Aktualizacja windowsa + zamulony komp

[magdat]

Witam,
od jakiegos czasu juz wyskakuje mi permanentna aktualizacja Windowsa (wciaz jedna i ta sama: aktualizacja zabezpieczen dla systemu windows xp z dodatkiem SP3 (KB952069). Nie wiem czemu tak sie dzieje. Na poczatku aktualizowalam to za kazdym razem, potem juz mi sie nie chcialo i wisiala mi ta zolta tarcza, ale taraz juz mnie to zaczyna draznic i chcialabym wyjasnic, co sie dzieje.

Poza tym, wydaje mi sie, ze od jakiegos czasu wolniej otwiera mi sie FF, ale tyllko to pierwsze otwarcie po wlaczeniu systemu. Moglbys spr logi przy okazji?
I trzecia sprawa - uzywam teraz antyvirusa AVG (fre edition), natomiast mam mozliwosc sciagniecia sobie za darmo MacAffiego, myslisz, ze warto zamieniac?

Log z OTL 1

Kod: Zaznacz wszystko

OTL logfile created on: 2011-09-26 09:03:41 - Run 1
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Documents and Settings\Magda\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,11 Mb Total Physical Memory | 343,89 Mb Available Physical Memory | 33,65% Memory free
2,40 Gb Paging File | 1,82 Gb Available in Paging File | 75,83% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 6,46 Gb Free Space | 33,10% Space Free | Partition Type: NTFS
Drive D: | 92,25 Gb Total Space | 39,91 Gb Free Space | 43,27% Space Free | Partition Type: NTFS

Computer Name: MADZIA | User Name: Magda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-09-26 09:02:16 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magda\Pulpit\OTL.exe
PRC - [2011-09-19 19:34:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-09-09 17:43:18 | 001,220,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-09-08 06:46:00 | 002,401,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-09-01 06:16:22 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-12 06:10:32 | 000,973,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-01-02 18:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005-10-28 16:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011-09-19 19:34:40 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010-10-09 10:17:19 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2af7e345\mscorlib.dll
MOD - [2010-10-09 10:17:16 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_82e9bb9d\system.drawing.dll
MOD - [2010-10-09 10:17:11 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_d9cf20b0\system.xml.dll
MOD - [2010-10-09 10:17:07 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c9847009\system.windows.forms.dll
MOD - [2010-10-09 10:16:55 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_06b18662\system.dll
MOD - [2010-10-09 10:16:46 | 001,265,664 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2010-10-09 10:16:46 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010-02-27 16:32:21 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2010-02-27 16:32:21 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010-02-27 16:32:21 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2010-02-27 16:32:21 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2010-02-27 16:32:21 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2010-02-27 16:31:57 | 000,237,568 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-02-27 16:31:57 | 000,180,224 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_pl_b77a5c561934e089\system.windows.forms.resources.dll
MOD - [2001-10-28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011-09-01 06:16:22 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 01:14:30 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-07-11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011-07-11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-07-11 01:13:46 | 000,229,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-07-11 01:13:42 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-06-12 16:14:31 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-06-12 16:14:30 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011-06-02 07:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011-06-02 07:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011-06-02 07:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011-06-02 07:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011-05-14 14:51:46 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-12-21 07:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-02-27 18:00:55 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2010-02-11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008-04-13 20:40:50 | 000,149,376 | ---- | M] (M-Systems) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tffsport.sys -- (tffsport)
DRV - [2006-10-12 10:52:04 | 004,387,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-05-23 23:06:36 | 001,578,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005-09-30 12:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1614895754-515967899-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011-09-25 21:16:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-09-19 19:34:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-09-19 19:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-02-27 17:04:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Extensions
[2011-05-04 19:51:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\a8cy9ez8.default\extensions
[2010-04-28 22:28:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\a8cy9ez8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-11-04 19:39:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\a8cy9ez8.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2011-06-25 14:40:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-20 23:18:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-13 19:17:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-01 14:22:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-02-09 22:44:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-05-15 15:22:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011-06-25 14:40:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-09-25 21:16:03 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2011-05-15 15:22:13 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-09-19 19:34:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-02-21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-03-22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-01-24 21:08:06 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-05-14 00:08:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-1614895754-515967899-839522115-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-515967899-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab (Windows Live Safety Center Base Module)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EB5A895-A0E6-4247-A3EF-3AA72E63AD14}: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-27 16:13:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-09-26 09:02:13 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Magda\Pulpit\OTL.exe
[2011-09-25 21:54:12 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011-09-25 21:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\AVG2012
[2011-09-25 21:16:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-09-25 21:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2012
[2011-09-25 21:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-09-25 21:13:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011-09-25 21:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011-09-25 21:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-09-19 20:44:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\A2 Entertainment
[2011-09-05 20:03:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\Legends1
[2011-08-31 11:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Islands
[2011-08-31 09:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\PeaceCraft3
[2011-08-31 09:41:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\10411042
[2011-08-31 08:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\aliasworlds
[2011-08-30 18:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PlayFirst
[2011-08-28 20:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\Twilight Games
[2011-08-28 15:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\Casual Box
[2011-08-28 15:39:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\dekovir
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-09-26 09:02:16 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magda\Pulpit\OTL.exe
[2011-09-26 08:53:55 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-515967899-839522115-1004.job
[2011-09-26 08:53:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-09-26 08:51:17 | 000,000,106 | ---- | M] () -- C:\Documents and Settings\Magda\default.pls
[2011-09-26 08:51:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-09-26 08:37:35 | 105,088,153 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011-09-25 21:37:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-515967899-839522115-1004.job
[2011-09-25 09:50:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-09-19 21:19:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-09-09 11:12:03 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-09-26 08:51:17 | 000,000,106 | ---- | C] () -- C:\Documents and Settings\Magda\default.pls
[2011-09-26 08:37:35 | 105,088,153 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011-06-27 21:59:04 | 000,983,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2011-06-25 18:04:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2011-06-12 16:14:31 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011-06-12 16:14:30 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011-06-07 11:13:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011-06-07 11:13:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011-06-07 11:13:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011-06-07 11:13:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011-02-01 20:53:11 | 000,000,142 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2010-11-11 13:01:29 | 000,001,651 | ---- | C] () -- C:\WINDOWS\System32\netmsmqa.exe
[2010-10-17 16:06:15 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-09-05 19:53:34 | 000,000,234 | ---- | C] () -- C:\WINDOWS\Fakturka.ini
[2010-08-16 18:44:58 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010-06-29 22:32:59 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-23 15:16:41 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010-06-13 09:00:11 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010-03-13 21:21:05 | 000,000,980 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010-03-07 02:51:10 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-27 18:21:24 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-02-27 18:21:21 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-02-27 18:10:41 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-02-27 17:04:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-02-27 17:02:18 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-02-27 17:01:11 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-27 16:47:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010-02-27 16:42:04 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010-02-27 16:31:59 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-02-27 16:28:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-02-27 16:19:41 | 000,001,112 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010-02-27 16:07:58 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-06-07 16:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-06-07 16:16:12 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-01-28 20:50:44 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2004-08-04 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004-08-04 14:00:00 | 000,504,178 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2004-08-04 14:00:00 | 000,444,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004-08-04 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2004-08-04 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004-08-04 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004-08-04 14:00:00 | 000,090,714 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2004-08-04 14:00:00 | 000,072,660 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004-08-04 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004-08-04 14:00:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ipssec6.exe
[2004-08-04 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2004-08-04 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004-08-04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-08-04 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003-07-30 11:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003-07-30 10:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-03-30 22:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011-08-31 08:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\aliasworlds
[2011-08-30 13:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Artist Colony
[2011-09-25 21:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-09-26 08:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Big Fish Games
[2011-09-25 21:16:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-05-15 21:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-12-25 14:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-02-27 18:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-06-20 17:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2011-08-31 12:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Islands
[2010-09-04 18:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iWin
[2011-09-26 08:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-04-21 21:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound
[2010-06-20 18:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-06-20 18:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-06-19 20:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Play
[2011-08-30 18:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PlayFirst
[2011-08-06 10:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-09-06 19:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-07-29 20:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualFarm2
[2011-09-19 20:44:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\A2 Entertainment
[2010-08-26 18:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\AlderGames
[2011-04-03 10:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\aliasworlds
[2010-09-22 19:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Artifex Mundi
[2011-06-25 17:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Avanquest
[2010-11-26 23:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Avenue Flo - Special Delivery Strategy Guide
[2011-09-25 21:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\AVG2012
[2010-06-25 20:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\AVI ReComp
[2010-10-10 20:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Bear's dream
[2010-11-09 18:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Big Fish Games
[2010-09-20 22:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Big Splash Games
[2010-08-16 18:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\BitComet
[2010-09-04 17:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\blg
[2010-09-04 17:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Boolat Games
[2011-08-28 15:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Casual Box
[2011-05-15 21:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\DAEMON Tools Lite
[2010-02-27 17:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\DAEMON Tools Pro
[2011-08-28 15:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\dekovir
[2011-01-31 14:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\DivoGames
[2010-10-15 19:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Dreamscape_Saves
[2010-11-13 20:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Elephant Games
[2010-11-12 21:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ERS Game Studios
[2010-12-25 14:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ESET
[2011-06-13 14:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Farm 2
[2011-05-07 15:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Farm Mania 2.1
[2010-11-03 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\FarmerJane
[2010-06-20 18:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Floodlight Games
[2010-05-03 20:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\freshgames
[2010-09-20 22:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Friday's games
[2011-02-15 00:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Fugazo
[2010-02-27 18:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Gadu-Gadu 10
[2011-07-29 21:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Gamelab
[2010-07-04 23:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Gamers Digital
[2011-03-23 21:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\HdO Adventure
[2011-01-26 22:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Islands
[2011-06-23 20:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Islands2
[2010-09-04 18:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\iWin
[2010-11-10 13:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Jetdogs Studios
[2010-08-16 18:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Jumb-O-Fun Games
[2010-09-04 17:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Lonely Troops
[2011-03-06 20:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Ludia
[2011-03-14 17:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Magic Seeds
[2011-05-15 16:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ManifestoGames
[2011-06-23 20:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Meridian93
[2010-03-22 20:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\My Games
[2011-04-21 21:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\NCH Swift Sound
[2010-06-06 14:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\NevoSoft Games
[2011-07-10 15:25:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PathToSuccess
[2010-06-20 18:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PC Suite
[2010-12-16 00:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PCToolsFirewallPlus
[2010-02-27 20:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PCToolsSpamMonitorPlus
[2010-05-14 21:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Peace Craft
[2010-09-01 12:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PeaceCraft2
[2011-08-31 09:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PeaceCraft3
[2011-04-23 19:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Ph03nixNewMedia
[2011-06-25 20:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PlayFirst
[2011-05-10 21:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\playmink
[2010-09-04 17:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Rabbit's Magic Adventures
[2010-11-28 19:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Roads Of Rome
[2010-11-13 19:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Robin Hood
[2011-07-18 19:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Rovio
[2010-11-04 16:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Sahmon Games
[2011-07-19 20:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Samsung
[2011-06-25 13:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Sarah's Emergency Hospital
[2010-04-03 18:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Scrabble Plus
[2010-12-16 00:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Spam Monitor
[2010-12-28 19:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Spark Plug Games
[2010-12-05 18:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Supermarket Mania 2
[2011-05-18 21:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\thejoyoffarming
[2010-11-04 19:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\TikGames
[2011-08-28 20:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Twilight Games
[2010-11-09 18:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Ubisoft
[2011-09-26 09:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\uTorrent
[2011-02-24 21:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ViquaSoft
[2011-06-19 19:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\WendigoStudios
[2011-07-24 18:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\World-LooM
[2011-06-21 16:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\YoudaGames

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:78E0DF72
@Alternate Data Stream - 165 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:084B0270
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:85AA7074
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:F5FC5DCE
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6E1F359F
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4B244549
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:18BFD8F8
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:86E0BFC8
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C3AD9507
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:517B507A
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:744478A2
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6268C8DB
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:073139EC
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DDEB08FD
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:16F4BC64
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E6708F08
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6423D635
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:12EA4DC9
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B1FBA7E1
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:260575F1
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4673E9EA
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:ADF211B1

< End of report >


Log z OTL 2

Kod: Zaznacz wszystko

OTL Extras logfile created on: 2011-09-26 09:03:41 - Run 1
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Documents and Settings\Magda\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,11 Mb Total Physical Memory | 343,89 Mb Available Physical Memory | 33,65% Memory free
2,40 Gb Paging File | 1,82 Gb Available in Paging File | 75,83% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 6,46 Gb Free Space | 33,10% Space Free | Partition Type: NTFS
Drive D: | 92,25 Gb Total Space | 39,91 Gb Free Space | 43,27% Space Free | Partition Type: NTFS

Computer Name: MADZIA | User Name: Magda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"27521:TCP" = 27521:TCP:*:Enabled:BitComet 27521 TCP
"27521:UDP" = 27521:UDP:*:Enabled:BitComet 27521 UDP
"16093:TCP" = 16093:TCP:*:Enabled:BitComet 16093 TCP
"16093:UDP" = 16093:UDP:*:Enabled:BitComet 16093 UDP
"49500:TCP" = 49500:TCP:*:Enabled:BitComet 49500 TCP
"49500:UDP" = 49500:UDP:*:Enabled:BitComet 49500 UDP
"6952:TCP" = 6952:TCP:*:Enabled:BitComet 6952
"6952:UDP" = 6952:UDP:*:Enabled:BitComet 6952
"26448:TCP" = 26448:TCP:*:Enabled:BitComet 26448 TCP
"26448:UDP" = 26448:UDP:*:Enabled:BitComet 26448 UDP
"14384:TCP" = 14384:TCP:*:Enabled:BitComet 14384 TCP
"14384:UDP" = 14384:UDP:*:Enabled:BitComet 14384 UDP
"6881:TCP" = 6881:TCP:*:Enabled:BitComet 6881 TCP
"6881:UDP" = 6881:UDP:*:Enabled:BitComet 6881 UDP
"63237:TCP" = 63237:TCP:*:Enabled:BitComet 63237 TCP
"63237:UDP" = 63237:UDP:*:Enabled:BitComet 63237 UDP
"21017:TCP" = 21017:TCP:*:Enabled:BitComet 21017 TCP
"21017:UDP" = 21017:UDP:*:Enabled:BitComet 21017 UDP
"23656:TCP" = 23656:TCP:*:Enabled:BitComet 23656 TCP
"23656:UDP" = 23656:UDP:*:Enabled:BitComet 23656 UDP

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\BitComet\BitComet.exe" = D:\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\U_Torrent\uTorrent.exe" = D:\U_Torrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"D:\Downloads\bigfish\Warcraft III\Warcraft III\Warcraft III.exe" = D:\Downloads\bigfish\Warcraft III\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
"C:\WINDOWS\Temp\mwfr\setup.exe" = C:\WINDOWS\Temp\mwfr\setup.exe:*:Enabled:nnmadltb
"C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe" = C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe:*:Enabled:SimpleSlideShowServer
"C:\Program Files\Samsung\AllShare\AllShare.exe" = C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:SamsungAllSharePCSW
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe" = C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:SamsungAllShareAgent
"C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe" = C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe:*:Enabled:SamsungAllShareServer
"C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe" = C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe:*:Enabled:SamsungAllShareHttpServer
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"D:\Downloads\Warcraft III\Warcraft III\Warcraft III.exe" = D:\Downloads\Warcraft III\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 26
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{386B6902-74AD-4579-B0BF-8841E886F041}" = ATI Catalyst Control Center
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D5219EC-BFF8-4B7F-AB92-6D827BB37CB0}" = Windows Live Messenger
"{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live
"{56839333-0802-40D6-9A50-EBB9EB2BF541}" = AVG 2012
"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BEE464A-5F56-46F8-0072-07B873751045}" = Nero 7 Demo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1713E14-4A72-4DE1-B555-5354F710D51E}" = AVG 2012
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live
"{C5096D00-8B9C-41DB-8472-9D721E982DF0}" = Podstawowe programy Windows Live
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{E143D832-0B23-11D6-B58A-204C4F4F5020}" = Components Installer
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2012
"AVI ReComp" = AVI ReComp 1.5.1
"Avisynth" = AviSynth 2.5
"Gadu-Gadu 10" = Gadu-Gadu 10
"HijackThis" = HijackThis 1.99.1
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0.2 (x86 pl)" = Mozilla Firefox 6.0.2 (x86 pl)
"OpenAL" = OpenAL
"SkanerOnline" = Skaner on-line mks_vir
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"VobSub" = VobSub 2.23
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"www.research-lab.com" = www.research-lab.com
"Xvid_is1" = Xvid 1.2.2

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-09-19 13:31:50 | Computer Name = MADZIA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje. 

Error - 2011-09-19 13:32:03 | Computer Name = MADZIA | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje. 

Error - 2011-09-25 14:49:29 | Computer Name = MADZIA | Source = McLogEvent | ID = 5004
Description =

Error - 2011-09-25 14:49:29 | Computer Name = MADZIA | Source = McLogEvent | ID = 5022
Description =

Error - 2011-09-25 14:49:29 | Computer Name = MADZIA | Source = McLogEvent | ID = 5004
Description =

Error - 2011-09-25 14:49:29 | Computer Name = MADZIA | Source = McLogEvent | ID = 5022
Description =

Error - 2011-09-25 15:34:12 | Computer Name = MADZIA | Source = ESENT | ID = 494
Description = Catalog Database (1464) Odzyskiwanie bazy danych zakończyło się niepomyślnie
z błędem -1216, ponieważ napotkano odwołania do bazy danych 'C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb',
której już nie ma. Baza danych nie została doprowadzona do spójnego stanu, zanim
została usunięta (możliwe też, że ją przeniesiono lub zmieniono jej nazwę). Aparat
bazy danych nie pozwoli na dokończenie odzyskiwania w wypadku tego wystąpienia,
dopóki brakująca baza danych nie zostanie przywrócona na miejsce. Jeśli baza danych
faktycznie nie jest już dostępna ani wymagana, skontaktuj się z działem pomocy
technicznej w celu uzyskania dodatkowych instrukcji dotyczących czynności, które
umożliwią przeprowadzenie operacji odzyskiwania bez tej bazy danych.

Error - 2011-09-25 15:34:12 | Computer Name = MADZIA | Source = ESENT | ID = 454
Description = Catalog Database (1464) Odzyskiwanie/przywracanie bazy danych nie
powiodło się z powodu nieoczekiwanego błędu: -1216.

Error - 2011-09-25 16:06:26 | Computer Name = MADZIA | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 6.0.2.4262, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-09-26 02:39:46 | Computer Name = MADZIA | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 6.0.2.4262, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

[ System Events ]
Error - 2011-09-26 02:44:02 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 02:44:02 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 02:44:02 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 02:44:02 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 02:44:02 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 02:44:02 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 02:44:02 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 02:44:03 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 02:44:03 | Computer Name = MADZIA | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2011-09-26 03:06:50 | Computer Name = MADZIA | Source = Ntfs | ID = 262199
Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku.
Uruchom
narzędzie chkdsk na woluminie C:.


< End of report >


Log z gmera

Kod: Zaznacz wszystko

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-26 10:20:08
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD12 rev.01.0
Running: gmer.exe; Driver: C:\DOCUME~1\Magda\USTAWI~1\Temp\pwtdypoc.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. )  ZwOpenProcess [0xAC578F3C]
SSDT            \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. )  ZwTerminateProcess [0xAC578FE4]
SSDT            \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. )  ZwTerminateThread [0xAC579080]
SSDT            \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. )  ZwWriteVirtualMemory [0xAC57911C]

---- Kernel code sections - GMER 1.0.15 ----

.text           C:\WINDOWS\system32\DRIVERS\atksgt.sys                                                                                      section is writeable [0xAC4AE300, 0x22020, 0xE8000020]
.text           C:\WINDOWS\system32\DRIVERS\lirsgt.sys                                                                                      section is writeable [0xB97B7300, 0x1B7E, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[3616] ntdll.dll!LdrLoadDll                                                     7C91632D 5 Bytes  JMP 00401410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                      AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                    avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                                                     SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                                                                     SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                   avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                   avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                                 avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                           
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                         0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                      0x55 0x99 0x69 0xB9 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                         0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                           
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                         1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                      0xBD 0x5D 0x02 0x43 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                       
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                             0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                          0x98 0xF9 0x34 0x21 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                       
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                             C:\Program Files\DAEMON Tools\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                             1
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                          0xE7 0xDD 0x54 0xE2 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)               
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                                    0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                                 0x15 0xA4 0x68 0x7E ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)         
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                           0x75 0xF9 0xF4 0xCA ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                       
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                             0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                          0x55 0x99 0x69 0xB9 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                             0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                       
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                             1
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                          0xBD 0x5D 0x02 0x43 ...

---- EOF - GMER 1.0.15 ----


mam jeszcze logi z dds'u - jak beda potrzebne to wkleje

[wojtas]

1. ta poprawka jest chyba do Windows Media Player 11... można wyłączyć bodajże klikając PPM na pasek startu , tam dać dostosuj i ikonkę poprostu ukryć i dać zastosuj..

2. Log z Gmera robiony w nieodpowiednich warunkach napewno odinstalowałeś wszystkie programy emulujące robiąc przy tym restart kompa ?

Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku.
Uruchom
narzędzie chkdsk na woluminie C:.

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:78E0DF72
@Alternate Data Stream - 165 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:084B0270
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:85AA7074
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:F5FC5DCE
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6E1F359F
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4B244549
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:18BFD8F8
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:86E0BFC8
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C3AD9507
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:517B507A
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:744478A2
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6268C8DB
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:073139EC
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DDEB08FD
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:16F4BC64
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E6708F08
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6423D635
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:12EA4DC9
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B1FBA7E1
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:260575F1
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4673E9EA
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:ADF211B1

:Commands
[emptytemp]
[emptyflash]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).
daj log z Ad Remover ( opcja Skan )

[/quote]
3. nie warto AVG jest dobry, polecam Avasta 6

[magdat]

Mialam Power ISO i Daemona, ale usunelam obydwa przed skanowaniem. W czasie skanowania OTLem wyskoczyl komunikat o bledzie OTLa na dysku C:\. Co robic?

Dodano Dzisiaj, 20:28:

Kod: Zaznacz wszystko

OTL logfile created on: 2011-09-27 20:20:25 - Run 2
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Documents and Settings\Magda\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,11 Mb Total Physical Memory | 186,86 Mb Available Physical Memory | 18,28% Memory free
2,40 Gb Paging File | 1,65 Gb Available in Paging File | 68,60% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 7,14 Gb Free Space | 36,55% Space Free | Partition Type: NTFS
Drive D: | 92,25 Gb Total Space | 40,30 Gb Free Space | 43,69% Space Free | Partition Type: NTFS

Computer Name: MADZIA | User Name: Magda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-09-26 09:02:16 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magda\Pulpit\OTL.exe
PRC - [2011-09-19 19:34:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-09-09 17:43:18 | 001,220,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-09-08 06:46:00 | 002,401,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-09-01 06:16:22 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-12 06:10:32 | 000,973,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-01-02 18:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005-10-28 16:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011-09-19 19:34:40 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010-10-09 10:17:19 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2af7e345\mscorlib.dll
MOD - [2010-10-09 10:17:16 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_82e9bb9d\system.drawing.dll
MOD - [2010-10-09 10:17:11 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_d9cf20b0\system.xml.dll
MOD - [2010-10-09 10:17:07 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c9847009\system.windows.forms.dll
MOD - [2010-10-09 10:16:55 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_06b18662\system.dll
MOD - [2010-10-09 10:16:46 | 001,265,664 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2010-10-09 10:16:46 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010-02-27 16:32:21 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2010-02-27 16:32:21 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010-02-27 16:32:21 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2010-02-27 16:32:21 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2010-02-27 16:32:21 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2010-02-27 16:31:57 | 000,237,568 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-02-27 16:31:57 | 000,180,224 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_pl_b77a5c561934e089\system.windows.forms.resources.dll
MOD - [2001-10-28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011-09-01 06:16:22 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 01:14:30 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-07-11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011-07-11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-07-11 01:13:46 | 000,229,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-07-11 01:13:42 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-06-12 16:14:31 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-06-12 16:14:30 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011-06-02 07:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011-06-02 07:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011-06-02 07:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011-06-02 07:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010-12-21 07:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-02-27 18:00:55 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2010-02-11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008-04-13 20:40:50 | 000,149,376 | ---- | M] (M-Systems) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tffsport.sys -- (tffsport)
DRV - [2006-10-12 10:52:04 | 004,387,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-05-23 23:06:36 | 001,578,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005-09-30 12:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1614895754-515967899-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011-09-25 21:16:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-09-19 19:34:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-09-19 19:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-02-27 17:04:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Extensions
[2011-05-04 19:51:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\a8cy9ez8.default\extensions
[2010-04-28 22:28:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\a8cy9ez8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-11-04 19:39:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\a8cy9ez8.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2011-06-25 14:40:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-20 23:18:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-13 19:17:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-01 14:22:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-02-09 22:44:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-05-15 15:22:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011-06-25 14:40:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-09-25 21:16:03 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2011-05-15 15:22:13 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-09-19 19:34:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-02-21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-03-22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-01-24 21:08:06 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-05-14 00:08:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-1614895754-515967899-839522115-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-515967899-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-515967899-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab (Windows Live Safety Center Base Module)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EB5A895-A0E6-4247-A3EF-3AA72E63AD14}: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-27 16:13:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-09-27 20:14:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-09-26 09:15:45 | 000,592,952 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Magda\Pulpit\SPTDinst-v179-x86.exe
[2011-09-26 09:13:54 | 004,228,783 | ---- | C] (Swearware) -- C:\Documents and Settings\Magda\Pulpit\ComboFix.exe
[2011-09-26 09:12:19 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Magda\Pulpit\dds.scr
[2011-09-26 09:02:13 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Magda\Pulpit\OTL.exe
[2011-09-25 21:54:12 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011-09-25 21:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\AVG2012
[2011-09-25 21:16:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-09-25 21:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2012
[2011-09-25 21:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-09-25 21:13:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011-09-25 21:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011-09-25 21:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-09-19 20:44:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\A2 Entertainment
[2011-09-05 20:03:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\Legends1
[2011-08-31 11:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Islands
[2011-08-31 09:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\PeaceCraft3
[2011-08-31 09:41:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\10411042
[2011-08-31 08:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\aliasworlds
[2011-08-30 18:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PlayFirst
[2011-08-28 20:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\Twilight Games

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-09-27 20:19:08 | 001,563,105 | ---- | M] () -- C:\Documents and Settings\Magda\Pulpit\AD-R.exe
[2011-09-27 20:16:39 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-515967899-839522115-1004.job
[2011-09-27 20:16:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-09-27 20:11:19 | 105,189,902 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.prepare
[2011-09-27 20:05:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-09-26 09:56:44 | 000,110,668 | ---- | M] () -- C:\Documents and Settings\Magda\Pulpit\1.JPG
[2011-09-26 09:16:52 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Magda\Pulpit\gmer.exe
[2011-09-26 09:15:49 | 000,592,952 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Magda\Pulpit\SPTDinst-v179-x86.exe
[2011-09-26 09:14:47 | 004,228,783 | ---- | M] (Swearware) -- C:\Documents and Settings\Magda\Pulpit\ComboFix.exe
[2011-09-26 09:12:25 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Magda\Pulpit\dds.scr
[2011-09-26 09:02:16 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magda\Pulpit\OTL.exe
[2011-09-26 08:51:17 | 000,000,106 | ---- | M] () -- C:\Documents and Settings\Magda\default.pls
[2011-09-26 08:51:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-09-26 08:37:35 | 105,088,153 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011-09-25 21:37:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-515967899-839522115-1004.job
[2011-09-19 21:19:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-09-09 11:12:03 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-09-27 20:19:03 | 001,563,105 | ---- | C] () -- C:\Documents and Settings\Magda\Pulpit\AD-R.exe
[2011-09-27 20:08:52 | 105,189,902 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.prepare
[2011-09-26 09:56:43 | 000,110,668 | ---- | C] () -- C:\Documents and Settings\Magda\Pulpit\1.JPG
[2011-09-26 09:16:52 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Magda\Pulpit\gmer.exe
[2011-09-26 08:51:17 | 000,000,106 | ---- | C] () -- C:\Documents and Settings\Magda\default.pls
[2011-09-26 08:37:35 | 105,088,153 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011-06-27 21:59:04 | 000,983,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2011-06-25 18:04:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2011-06-12 16:14:31 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011-06-12 16:14:30 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011-06-07 11:13:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011-06-07 11:13:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011-06-07 11:13:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011-06-07 11:13:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011-02-01 20:53:11 | 000,000,142 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2010-11-11 13:01:29 | 000,001,651 | ---- | C] () -- C:\WINDOWS\System32\netmsmqa.exe
[2010-10-17 16:06:15 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-09-05 19:53:34 | 000,000,234 | ---- | C] () -- C:\WINDOWS\Fakturka.ini
[2010-08-16 18:44:58 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010-06-29 22:32:59 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-23 15:16:41 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010-06-13 09:00:11 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010-03-13 21:21:05 | 000,000,980 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010-03-07 02:51:10 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-27 18:21:24 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-02-27 18:21:21 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-02-27 18:10:41 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-02-27 17:04:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-02-27 17:02:18 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-02-27 17:01:11 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-27 16:47:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010-02-27 16:42:04 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010-02-27 16:31:59 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-02-27 16:28:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-02-27 16:19:41 | 000,001,112 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010-02-27 16:07:58 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-06-07 16:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-06-07 16:16:12 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-01-28 20:50:44 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2004-08-04 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004-08-04 14:00:00 | 000,504,178 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2004-08-04 14:00:00 | 000,444,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004-08-04 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2004-08-04 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004-08-04 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004-08-04 14:00:00 | 000,090,714 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2004-08-04 14:00:00 | 000,072,660 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004-08-04 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004-08-04 14:00:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ipssec6.exe
[2004-08-04 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2004-08-04 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004-08-04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-08-04 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003-07-30 11:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003-07-30 10:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-03-30 22:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011-08-31 08:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\aliasworlds
[2011-08-30 13:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Artist Colony
[2011-09-25 21:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-09-26 08:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Big Fish Games
[2011-09-25 21:16:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-05-15 21:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-12-25 14:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-02-27 18:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-06-20 17:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2011-08-31 12:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Islands
[2010-09-04 18:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iWin
[2011-09-26 08:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-04-21 21:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound
[2010-06-20 18:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-06-20 18:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-06-19 20:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Play
[2011-08-30 18:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PlayFirst
[2011-08-06 10:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-09-06 19:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-07-29 20:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualFarm2
[2011-09-19 20:44:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\A2 Entertainment
[2010-08-26 18:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\AlderGames
[2011-04-03 10:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\aliasworlds
[2010-09-22 19:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Artifex Mundi
[2011-06-25 17:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Avanquest
[2010-11-26 23:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Avenue Flo - Special Delivery Strategy Guide
[2011-09-25 21:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\AVG2012
[2010-06-25 20:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\AVI ReComp
[2010-10-10 20:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Bear's dream
[2010-11-09 18:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Big Fish Games
[2010-09-20 22:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Big Splash Games
[2010-08-16 18:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\BitComet
[2010-09-04 17:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\blg
[2010-09-04 17:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Boolat Games
[2011-08-28 15:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Casual Box
[2011-05-15 21:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\DAEMON Tools Lite
[2010-02-27 17:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\DAEMON Tools Pro
[2011-08-28 15:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\dekovir
[2011-01-31 14:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\DivoGames
[2010-10-15 19:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Dreamscape_Saves
[2010-11-13 20:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Elephant Games
[2010-11-12 21:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ERS Game Studios
[2010-12-25 14:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ESET
[2011-06-13 14:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Farm 2
[2011-05-07 15:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Farm Mania 2.1
[2010-11-03 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\FarmerJane
[2010-06-20 18:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Floodlight Games
[2010-05-03 20:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\freshgames
[2010-09-20 22:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Friday's games
[2011-02-15 00:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Fugazo
[2010-02-27 18:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Gadu-Gadu 10
[2011-07-29 21:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Gamelab
[2010-07-04 23:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Gamers Digital
[2011-03-23 21:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\HdO Adventure
[2011-01-26 22:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Islands
[2011-06-23 20:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Islands2
[2010-09-04 18:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\iWin
[2010-11-10 13:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Jetdogs Studios
[2010-08-16 18:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Jumb-O-Fun Games
[2010-09-04 17:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Lonely Troops
[2011-03-06 20:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Ludia
[2011-03-14 17:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Magic Seeds
[2011-05-15 16:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ManifestoGames
[2011-06-23 20:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Meridian93
[2010-03-22 20:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\My Games
[2011-04-21 21:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\NCH Swift Sound
[2010-06-06 14:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\NevoSoft Games
[2011-07-10 15:25:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PathToSuccess
[2010-06-20 18:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PC Suite
[2010-12-16 00:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PCToolsFirewallPlus
[2010-02-27 20:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PCToolsSpamMonitorPlus
[2010-05-14 21:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Peace Craft
[2010-09-01 12:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PeaceCraft2
[2011-08-31 09:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PeaceCraft3
[2011-04-23 19:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Ph03nixNewMedia
[2011-06-25 20:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PlayFirst
[2011-05-10 21:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\playmink
[2010-09-04 17:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Rabbit's Magic Adventures
[2010-11-28 19:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Roads Of Rome
[2010-11-13 19:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Robin Hood
[2011-07-18 19:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Rovio
[2010-11-04 16:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Sahmon Games
[2011-07-19 20:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Samsung
[2011-06-25 13:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Sarah's Emergency Hospital
[2010-04-03 18:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Scrabble Plus
[2010-12-16 00:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Spam Monitor
[2010-12-28 19:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Spark Plug Games
[2010-12-05 18:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Supermarket Mania 2
[2011-05-18 21:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\thejoyoffarming
[2010-11-04 19:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\TikGames
[2011-08-28 20:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Twilight Games
[2010-11-09 18:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Ubisoft
[2011-09-26 13:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\uTorrent
[2011-02-24 21:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ViquaSoft
[2011-06-19 19:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\WendigoStudios
[2011-07-24 18:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\World-LooM
[2011-06-21 16:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\YoudaGames

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


Dodano Dzisiaj, 20:30:

Kod: Zaznacz wszystko

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 20:29:21 on 27/09/2011, Normal boot

Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86)
Magda@MADZIA ( )

============== SEARCH ==============


Folder found: C:\Documents and Settings\All Users\Dane aplikacji\Trymedia

Key found: HKLM\Software\Conduit
Key found: HKLM\Software\PopCap
Key found: HKCU\Software\Conduit
Key found: HKCU\Software\PopCap
Key found: HKU\.DEFAULT\Software\AskToolbar
Key found: HKU\.DEFAULT\Software\pdfforge
Key found: HKU\.DEFAULT\Software\Search Settings
Key found: HKU\S-1-5-18\Software\AskToolbar
Key found: HKU\S-1-5-18\Software\pdfforge
Key found: HKU\S-1-5-18\Software\Search Settings
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [6.0.2 (pl)] ****

Plugins\npBitCometAgent.dll (BitComet)
Plugins\npwachk.dll (Nullsoft, Inc.)
HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results)
Searchplugins\McSiteAdvisor.xml (   hxxp://search.yahoo.com/search)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms})
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms})
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG2012\Firefox4\

-- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\FireFox\Profiles\a8cy9ez8.default --
Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash (?)
Prefs.js - browser.download.dir, C:\\Documents and Settings\\Magda\\Pulpit
Prefs.js - browser.search.defaultenginename,
Prefs.js - browser.search.selectedEngine,
Prefs.js - browser.startup.homepage, hxxp://www.google.pl/
Prefs.js - browser.startup.homepage_override.buildID, 20110902133214
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.2

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Start Page - hxxp://www.google.pl/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_SearchScopes\{BAD6910A-6679-470D-801B-1AAC66BD3CA4} - "MEGAsłownik (ang-pol-ang)" (hxxp://megaslownik.pl/slownik.php?phrase={searchTerms}&lang=en)
BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Pomocnik rejestracji usługi Windows Live" (C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 0 File(s)

C:\Ad-Report-SCAN[1].txt - 27/09/2011 20:29:32 (500 Byte(s))

End at: 20:30:25, 27/09/2011

============== E.O.F ==============


[wojtas]

odpal Ad Remover z opcji Clean , po tym nowe raporty