\command - "" = lcw.exe
O33 - MountPoints2\{1c7cbbde-d446-11dd-94bf-003005560bbf}\Shell\open\Command - "" = lcw.exe
O33 - MountPoints2\{2b179363-ed74-11dd-9509-003005560bbf}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe -- File not found
O33 - MountPoints2\{2b179363-ed74-11dd-9509-003005560bbf}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe -- File not found
O33 - MountPoints2\{33258c90-a85c-11de-9596-000b6a5088b3}\Shell - "" = AutoRun
O33 - MountPoints2\{33258c90-a85c-11de-9596-000b6a5088b3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2008-10-26 19:52:16 | 00,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{33258c91-a85c-11de-9596-000b6a5088b3}\Shell - "" = AutoRun
O33 - MountPoints2\{33258c91-a85c-11de-9596-000b6a5088b3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2008-10-26 19:52:16 | 00,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7020e716-9f7e-11de-958c-000b6a5088b3}\Shell - "" = AutoRun
O33 - MountPoints2\{7020e716-9f7e-11de-958c-000b6a5088b3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2008-10-26 19:52:16 | 00,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{af239c6c-cf95-11dd-a6ee-806d6172696f}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe
O33 - MountPoints2\{af239c6c-cf95-11dd-a6ee-806d6172696f}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db1b3e60-05ac-11de-a5d3-00001cd72a97}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. I potwierdz reset kompa .

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware (usuń co znajdzie )