Komputer zwolnił

[baniol22]

Bardzo proszę o sprawdzenie logów

OTL.txt

Kod: Zaznacz wszystko

OTL logfile created on: 2012-03-22 17:56:41 - Run 1
OTL by OldTimer - Version 3.2.39.1     Folder = C:\Documents and Settings\Admin\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

894,10 Mb Total Physical Memory | 222,57 Mb Available Physical Memory | 24,89% Memory free
2,12 Gb Paging File | 1,41 Gb Available in Paging File | 66,39% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 30,98 Gb Free Space | 41,57% Space Free | Partition Type: NTFS

Computer Name: BANIOL | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-03-22 00:13:46 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-03-21 23:03:58 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Pulpit\OTL.exe
PRC - [2012-03-21 22:27:36 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Valve\Steam\Steam.exe
PRC - [2012-03-14 15:45:20 | 000,161,736 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-03-09 17:55:46 | 000,723,968 | ---- | M] () -- C:\Program Files\Microsoft Standart Files\svhost.exe
PRC - [2012-02-26 14:22:17 | 000,740,216 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012-02-24 09:18:02 | 010,441,728 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2009-02-10 17:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009-02-10 16:30:02 | 000,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\CoreCom.exe
PRC - [2008-06-20 12:11:04 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\OraConfigRecover.exe
PRC - [2008-06-20 12:08:24 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
PRC - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-06-10 11:14:42 | 000,147,456 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Systray\SystrayApp.exe
PRC - [2008-06-10 11:14:14 | 000,602,864 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Launcher\Launcher.exe
PRC - [2008-06-10 11:11:34 | 000,712,704 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe
PRC - [2008-06-10 11:11:04 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-03-22 00:13:44 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-03-21 22:31:29 | 020,297,512 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\libcef.dll
MOD - [2012-03-21 22:31:27 | 001,099,576 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\avcodec-53.dll
MOD - [2012-03-21 22:31:27 | 000,907,048 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\chromehtml.dll
MOD - [2012-03-21 22:31:27 | 000,190,776 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\avformat-53.dll
MOD - [2012-03-21 22:31:27 | 000,123,192 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\avutil-51.dll
MOD - [2012-03-16 14:48:42 | 008,527,520 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2012-03-09 17:55:46 | 000,723,968 | ---- | M] () -- C:\Program Files\Microsoft Standart Files\svhost.exe
MOD - [2012-02-24 21:54:58 | 001,186,304 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2012-02-16 21:14:14 | 000,972,288 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2012-01-09 19:44:20 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010-08-25 10:41:20 | 000,304,640 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2009-02-10 17:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008-06-10 11:14:36 | 000,589,824 | ---- | M] () -- C:\Program Files\Livebox\Launcher\Plugins\PluginLnhPromptManager2.dll
MOD - [2008-06-10 11:14:30 | 000,237,568 | ---- | M] () -- C:\Program Files\Livebox\Launcher\Plugins\PluginLnhRecovery.dll
MOD - [2006-01-25 15:48:36 | 000,032,768 | ---- | M] () -- C:\Program Files\Livebox\Launcher\WatchClient.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012-03-14 15:45:20 | 000,161,736 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-02-10 17:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Admin\USTAWI~1\Temp\uwtdqpod.sys -- (uwtdqpod)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\NSNDIS5.SYS -- (NSNDIS5)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-03-14 13:18:01 | 000,023,217 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\baniol\Gry\Interlude\system\npkcrypt.sys -- (npkcrypt)
DRV - [2012-02-12 14:12:46 | 001,414,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011-05-24 00:38:46 | 001,979,328 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2010-11-09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2009-03-16 23:19:44 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2006-06-28 18:25:24 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2006-02-27 07:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-22 00:13:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-03-19 23:03:27 | 000,000,000 | ---D | M]

[2012-02-12 14:04:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Extensions
[2012-02-13 21:19:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\orl9nqbe.default\extensions
[2012-02-18 14:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\ORL9NQBE.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\ORL9NQBE.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012-03-22 00:13:46 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-02-08 18:54:35 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-08 18:54:35 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-08 18:54:35 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-08 18:54:35 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-08 18:54:35 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-08 18:54:35 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [svhost.exe] C:\Program Files\Microsoft Standart Files\svhost.exe ()
O4 - HKCU..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Admin\Menu Start\Programy\Autostart\ePSXe 1.7.0.lnk = C:\Documents and Settings\Admin\Pulpit\epsxe\ePSXe.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C530840D-61A6-492D-B670-A27CBD89D012}: DhcpNameServer = 192.168.1.1 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-02-11 23:41:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{55f365ac-6f66-11e1-89de-0016e3fc7637}\Shell - "" = AutoRun
O33 - MountPoints2\{55f365ac-6f66-11e1-89de-0016e3fc7637}\Shell\AutoRun\command - "" = F:\KODAK_Software_Downloader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-03-21 23:18:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\fltk.org
[2012-03-21 23:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\epsxe
[2012-03-21 23:03:55 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Pulpit\OTL.exe
[2012-03-21 21:48:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\Valve
[2012-03-21 21:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2012-03-19 23:14:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2012-03-19 23:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2012-03-14 22:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Sun
[2012-03-14 21:13:26 | 009,709,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2012-03-14 21:13:26 | 004,304,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys
[2012-03-14 21:13:26 | 000,364,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2012-03-14 21:13:26 | 000,266,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.Cpl
[2012-03-14 21:13:26 | 000,086,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2012-03-14 21:13:23 | 002,158,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2012-03-14 21:13:22 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2012-03-14 21:13:22 | 000,299,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.Cpl
[2012-03-14 21:13:22 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2012-03-14 21:13:17 | 000,487,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2012-03-14 20:47:30 | 000,081,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2012-03-14 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-03-14 15:45:41 | 000,771,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-03-14 15:45:41 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-03-14 15:45:35 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-03-14 15:45:35 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-03-14 13:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\ToshibaSatelliteL30
[2012-03-14 13:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\Fraps
[2012-03-14 13:01:29 | 000,000,000 | ---D | C] -- C:\Fraps
[2012-03-14 12:15:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012-03-14 12:14:06 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012-03-14 12:13:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012-03-14 12:07:13 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012-03-14 12:03:21 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012-03-14 12:01:45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012-03-14 12:01:24 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012-03-13 19:25:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2012-03-13 19:21:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012-03-13 19:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2012-03-13 19:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012-03-13 19:08:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012-03-13 19:02:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012-03-13 18:56:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012-03-13 18:56:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012-03-13 17:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Identities
[2012-03-13 16:22:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\ObviousIdea
[2012-03-13 16:20:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ObviousIdea
[2012-03-13 16:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\ObviousIdea
[2012-03-11 19:12:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\Half-Life 2
[2012-03-11 18:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\booddanet
[2012-03-09 18:31:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Standart Files
[2012-03-06 19:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\LOVE
[2012-03-05 15:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
[2012-03-05 15:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\NapiProjekt
[2012-03-05 15:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-03-03 15:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\AP Tuner 3.08
[2012-03-03 15:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\AP Tuner
[2012-03-02 17:03:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Ashampoo
[2012-03-02 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ashampoo
[2012-03-02 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2012-03-02 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\ashampoo
[2012-03-02 17:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012-03-01 13:59:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012-02-21 20:37:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJSolutionMenu
[2012-02-21 20:37:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJMyPrinter
[2012-02-21 20:36:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJPLM
[2012-02-21 20:35:44 | 001,310,720 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC550C.dll
[2012-02-21 20:35:44 | 000,303,104 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC550L.dll
[2012-02-21 20:35:44 | 000,110,592 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC550I.dll
[2012-02-21 20:35:44 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC550U.dll
[2012-02-21 20:35:44 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2012-02-21 20:35:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Canon Easy-WebPrint EX
[2012-02-21 20:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012-02-21 20:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Canon Utilities
[2012-02-21 20:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Canon MP550 series Manual
[2012-02-21 20:31:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2012-02-21 20:31:16 | 000,272,384 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM9Z.DLL
[2012-02-21 20:31:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2012-02-21 20:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Canon MP550 series
[2012-02-21 20:31:03 | 000,090,112 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNC550O.dll
[2012-02-21 20:30:58 | 000,178,176 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIU9Z.DLL
[2012-02-21 20:30:51 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012-02-21 20:29:22 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-03-22 15:43:51 | 007,597,975 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\02 Scary Monsters and Nice Sprites.mp3
[2012-03-22 14:37:35 | 000,000,555 | ---- | M] () -- C:\Documents and Settings\Admin\Menu Start\Programy\Autostart\ePSXe 1.7.0.lnk
[2012-03-22 14:37:29 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-03-22 14:32:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-03-21 23:03:58 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Pulpit\OTL.exe
[2012-03-21 22:53:38 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\duze448g.exe
[2012-03-21 21:52:23 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Counter-Strike.lnk
[2012-03-21 21:52:23 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Condition Zero.lnk
[2012-03-21 21:48:30 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Steam.lnk
[2012-03-19 23:14:43 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-03-19 20:41:11 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-16 15:19:35 | 000,065,142 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Laugh And Applause-SoundBible.com-1359854750.mp3
[2012-03-16 14:48:42 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-03-15 11:27:39 | 000,125,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-03-14 23:35:30 | 000,491,288 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-03-14 23:35:30 | 000,433,112 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-03-14 23:35:30 | 000,084,500 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-03-14 23:35:30 | 000,068,068 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-03-14 23:32:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-03-14 21:17:05 | 004,554,501 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Marilyn Manson-Tourniquet pobrano z ulub_pl.mp3
[2012-03-14 20:47:30 | 000,081,920 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2012-03-14 15:45:20 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-03-14 15:45:20 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-03-14 15:45:20 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-03-14 15:45:20 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-03-14 15:45:19 | 000,771,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-03-14 15:45:19 | 000,686,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012-03-14 13:26:16 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Lineage2Dex.EXE.lnk
[2012-03-14 13:01:30 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Fraps.lnk
[2012-03-13 19:02:29 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2012-03-13 12:45:15 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012-03-12 20:48:07 | 000,015,435 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\marzec - mamy.odt
[2012-03-11 21:00:58 | 002,997,635 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Pokahontaz - Za Szybcy Sie Wsciekli.mp3
[2012-03-11 20:59:50 | 003,330,330 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Pokahontaz - Wstrzas Dla Mas.mp3
[2012-03-11 20:26:49 | 001,648,431 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Van Halen - Eruption.mp3
[2012-03-11 20:24:19 | 002,732,231 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Jimi Hendrix - Purple Haze.mp3
[2012-03-11 19:12:35 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Half-Life 2.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Video.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Pictures.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Passwords.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\New Folder.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Music.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Documents.lnk
[2012-03-08 22:11:31 | 000,000,136 | RHS- | M] () -- C:\Documents and Settings\Admin\autorun.inf
[2012-03-07 11:42:29 | 000,057,344 | RHS- | M] () -- C:\Documents and Settings\Admin\diefioj.scr
[2012-03-01 14:01:34 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-02-26 20:25:28 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\play.m3u
[2012-02-22 21:48:27 | 041,330,674 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Madafakerski Madafaker Dissuje Gargamela.flv
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-03-22 15:41:23 | 007,597,975 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\02 Scary Monsters and Nice Sprites.mp3
[2012-03-21 23:18:06 | 000,000,555 | ---- | C] () -- C:\Documents and Settings\Admin\Menu Start\Programy\Autostart\ePSXe 1.7.0.lnk
[2012-03-21 23:18:06 | 000,000,465 | ---- | C] () -- C:\Documents and Settings\Admin\Menu Start\Programy\ePSXe 1.7.0.lnk
[2012-03-21 22:53:38 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\duze448g.exe
[2012-03-21 21:52:23 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Counter-Strike.lnk
[2012-03-21 21:52:23 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Condition Zero.lnk
[2012-03-21 21:48:30 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Steam.lnk
[2012-03-19 23:14:42 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-03-16 15:19:34 | 000,065,142 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Laugh And Applause-SoundBible.com-1359854750.mp3
[2012-03-14 21:16:47 | 004,554,501 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Marilyn Manson-Tourniquet pobrano z ulub_pl.mp3
[2012-03-14 21:13:46 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012-03-14 21:13:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-03-14 20:45:41 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012-03-14 13:26:16 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Lineage2Dex.EXE.lnk
[2012-03-14 13:01:30 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Fraps.lnk
[2012-03-14 12:03:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-03-14 12:03:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012-03-13 12:45:15 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012-03-12 20:48:06 | 000,015,435 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\marzec - mamy.odt
[2012-03-11 21:00:46 | 002,997,635 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Pokahontaz - Za Szybcy Sie Wsciekli.mp3
[2012-03-11 20:59:38 | 003,330,330 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Pokahontaz - Wstrzas Dla Mas.mp3
[2012-03-11 20:26:44 | 001,648,431 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Van Halen - Eruption.mp3
[2012-03-11 20:24:10 | 002,732,231 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Jimi Hendrix - Purple Haze.mp3
[2012-03-11 19:12:35 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Half-Life 2.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\Admin\Video.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\Admin\Pictures.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\Admin\Passwords.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\Admin\New Folder.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\Admin\Music.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\Admin\Documents.lnk
[2012-03-08 22:11:31 | 000,000,136 | RHS- | C] () -- C:\Documents and Settings\Admin\autorun.inf
[2012-03-07 11:42:29 | 000,057,344 | RHS- | C] () -- C:\Documents and Settings\Admin\diefioj.scr
[2012-02-26 20:17:28 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\play.m3u
[2012-02-22 21:36:59 | 041,330,674 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Madafakerski Madafaker Dissuje Gargamela.flv
[2012-02-21 20:35:44 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\CNC173DD.TBL
[2012-02-13 15:05:53 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2012-02-12 14:38:46 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012-02-12 14:38:46 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012-02-12 14:38:45 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-02-12 14:38:43 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012-02-12 00:31:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-02-12 00:30:28 | 000,125,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-11 23:48:17 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-11 23:43:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-02-11 23:38:14 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[color=#E56717]========== LOP Check ==========[/color]

[2012-03-14 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\.minecraft
[2012-03-02 17:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Ashampoo
[2012-02-21 20:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Canon Easy-WebPrint EX
[2012-03-13 19:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\DAEMON Tools Lite
[2012-03-21 23:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\fltk.org
[2012-02-15 17:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\LolClient
[2012-03-06 19:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\LOVE
[2012-03-05 15:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\NapiProjekt
[2012-03-13 16:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\ObviousIdea
[2012-02-12 22:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\OpenOffice.org
[2012-03-22 18:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\uTorrent
[2012-02-12 13:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\WinBatch
[2012-03-02 17:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2012-02-21 20:31:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2012-02-21 20:37:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJMyPrinter
[2012-03-06 19:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJPLM
[2012-02-21 20:37:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJSolutionMenu
[2012-02-12 15:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


Extras.txt

Kod: Zaznacz wszystko

OTL Extras logfile created on: 2012-03-22 17:56:41 - Run 1
OTL by OldTimer - Version 3.2.39.1     Folder = C:\Documents and Settings\Admin\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

894,10 Mb Total Physical Memory | 222,57 Mb Available Physical Memory | 24,89% Memory free
2,12 Gb Paging File | 1,41 Gb Available in Paging File | 66,39% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 30,98 Gb Free Space | 41,57% Space Free | Partition Type: NTFS

Computer Name: BANIOL | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe" = C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\EA GAMES\Need for Speed Underground 2\SPEED2.EXE" = C:\Program Files\EA GAMES\Need for Speed Underground 2\SPEED2.EXE:*:Enabled:SPEED2 -- ()
"C:\Program Files\Valve\Steam\Steam.exe" = C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Valve\Steam\SteamApps\baniol\counter-strike\hl.exe" = C:\Program Files\Valve\Steam\SteamApps\baniol\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Panel sterowania ATI
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{414D0241-EDC9-4EE6-8925-2D6A847FB212}" = Disciples II - Mroczne Proroctwo
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.1.0.6
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{ORAHSS}.UninstallSuite" = Livebox
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AP Tuner 3.08" = AP Tuner 3.08
"AQQ" = WapSter AQQ
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATI Display Driver" = ATI Display Driver
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.17
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Fraps" = Fraps
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.3.2 (Full)
"Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"NapiProjekt_is1" = NapiProjekt (2.0.0.2151)
"Need for Speed Underground 2" = Need for Speed Underground 2
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.10 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Half-Life 2" = Half-Life 2

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-02-26 18:45:22 | Computer Name = BANIOL | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 9.0.0.3250, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2012-03-09 10:57:36 | Computer Name = BANIOL | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd lollauncher.exe, wersja 0.0.0.0, moduł powodujący
błąd lollauncher.exe, wersja 0.0.0.0, adres błędu 0x001e8685.

Error - 2012-03-13 18:30:47 | Computer Name = BANIOL | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd mpc-hc.exe, wersja 1.6.1.4041, moduł powodujący
błąd splitter.ax, wersja 1.11.288.0, adres błędu 0x000080e6.

Error - 2012-03-14 10:39:31 | Computer Name = BANIOL | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca java.exe, wersja 6.0.290.11, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2012-03-16 19:43:10 | Computer Name = BANIOL | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca mpc-hc.exe, wersja 1.6.1.4041, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

[ System Events ]
Error - 2012-03-21 14:01:24 | Computer Name = BANIOL | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows User Mode Driver Framework z powodu
następującego błędu:   %%1053

Error - 2012-03-21 16:44:10 | Computer Name = BANIOL | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą Windows User Mode Driver Framework.

Error - 2012-03-21 16:44:10 | Computer Name = BANIOL | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows User Mode Driver Framework z powodu
następującego błędu:   %%1053

Error - 2012-03-21 16:47:11 | Computer Name = BANIOL | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą Windows User Mode Driver Framework.

Error - 2012-03-21 16:47:11 | Computer Name = BANIOL | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows User Mode Driver Framework z powodu
następującego błędu:   %%1053

Error - 2012-03-21 17:55:12 | Computer Name = BANIOL | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
limitu czasu.

Error - 2012-03-21 17:55:29 | Computer Name = BANIOL | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
limitu czasu.

Error - 2012-03-21 17:57:04 | Computer Name = BANIOL | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
limitu czasu.

Error - 2012-03-22 09:32:07 | Computer Name = BANIOL | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą Windows User Mode Driver Framework.

Error - 2012-03-22 09:32:07 | Computer Name = BANIOL | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows User Mode Driver Framework z powodu
następującego błędu:   %%1053


< End of report >


I log z GMERa

Kod: Zaznacz wszystko

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-22 00:30:49
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8037GSX rev.DL230M
Running: duze448g.exe; Driver: C:\DOCUME~1\Admin\USTAWI~1\Temp\uwtdqpod.sys


---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2736] USER32.dll!SetWindowLongA  7E37C29D 5 Bytes  JMP 106C01A3 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2736] USER32.dll!SetWindowLongW  7E37C2BB 5 Bytes  JMP 106C0135 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2736] USER32.dll!GetWindowInfo   7E37C49C 5 Bytes  JMP 10450924 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2736] USER32.dll!TrackPopupMenu  7E3B531E 5 Bytes  JMP 10450ECF C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3580] ntdll.dll!LdrLoadDll                7C91632D 5 Bytes  JMP 01225B60 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                                SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)


[wojtas]

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
O4 - HKLM..\Run: [svhost.exe] C:\Program Files\Microsoft Standart Files\svhost.exe ()
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Video.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Pictures.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Passwords.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\New Folder.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Music.lnk
[2012-03-08 22:11:31 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\Admin\Documents.lnk
[2012-03-08 22:11:31 | 000,000,136 | RHS- | M] () -- C:\Documents and Settings\Admin\autorun.inf
[2012-03-07 11:42:29 | 000,057,344 | RHS- | M] () -- C:\Documents and Settings\Admin\diefioj.scr

:Files
C:\Program Files\Microsoft Standart Files

:Commands
[emptytemp]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).

[baniol22]

To ten po wykonaniu skryptu:

Kod: Zaznacz wszystko

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\svhost.exe deleted successfully.
C:\Program Files\Microsoft Standart Files\svhost.exe moved successfully.
C:\Documents and Settings\Admin\Video.lnk moved successfully.
C:\Documents and Settings\Admin\Pictures.lnk moved successfully.
C:\Documents and Settings\Admin\Passwords.lnk moved successfully.
C:\Documents and Settings\Admin\New Folder.lnk moved successfully.
C:\Documents and Settings\Admin\Music.lnk moved successfully.
C:\Documents and Settings\Admin\Documents.lnk moved successfully.
C:\Documents and Settings\Admin\autorun.inf moved successfully.
C:\Documents and Settings\Admin\diefioj.scr moved successfully.
========== FILES ==========
C:\Program Files\Microsoft Standart Files folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 278288618 bytes
->Temporary Internet Files folder emptied: 33309712 bytes
->Java cache emptied: 320063 bytes
->FireFox cache emptied: 409799593 bytes
->Flash cache emptied: 17409 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 134979 bytes
RecycleBin emptied: 1347289313 bytes

Total Files Cleaned = 1 975,00 mb


OTL by OldTimer - Version 3.2.39.1 log created on 03222012_201528

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


I OTL.txt

Kod: Zaznacz wszystko

OTL logfile created on: 2012-03-22 20:23:53 - Run 2
OTL by OldTimer - Version 3.2.39.1     Folder = C:\Documents and Settings\Admin\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

894,10 Mb Total Physical Memory | 435,09 Mb Available Physical Memory | 48,66% Memory free
2,12 Gb Paging File | 1,71 Gb Available in Paging File | 80,65% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 32,71 Gb Free Space | 43,89% Space Free | Partition Type: NTFS

Computer Name: BANIOL | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-03-22 00:13:46 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-03-21 23:03:58 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Pulpit\OTL.exe
PRC - [2012-03-21 22:27:36 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Valve\Steam\Steam.exe
PRC - [2012-03-14 15:45:20 | 000,161,736 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-02-26 14:22:17 | 000,740,216 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012-02-24 09:18:02 | 010,441,728 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2009-02-10 17:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009-02-10 16:30:02 | 000,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\CoreCom.exe
PRC - [2008-06-20 12:11:04 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\OraConfigRecover.exe
PRC - [2008-06-20 12:08:24 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
PRC - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-06-10 11:14:42 | 000,147,456 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Systray\SystrayApp.exe
PRC - [2008-06-10 11:14:14 | 000,602,864 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Launcher\Launcher.exe
PRC - [2008-06-10 11:11:34 | 000,712,704 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe
PRC - [2008-06-10 11:11:04 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-03-22 00:13:44 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-03-21 22:31:29 | 020,297,512 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\libcef.dll
MOD - [2012-03-21 22:31:27 | 001,099,576 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\avcodec-53.dll
MOD - [2012-03-21 22:31:27 | 000,907,048 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\chromehtml.dll
MOD - [2012-03-21 22:31:27 | 000,190,776 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\avformat-53.dll
MOD - [2012-03-21 22:31:27 | 000,123,192 | ---- | M] () -- C:\Program Files\Valve\Steam\bin\avutil-51.dll
MOD - [2012-02-24 21:54:58 | 001,186,304 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2012-02-16 21:14:14 | 000,972,288 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2010-08-25 10:41:20 | 000,304,640 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2009-02-10 17:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008-06-10 11:14:36 | 000,589,824 | ---- | M] () -- C:\Program Files\Livebox\Launcher\Plugins\PluginLnhPromptManager2.dll
MOD - [2008-06-10 11:14:30 | 000,237,568 | ---- | M] () -- C:\Program Files\Livebox\Launcher\Plugins\PluginLnhRecovery.dll
MOD - [2006-01-25 15:48:36 | 000,032,768 | ---- | M] () -- C:\Program Files\Livebox\Launcher\WatchClient.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012-03-14 15:45:20 | 000,161,736 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-02-10 17:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\NSNDIS5.SYS -- (NSNDIS5)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-03-14 13:18:01 | 000,023,217 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\baniol\Gry\Interlude\system\npkcrypt.sys -- (npkcrypt)
DRV - [2012-02-12 14:12:46 | 001,414,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011-05-24 00:38:46 | 001,979,328 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2010-11-09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2009-03-16 23:19:44 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2006-06-28 18:25:24 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2006-02-27 07:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-22 00:13:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-03-19 23:03:27 | 000,000,000 | ---D | M]

[2012-02-12 14:04:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Extensions
[2012-02-13 21:19:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\orl9nqbe.default\extensions
[2012-02-18 14:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\ORL9NQBE.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\ORL9NQBE.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012-03-22 00:13:46 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-02-08 18:54:35 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-08 18:54:35 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-08 18:54:35 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-08 18:54:35 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-08 18:54:35 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-08 18:54:35 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKCU..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Admin\Menu Start\Programy\Autostart\ePSXe 1.7.0.lnk = C:\Documents and Settings\Admin\Pulpit\epsxe\ePSXe.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C530840D-61A6-492D-B670-A27CBD89D012}: DhcpNameServer = 192.168.1.1 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-02-11 23:41:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{55f365ac-6f66-11e1-89de-0016e3fc7637}\Shell - "" = AutoRun
O33 - MountPoints2\{55f365ac-6f66-11e1-89de-0016e3fc7637}\Shell\AutoRun\command - "" = F:\KODAK_Software_Downloader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-03-22 20:15:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-03-21 23:18:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\fltk.org
[2012-03-21 23:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\epsxe
[2012-03-21 23:03:55 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Pulpit\OTL.exe
[2012-03-21 21:48:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\Valve
[2012-03-21 21:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2012-03-19 23:14:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2012-03-19 23:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2012-03-14 22:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Sun
[2012-03-14 21:13:26 | 009,709,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2012-03-14 21:13:26 | 004,304,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys
[2012-03-14 21:13:26 | 000,364,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2012-03-14 21:13:26 | 000,266,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.Cpl
[2012-03-14 21:13:26 | 000,086,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2012-03-14 21:13:23 | 002,158,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2012-03-14 21:13:22 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2012-03-14 21:13:22 | 000,299,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.Cpl
[2012-03-14 21:13:22 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2012-03-14 21:13:17 | 000,487,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2012-03-14 20:47:30 | 000,081,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2012-03-14 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-03-14 15:45:41 | 000,771,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-03-14 15:45:41 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-03-14 15:45:35 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-03-14 15:45:35 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-03-14 13:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\ToshibaSatelliteL30
[2012-03-14 13:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\Fraps
[2012-03-14 13:01:29 | 000,000,000 | ---D | C] -- C:\Fraps
[2012-03-14 12:15:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012-03-14 12:14:06 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012-03-14 12:13:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012-03-14 12:07:13 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012-03-14 12:03:21 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012-03-14 12:01:45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012-03-14 12:01:24 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012-03-13 19:25:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2012-03-13 19:21:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012-03-13 19:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2012-03-13 19:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012-03-13 19:08:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012-03-13 19:02:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012-03-13 18:56:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012-03-13 18:56:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012-03-13 17:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Identities
[2012-03-13 16:22:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\ObviousIdea
[2012-03-13 16:20:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ObviousIdea
[2012-03-13 16:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\ObviousIdea
[2012-03-11 19:12:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\Half-Life 2
[2012-03-11 18:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\booddanet
[2012-03-06 19:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\LOVE
[2012-03-05 15:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
[2012-03-05 15:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\NapiProjekt
[2012-03-05 15:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-03-03 15:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\AP Tuner 3.08
[2012-03-03 15:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\AP Tuner
[2012-03-02 17:03:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Ashampoo
[2012-03-02 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ashampoo
[2012-03-02 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2012-03-02 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\ashampoo
[2012-03-02 17:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012-03-01 13:59:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012-02-21 20:37:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJSolutionMenu
[2012-02-21 20:37:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJMyPrinter
[2012-02-21 20:36:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJPLM
[2012-02-21 20:35:44 | 001,310,720 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC550C.dll
[2012-02-21 20:35:44 | 000,303,104 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC550L.dll
[2012-02-21 20:35:44 | 000,110,592 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC550I.dll
[2012-02-21 20:35:44 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC550U.dll
[2012-02-21 20:35:44 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2012-02-21 20:35:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Canon Easy-WebPrint EX
[2012-02-21 20:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012-02-21 20:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Canon Utilities
[2012-02-21 20:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Canon MP550 series Manual
[2012-02-21 20:31:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2012-02-21 20:31:16 | 000,272,384 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM9Z.DLL
[2012-02-21 20:31:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2012-02-21 20:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Canon MP550 series
[2012-02-21 20:31:03 | 000,090,112 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNC550O.dll
[2012-02-21 20:30:58 | 000,178,176 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIU9Z.DLL
[2012-02-21 20:30:51 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012-02-21 20:29:22 | 000,000,000 | ---D | C] -- C:\Program Files\Canon

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-03-22 20:18:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-03-22 15:43:51 | 007,597,975 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\02 Scary Monsters and Nice Sprites.mp3
[2012-03-22 14:37:35 | 000,000,555 | ---- | M] () -- C:\Documents and Settings\Admin\Menu Start\Programy\Autostart\ePSXe 1.7.0.lnk
[2012-03-22 14:37:29 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-03-21 23:03:58 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Pulpit\OTL.exe
[2012-03-21 22:53:38 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\duze448g.exe
[2012-03-21 21:52:23 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Counter-Strike.lnk
[2012-03-21 21:52:23 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Condition Zero.lnk
[2012-03-19 23:14:43 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-03-19 20:41:11 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-16 15:19:35 | 000,065,142 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Laugh And Applause-SoundBible.com-1359854750.mp3
[2012-03-16 14:48:42 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-03-15 11:27:39 | 000,125,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-03-14 23:35:30 | 000,491,288 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-03-14 23:35:30 | 000,433,112 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-03-14 23:35:30 | 000,084,500 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-03-14 23:35:30 | 000,068,068 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-03-14 23:32:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-03-14 21:17:05 | 004,554,501 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Marilyn Manson-Tourniquet pobrano z ulub_pl.mp3
[2012-03-14 20:47:30 | 000,081,920 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2012-03-14 15:45:20 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-03-14 15:45:20 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-03-14 15:45:20 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-03-14 15:45:20 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-03-14 15:45:19 | 000,771,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-03-14 15:45:19 | 000,686,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012-03-14 13:26:16 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Lineage2Dex.EXE.lnk
[2012-03-14 13:01:30 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Fraps.lnk
[2012-03-13 19:02:29 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2012-03-13 12:45:15 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012-03-12 20:48:07 | 000,015,435 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\marzec - mamy.odt
[2012-03-11 21:00:58 | 002,997,635 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Pokahontaz - Za Szybcy Sie Wsciekli.mp3
[2012-03-11 20:59:50 | 003,330,330 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Pokahontaz - Wstrzas Dla Mas.mp3
[2012-03-11 20:26:49 | 001,648,431 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Van Halen - Eruption.mp3
[2012-03-11 20:24:19 | 002,732,231 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Jimi Hendrix - Purple Haze.mp3
[2012-03-11 19:12:35 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Half-Life 2.lnk
[2012-03-01 14:01:34 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-02-26 20:25:28 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\play.m3u
[2012-02-22 21:48:27 | 041,330,674 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Madafakerski Madafaker Dissuje Gargamela.flv

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-03-22 15:41:23 | 007,597,975 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\02 Scary Monsters and Nice Sprites.mp3
[2012-03-21 23:18:06 | 000,000,555 | ---- | C] () -- C:\Documents and Settings\Admin\Menu Start\Programy\Autostart\ePSXe 1.7.0.lnk
[2012-03-21 23:18:06 | 000,000,465 | ---- | C] () -- C:\Documents and Settings\Admin\Menu Start\Programy\ePSXe 1.7.0.lnk
[2012-03-21 22:53:38 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\duze448g.exe
[2012-03-21 21:52:23 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Counter-Strike.lnk
[2012-03-21 21:52:23 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Condition Zero.lnk
[2012-03-19 23:14:42 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-03-16 15:19:34 | 000,065,142 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Laugh And Applause-SoundBible.com-1359854750.mp3
[2012-03-14 21:16:47 | 004,554,501 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Marilyn Manson-Tourniquet pobrano z ulub_pl.mp3
[2012-03-14 21:13:46 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012-03-14 21:13:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-03-14 20:45:41 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012-03-14 13:26:16 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Lineage2Dex.EXE.lnk
[2012-03-14 13:01:30 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Fraps.lnk
[2012-03-14 12:03:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-03-14 12:03:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012-03-13 12:45:15 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012-03-12 20:48:06 | 000,015,435 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\marzec - mamy.odt
[2012-03-11 21:00:46 | 002,997,635 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Pokahontaz - Za Szybcy Sie Wsciekli.mp3
[2012-03-11 20:59:38 | 003,330,330 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Pokahontaz - Wstrzas Dla Mas.mp3
[2012-03-11 20:26:44 | 001,648,431 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Van Halen - Eruption.mp3
[2012-03-11 20:24:10 | 002,732,231 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Jimi Hendrix - Purple Haze.mp3
[2012-03-11 19:12:35 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Half-Life 2.lnk
[2012-02-26 20:17:28 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\play.m3u
[2012-02-22 21:36:59 | 041,330,674 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Madafakerski Madafaker Dissuje Gargamela.flv
[2012-02-21 20:35:44 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\CNC173DD.TBL
[2012-02-13 15:05:53 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2012-02-12 14:38:46 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012-02-12 14:38:46 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012-02-12 14:38:45 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-02-12 14:38:43 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012-02-12 00:31:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-02-12 00:30:28 | 000,125,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-11 23:48:17 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-11 23:43:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-02-11 23:38:14 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

< End of report >


[wojtas]

*Uruchom OTL z opcji sprzątanie.
* wykonaj optymalizację Windowsa ( instrukcja dla Windowsa XP, lecz w innych systemach jest podobnie )
* zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
* Skasuj stan przywracania systemu

zaktualizuj zabezpieczenie :

>>> Java™ 6

napisz jak sytuacja z komputerem