Log HiJackThis 28.11.09

ďťż




	chomiki Log kontrolny - OTL 24.05.10 Proszę o sprawdzenie log'a, trojanDownloader.Wigon.bs Log kontrolny - 24.10.2008 moze ktos sprawdzic mi log?prosze Log kontrolny 22.01.10 LOG Meczy mnie reklamiarz Net zmulony - log Prosze o sprawdzenie log-a Log proszę o sprawdzenie SLAX Kill Bill zanotowane.pl doc.pisz.pl pdf.pisz.pl apv88.opx.pl	chomiki Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:51:01, on 2009-11-28 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20583) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\Program Files\Gadu-Gadu\gg.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Brother\Brmfcmon\brmfcwnd.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\4.0.255.0\npchrome_tab.dll O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.co...oUploader55.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com...ows-i586-jc.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.c...Plus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2391A5F8-7541-4215-B559-D5ED9B628B10}: NameServer = 213.241.79.37,213.241.79.38,195.114.161.61,195.114.181.130 O18 - Protocol hijack: cf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MySql - Unknown owner - c:\krasnal/MYSQL/bin/mysqld.exe O23 - Service: NanoServiceMain - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 6293 bytes Panda Cloud Antivirus daje do kwarantanny plik C:\WINDOWS\system32\sfc_os.dll ale nie radzi sobie z nim - pliczek się "odradza". Podaj logi z OTL (klikasz Run Scan i czekasz aż powstanie log) oraz GMER Przeskanuj ten plik na http://virusscan.jotti.org/ i podaj wyniki OTL logfile created on: 2009-11-28 13:51:41 - Run 1 OTL by OldTimer - Version 3.1.11.1 Folder = H:\Instalki Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000415 \| Country: Polska \| Language: PLK \| Date Format: yyyy-MM-dd 1,50 Gb Total Physical Memory \| 1,01 Gb Available Physical Memory \| 67,64% Memory free 3,35 Gb Paging File \| 2,99 Gb Available in Paging File \| 89,22% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 20,00 Gb Total Space \| 5,30 Gb Free Space \| 26,52% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: \| 120,00 Gb Total Space \| 29,85 Gb Free Space \| 24,88% Space Free \| Partition Type: NTFS Drive G: \| 30,01 Gb Total Space \| 2,72 Gb Free Space \| 9,07% Space Free \| Partition Type: NTFS Drive H: \| 62,88 Gb Total Space \| 0,72 Gb Free Space \| 1,14% Space Free \| Partition Type: NTFS I: Drive not present or media not loaded Computer Name: TOMEK Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009-11-28 13:50:37 \| 00,535,040 \| ---- \| M] (OldTimer Tools) -- H:\Instalki\OTL.exe PRC - [2009-10-30 17:29:56 \| 00,136,448 \| ---- \| M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2009-10-30 17:29:01 \| 00,361,728 \| ---- \| M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe PRC - [2009-09-27 18:19:46 \| 00,172,100 \| ---- \| M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009-09-25 15:28:47 \| 00,133,104 \| ---- \| M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2009-08-25 07:51:48 \| 03,548,560 \| ---- \| M] (Maxthon International ltd.) -- C:\Program Files\Maxthon2\Maxthon.exe PRC - [2009-05-20 11:45:10 \| 00,103,912 \| ---- \| M] () -- C:\Program Files\Spik\Spik.exe PRC - [2009-02-25 15:47:50 \| 00,152,984 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-03-20 11:04:46 \| 02,127,296 \| ---- \| M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2007-07-13 23:42:04 \| 00,974,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-05-28 17:57:54 \| 00,275,968 \| ---- \| M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2005-04-23 18:12:00 \| 00,802,816 \| ---- \| M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe PRC - [2005-03-17 13:25:54 \| 00,057,393 \| ---- \| M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe PRC - [2004-08-04 01:44:30 \| 00,013,824 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2002-04-11 23:00:00 \| 00,057,344 \| ---- \| M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe PRC - [2001-12-12 23:01:00 \| 00,045,056 \| ---- \| M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe ========== Modules (SafeList) ========== MOD - [2009-11-28 13:50:37 \| 00,535,040 \| ---- \| M] (OldTimer Tools) -- H:\Instalki\OTL.exe MOD - [2009-05-20 10:43:14 \| 00,008,192 \| ---- \| M] () -- C:\Program Files\Spik\idlehk.dll MOD - [2008-07-25 11:17:20 \| 00,635,904 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll MOD - [2006-08-25 09:51:14 \| 01,054,208 \| R--- \| M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found -- -- (CiSvc) SRV - [2009-10-30 17:29:56 \| 00,136,448 \| ---- \| M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2009-09-27 18:19:46 \| 00,172,100 \| ---- \| M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (nvsvc) SRV - [2009-09-25 15:28:47 \| 00,133,104 \| ---- \| M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate) SRV - [2009-02-25 15:47:50 \| 00,152,984 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2008-12-12 20:10:51 \| 00,072,704 \| ---- \| M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service) SRV - [2007-05-28 17:57:54 \| 00,275,968 \| ---- \| M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2005-04-03 23:41:10 \| 00,069,632 \| ---- \| M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003-09-14 21:08:14 \| 02,928,700 \| ---- \| M] () -- c:\krasnal/MYSQL/bin/mysqld.exe -- (MySql) SRV - [2003-07-28 19:28:22 \| 00,089,136 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2002-04-11 23:00:00 \| 00,057,344 \| ---- \| M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service) ========== Driver Services (SafeList) ========== DRV - [2009-10-30 16:18:01 \| 00,146,952 \| ---- \| M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt) DRV - [2009-10-13 15:50:55 \| 00,101,512 \| ---- \| M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc) DRV - [2009-10-13 15:50:54 \| 00,114,312 \| ---- \| M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC) DRV - [2009-10-13 15:50:54 \| 00,095,880 \| ---- \| M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile) DRV - [2009-09-27 16:12:22 \| 07,655,872 \| ---- \| M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-02-17 18:11:30 \| 00,024,232 \| ---- \| M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2008-07-08 18:19:05 \| 00,717,296 \| ---- \| M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007-07-28 02:15:52 \| 00,062,208 \| ---- \| M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112) DRV - [2007-06-19 08:51:20 \| 00,107,304 \| R--- \| M] (MCCI Corporation) -- C:\WINDOWS\system32\drivers\s816mdm.sys -- (s816mdm) DRV - [2007-06-19 08:51:18 \| 00,099,112 \| R--- \| M] (MCCI Corporation) -- C:\WINDOWS\system32\drivers\s816mgmt.sys -- (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) DRV - [2007-06-19 08:51:18 \| 00,097,704 \| R--- \| M] (MCCI) -- C:\WINDOWS\system32\drivers\s816unic.sys -- (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) DRV - [2007-06-19 08:51:18 \| 00,097,320 \| R--- \| M] (MCCI Corporation) -- C:\WINDOWS\system32\drivers\s816obex.sys -- (s816obex) DRV - [2007-06-19 08:51:18 \| 00,021,928 \| R--- \| M] (MCCI Corporation) -- C:\WINDOWS\system32\drivers\s816nd5.sys -- (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) DRV - [2007-06-19 08:51:18 \| 00,013,864 \| R--- \| M] (MCCI Corporation) -- C:\WINDOWS\system32\drivers\s816mdfl.sys -- (s816mdfl) DRV - [2007-06-19 08:51:16 \| 00,081,832 \| R--- \| M] (MCCI Corporation) -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM) DRV - [2007-03-08 00:51:00 \| 00,043,528 \| ---- \| M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2006-04-06 06:23:52 \| 00,081,664 \| R--- \| M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-03-29 07:49:26 \| 00,009,856 \| ---- \| M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2005-07-07 09:14:30 \| 01,389,056 \| R--- \| M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\P17.sys -- (P17) DRV - [2005-01-10 11:15:30 \| 00,106,496 \| R--- \| M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-01-10 11:15:24 \| 00,138,752 \| R--- \| M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2004-10-15 11:50:20 \| 00,015,295 \| ---- \| M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) DRV - [2004-08-13 03:56:20 \| 00,005,810 \| R--- \| M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-07-17 12:36:38 \| 00,027,440 \| ---- \| M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2002-09-16 16:14:32 \| 00,004,228 \| ---- \| M] (PowerQuest Corporation) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv) DRV - [2001-08-18 00:49:56 \| 00,017,792 \| ---- \| M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Disable Script Debugger Default = yes IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DisableScriptDebuggerIE Default = yes IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-10-30 10:50:02 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-29 10:47:05 \| 00,000,000 \| ---D \| M] [2008-07-07 12:37:18 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2009-11-25 18:08:49 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nwv0s9hk.default\extensions [2009-04-16 11:21:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nwv0s9hk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-11-25 18:08:49 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions [2009-02-25 15:48:00 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009-05-20 11:26:29 \| 00,077,824 \| ---- \| M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npwpk.dll [2009-07-22 22:16:44 \| 00,002,767 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2008-04-03 18:19:08 \| 00,001,406 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2007-03-31 18:11:54 \| 00,000,917 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2006-06-03 17:43:22 \| 00,000,858 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2008-03-28 22:36:04 \| 00,001,183 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2007-01-05 12:40:56 \| 00,001,683 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\4.0.255.0\npchrome_tab.dll (@COMPANY_FULLNAME@) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.) O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe (Brother Industories, Ltd.) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe File not found O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft...922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.co...oUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-01.sun.com...ows-i586-jc.cab (Java Plug-in 1.6.0_12) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macrome...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.c...Plus/1.6/gp.cab (Reg Error: Key error.) O18 - Protocol\Handler\cf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\4.0.255.0\npchrome_tab.dll (@COMPANY_FULLNAME@) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wpmsg {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-07-07 12:10:52 \| 00,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-07-30 15:43:17 \| 00,000,000 \| ---D \| M] - H:\Auto -- [ NTFS ] O33 - MountPoints2\{d0bccec0-7aca-11dd-b46b-0017318c1228}\Shell\AutoRun\command - "" = K:\hx.exe -- File not found O33 - MountPoints2\{d0bccec0-7aca-11dd-b46b-0017318c1228}\Shell\open\Command - "" = K:\hx.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: () - File not found O35 - comfile [open] -- "%1" % File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [2009-11-28 12:49:02 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\gombrowicz_witold_–_ferdydurke.rtf [2009-11-28 02:33:02 \| 00,000,000 \| RH-D \| C] -- C:\Documents and Settings\Administrator\Recent [2009-11-25 21:02:12 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Zagadnienia [2009-11-25 17:16:40 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\angielski [2009-11-24 17:26:21 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Updater [2009-11-24 17:19:21 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Nowy folder (3) [2009-11-23 01:51:55 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Nowy folder (2) [2009-11-19 17:39:19 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Testy makro [2009-11-16 21:04:06 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Zeszyt od historii technikum [2009-11-16 00:25:03 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft SQL Server [2009-11-16 00:24:14 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Visual Studio 2008 [2009-11-16 00:24:04 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2009-11-16 00:20:20 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Visual Studio 9.0 [2009-11-16 00:20:20 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Merge Modules [2009-11-16 00:20:19 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2009-11-16 00:19:11 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft SDKs [2009-11-16 00:16:26 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\SxsCaPendDel [2009-11-16 00:05:56 \| 00,000,000 \| -HSD \| C] -- C:\Config.Msi [2009-11-14 16:58:46 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Silverlight [2009-11-11 14:24:23 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Panda Security [2009-11-11 14:20:51 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2009-11-08 20:38:07 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Wojna [2009-11-07 18:21:15 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Blue-Guilty-2003-ApoLLo_INT [2009-11-07 12:35:11 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\prezentacja [2009-11-05 23:24:13 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Jason Walker [2009-11-05 19:16:37 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\codeblocks [2009-11-05 18:00:41 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Tracing [2009-11-03 20:38:41 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\.designer [2009-11-03 16:39:15 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nokia [2009-11-03 16:38:46 \| 00,000,000 \| ---D \| C] -- C:\Qt [2009-11-01 13:04:59 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty\My Virtual Machines [2009-10-30 16:18:03 \| 00,365,824 \| ---- \| C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PSUNCpl.cpl [2009-10-30 16:18:01 \| 00,146,952 \| ---- \| C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PSINAflt.sys [2002-04-11 02:41:06 \| 00,065,536 \| R--- \| C] ( ) -- C:\WINDOWS\System32\A3d.dll [4 C:\WINDOWS\System32\.tmp files C:\WINDOWS\System32\.tmp ] [3 C:\WINDOWS\.tmp files C:\WINDOWS\.tmp ] [3 C:\Documents and Settings\Administrator\Pulpit\.tmp files C:\Documents and Settings\Administrator\Pulpit\.tmp ] [1 C:\Documents and Settings\Administrator\.tmp files C:\Documents and Settings\Administrator\.tmp ] ========== Files - Modified Within 30 Days ========== [2009-11-28 12:20:19 \| 00,253,748 \| ---- \| M] () -- C:\WINDOWS\System32\NvApps.xml [2009-11-28 12:20:07 \| 00,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2009-11-28 02:33:11 \| 05,242,880 \| -H-- \| M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2009-11-28 01:39:13 \| 00,021,504 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-26 18:06:17 \| 04,988,096 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\Chrola & Szurpik-Bielyje rozy.mp3 [2009-11-25 14:46:30 \| 00,002,184 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-23 18:56:41 \| 00,091,545 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\konsultacje.pdf [2009-11-21 17:12:18 \| 03,540,563 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\sandra%20-%20everlasting%20love[1].mp3 [2009-11-19 18:54:45 \| 00,015,838 \| ---- \| M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2009-11-19 09:53:39 \| 00,443,793 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\regulamin.pdf [2009-11-18 18:02:44 \| 00,340,539 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\regulamin_rekrutacji_pokl.pdf [2009-11-18 01:29:44 \| 00,000,624 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\Spis filmów.lnk [2009-11-16 22:26:00 \| 00,029,696 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\Hista Matii.doc [2009-11-16 12:27:11 \| 00,195,368 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-11-16 02:16:42 \| 00,050,288 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-11-16 00:15:37 \| 01,065,376 \| ---- \| M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-11-16 00:15:37 \| 00,498,918 \| ---- \| M] () -- C:\WINDOWS\System32\perfh015.dat [2009-11-16 00:15:37 \| 00,439,288 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2009-11-16 00:15:37 \| 00,087,740 \| ---- \| M] () -- C:\WINDOWS\System32\perfc015.dat [2009-11-16 00:15:37 \| 00,070,464 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2009-11-13 20:06:19 \| 00,000,049 \| ---- \| M] () -- C:\WINDOWS\NeroDigital.ini [2009-11-11 14:21:02 \| 00,000,264 \| ---- \| M] () -- C:\WINDOWS\System32\PSUNCpl.dat [2009-11-08 19:57:50 \| 03,550,938 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\Neat_Image_Pro__v5.8_crack.rar [2009-11-03 20:38:24 \| 00,000,144 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\test.cpp [2009-11-03 12:29:56 \| 00,064,337 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\Harmonogram_ZSE_Kielce_dla_Grupy_2.pdf [2009-11-02 08:22:24 \| 00,001,032 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5b8d3974915c.job [2009-10-30 16:18:03 \| 00,365,824 \| ---- \| M] (Panda Security, S.L.) -- C:\WINDOWS\System32\PSUNCpl.cpl [2009-10-30 16:18:01 \| 00,146,952 \| ---- \| M] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PSINAflt.sys [4 C:\WINDOWS\System32\.tmp files C:\WINDOWS\System32\.tmp ] [3 C:\WINDOWS\.tmp files C:\WINDOWS\.tmp ] [3 C:\Documents and Settings\Administrator\Pulpit\.tmp files C:\Documents and Settings\Administrator\Pulpit\.tmp ] [1 C:\Documents and Settings\Administrator\.tmp files C:\Documents and Settings\Administrator\.tmp ] ========== Files Created - No Company Name ========== [2009-11-26 18:05:45 \| 04,988,096 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\Chrola & Szurpik-Bielyje rozy.mp3 [2009-11-23 18:56:38 \| 00,091,545 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\konsultacje.pdf [2009-11-21 17:13:01 \| 03,540,563 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\sandra%20-%20everlasting%20love[1].mp3 [2009-11-19 18:54:45 \| 00,015,838 \| ---- \| C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2009-11-18 18:02:36 \| 00,340,539 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\regulamin_rekrutacji_pokl.pdf [2009-11-18 18:00:20 \| 00,443,793 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\regulamin.pdf [2009-11-18 01:29:44 \| 00,000,624 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\Spis filmów.lnk [2009-11-16 20:57:10 \| 00,029,696 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\Hista Matii.doc [2009-11-11 14:21:02 \| 00,000,264 \| ---- \| C] () -- C:\WINDOWS\System32\PSUNCpl.dat [2009-11-08 19:56:04 \| 03,550,938 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\Neat_Image_Pro__v5.8_crack.rar [2009-11-03 20:36:19 \| 00,000,144 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\test.cpp [2009-11-02 08:22:24 \| 00,001,032 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5b8d3974915c.job [2009-09-19 16:08:03 \| 00,819,200 \| ---- \| C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-09-19 16:08:03 \| 00,180,224 \| ---- \| C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-06-13 16:04:28 \| 00,000,079 \| ---- \| C] () -- C:\WINDOWS\winDecrypt.INI [2009-06-13 15:54:54 \| 00,000,119 \| ---- \| C] () -- C:\WINDOWS\ConverterCore.INI [2009-06-13 15:51:49 \| 00,021,240 \| ---- \| C] () -- C:\WINDOWS\System32\solidlocalmon.dll [2009-06-13 15:51:49 \| 00,013,560 \| ---- \| C] () -- C:\WINDOWS\System32\solidlocalui.dll [2009-05-18 22:10:41 \| 00,000,000 \| ---- \| C] () -- C:\WINDOWS\Route.INI [2009-02-04 15:16:17 \| 00,085,504 \| ---- \| C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-02-04 15:16:17 \| 00,000,547 \| ---- \| C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-02-02 20:22:39 \| 00,000,067 \| ---- \| C] () -- C:\WINDOWS\DVDRegionFree.INI [2009-02-02 20:16:40 \| 00,000,085 \| -HS- \| C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2008-11-15 20:45:08 \| 00,000,771 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\coreavc.ini [2008-11-07 20:29:25 \| 00,000,023 \| ---- \| C] () -- C:\WINDOWS\BlendSettings.ini [2008-10-11 13:54:17 \| 00,000,279 \| ---- \| C] () -- C:\WINDOWS\game.ini [2008-09-27 10:50:09 \| 00,002,528 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc [2008-07-31 10:51:22 \| 00,000,138 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-07-26 12:27:36 \| 00,000,421 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2008-07-10 12:06:18 \| 00,000,462 \| ---- \| C] () -- C:\WINDOWS\BRWMARK.INI [2008-07-10 12:06:18 \| 00,000,027 \| ---- \| C] () -- C:\WINDOWS\BRPP2KA.INI [2008-07-10 12:06:17 \| 00,000,030 \| ---- \| C] () -- C:\WINDOWS\System32\brss01a.ini [2008-07-10 12:03:24 \| 00,106,496 \| ---- \| C] () -- C:\WINDOWS\System32\BrMuSNMP.dll [2008-07-10 12:00:20 \| 00,027,019 \| ---- \| C] () -- C:\WINDOWS\maxlink.ini [2008-07-08 18:16:30 \| 00,009,728 \| ---- \| C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008-07-08 18:14:15 \| 00,717,296 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-07-07 16:21:39 \| 00,000,049 \| ---- \| C] () -- C:\WINDOWS\NeroDigital.ini [2008-07-07 16:21:38 \| 00,021,504 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-07-07 12:41:25 \| 00,005,627 \| R--- \| C] () -- C:\WINDOWS\System32\Ludap17.ini [2008-07-07 12:41:25 \| 00,000,039 \| R--- \| C] () -- C:\WINDOWS\System32\ctzapxx.ini [2008-07-07 12:17:15 \| 00,018,239 \| ---- \| C] () -- C:\WINDOWS\Ascd_tmp.ini [2008-07-07 12:17:14 \| 00,005,810 \| R--- \| C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008-07-07 12:17:11 \| 00,005,824 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005-05-03 12:38:42 \| 00,064,512 \| R--- \| C] () -- C:\WINDOWS\System32\P17.dll [2004-07-17 12:36:38 \| 00,027,440 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-10-02 11:48:18 \| 00,053,248 \| R--- \| C] () -- C:\WINDOWS\System32\P17CPI.dll [2002-03-04 09:16:34 \| 00,110,592 \| R--- \| C] () -- C:\WINDOWS\System32\Jpeg32.dll < End of report > ========================================================== ========================================================== OTL zrobił jeszcze Extras.Txt: OTL Extras logfile created on: 2009-11-28 13:51:41 - Run 1 OTL by OldTimer - Version 3.1.11.1 Folder = H:\Instalki Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000415 \| Country: Polska \| Language: PLK \| Date Format: yyyy-MM-dd 1,50 Gb Total Physical Memory \| 1,01 Gb Available Physical Memory \| 67,64% Memory free 3,35 Gb Paging File \| 2,99 Gb Available in Paging File \| 89,22% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 20,00 Gb Total Space \| 5,30 Gb Free Space \| 26,52% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: \| 120,00 Gb Total Space \| 29,85 Gb Free Space \| 24,88% Space Free \| Partition Type: NTFS Drive G: \| 30,01 Gb Total Space \| 2,72 Gb Free Space \| 9,07% Space Free \| Partition Type: NTFS Drive H: \| 62,88 Gb Total Space \| 0,72 Gb Free Space \| 1,14% Space Free \| Partition Type: NTFS I: Drive not present or media not loaded Computer Name: TOMEK Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1 .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" File not found ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP::Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP::Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP::Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP::Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ""SubEdit-Player"" = "SubEdit-Player" "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "{0D0DF551-7546-4682-A18E-B5716C211209}" = PowerArchiver 2007 Polish "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy "{1F126EDC-DA29-4D5B-80DF-735252475FEE}" = Pro Evolution Soccer 2010 DEMO "{236BB7C4-4419-42FD-0415-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0 "{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{C98BBC25-490C-4F3F-81D8-5D12C11732DF}" = Panda Cloud Antivirus "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU "{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0 "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "AC3Filter_is1" = AC3Filter 1.62b "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0415-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Applian FLV Player2.0.24" = Applian FLV Player "CDex" = CDex extraction audio "CloneDVD2" = CloneDVD2 "dBpoweramp Music Converter" = dBpoweramp Music Converter "dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec "DVD Shrink_is1" = DVD Shrink 3.2 "ffdshow_is1" = ffdshow [rev 3029] [2009-07-10] "Foxit Reader" = Foxit Reader "Gadu-Gadu" = Gadu-Gadu 7.7 "Google Chrome Frame" = Google Chrome Frame "HaaliMkx" = Haali Media Splitter "HijackThis" = HijackThis 2.0.2 "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 "Mapa Polski 2001" = Mapa Polski 2001 "Maxthon2" = Maxthon2 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU "MoorHunt_is1" = MoorHunt 0.6.1.0 "Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15) "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "Nero - Burning Rom!UninstallKey" = Nero 6 "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Panda Cloud Antivirus" = Panda Cloud Antivirus "Peer2Mail" = Peer2Mail (remove only) "PhotomatixPro3Betax32_is1" = Photomatix Pro version 3.2 "RealAlt_is1" = Real Alternative 1.51 Lite "Spik" = Spik "The KMPlayer" = The KMPlayer (remove only) "WIC" = Windows Imaging Component "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.7 "WinRAR archiver" = Archiwizator WinRAR "x2VCD" = Super DVD Ripper (remove only) "xp-AntiSpy" = xp-AntiSpy 3.96-8 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "Xvid_is1" = Xvid 1.2.2 final uninstall ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "OpenP2M for Java 1.6" = OpenP2M for Java 1.6 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2008-10-16 09:51:58 \| Computer Name = KOMPUTER \| Source = MsiInstaller \| ID = 11606 Description = Product: Java(TM) 6 Update 7 -- Error 1606.Could not access network location http://javadl.sun.com/web...6/ja160000.cab. Error - 2009-09-25 17:21:49 \| Computer Name = TOMEK \| Source = Google Update \| ID = 20 Description = Error - 2009-09-25 17:34:48 \| Computer Name = TOMEK \| Source = Google Update \| ID = 20 Description = Error - 2009-10-14 14:21:55 \| Computer Name = TOMEK \| Source = Google Update \| ID = 20 Description = Error - 2009-10-29 10:47:09 \| Computer Name = TOMEK \| Source = Google Update \| ID = 20 Description = Error - 2009-10-29 16:47:08 \| Computer Name = TOMEK \| Source = Google Update \| ID = 20 Description = Error - 2009-10-31 10:46:28 \| Computer Name = TOMEK \| Source = Google Update \| ID = 20 Description = Error - 2009-11-13 11:18:32 \| Computer Name = TOMEK \| Source = Google Update \| ID = 20 Description = Error - 2009-11-15 19:06:39 \| Computer Name = TOMEK \| Source = MsiInstaller \| ID = 10005 Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Wystąpił problem z tym pakietem Instalatora Windows. Więcej informacji można znaleźć w dzienniku instalacji. Error - 2009-11-25 14:54:37 \| Computer Name = TOMEK \| Source = Google Update \| ID = 20 Description = [ System Events ] Error - 2009-11-27 13:35:39 \| Computer Name = TOMEK \| Source = SideBySide \| ID = 16842784 Description = Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT; ostatni błąd: Odnośny zestaw nie jest zainstalowany w tym systemie. Error - 2009-11-27 13:35:39 \| Computer Name = TOMEK \| Source = SideBySide \| ID = 16842811 Description = Resolve Partial Assembly nie powiodło się dla Microsoft.VC80.CRT. Odpowiedni komunikat o błędzie: Odnośny zestaw nie jest zainstalowany w tym systemie. . Error - 2009-11-27 13:35:39 \| Computer Name = TOMEK \| Source = SideBySide \| ID = 16842811 Description = Generate Activation Context nie powiodło się dla C:\Program Files\Spik\sms\sms_plus.dll. Odpowiedni komunikat o błędzie: Operacja ukończona pomyślnie. . Error - 2009-11-27 15:24:44 \| Computer Name = TOMEK \| Source = Service Control Manager \| ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: nvport Error - 2009-11-27 15:24:45 \| Computer Name = TOMEK \| Source = Service Control Manager \| ID = 7034 Description = Usługa MySql niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2009-11-28 07:20:46 \| Computer Name = TOMEK \| Source = Service Control Manager \| ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: nvport Error - 2009-11-28 07:20:46 \| Computer Name = TOMEK \| Source = Service Control Manager \| ID = 7034 Description = Usługa MySql niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2009-11-28 08:04:01 \| Computer Name = TOMEK \| Source = SideBySide \| ID = 16842784 Description = Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT; ostatni błąd: Odnośny zestaw nie jest zainstalowany w tym systemie. Error - 2009-11-28 08:04:01 \| Computer Name = TOMEK \| Source = SideBySide \| ID = 16842811 Description = Resolve Partial Assembly nie powiodło się dla Microsoft.VC80.CRT. Odpowiedni komunikat o błędzie: Odnośny zestaw nie jest zainstalowany w tym systemie. . Error - 2009-11-28 08:04:01 \| Computer Name = TOMEK \| Source = SideBySide \| ID = 16842811 Description = Generate Activation Context nie powiodło się dla C:\Program Files\Spik\sms\sms_plus.dll. Odpowiedni komunikat o błędzie: Operacja ukończona pomyślnie. . < End of report > ========================================================== ========================================================== Z tej stronki: Nazwa pliku: sfc_os.dll Stan: Skanowanie zakończone. 10 z 21 skanerów zgłaszają wirusy. ========================================================== ========================================================== W GMER'ze zaznaczyłem wszystkie partycje i kliknąłem Start, nie wiem ile proces trwał, bo odszedłem od kompa po pięciu minutach, w każdym razie po godzinie zastałem system całkiem zawieszony, nawet na CTRL+ALT+DEL nie było reakcji. Po za GMER'em w tym czasie była otwarta tylko przeglądarka w tle z zaufanymi stronami, więc to jego uznaję za winowajcę. W logach praktycznie nic nie ma. Uruchom OTL w oknie Custom Scans/Fixes wklej: :OTL PRC - [2007-07-13 23:42:04 \| 00,974,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O33 - MountPoints2\{d0bccec0-7aca-11dd-b46b-0017318c1228}\Shell\AutoRun\command - "" = K:\hx.exe -- File not found O33 - MountPoints2\{d0bccec0-7aca-11dd-b46b-0017318c1228}\Shell\open\Command - "" = K:\hx.exe -- File not found :Commands [emptytemp] [start explorer] Klikasz Run Fix. Po wykonaniu w OTL kliknij CleanUp. A plik do podmiany (jest to plik systemowy, więc nie można go usunąć). Pobierz czystą kopię stąd http://hotfile.com/dl/189...sfc_os.dll.html i umieść bezpośrednio na dysku C. Następnie podmień go za pomocą Replacera http://www.searchengines.pl/Replacer-t89288.html do lokalizacji C:\Windows\system32\sfc_os.dll Nazwa pliku: sfc_os.dll Stan: Skanowanie zakończone. 0 z 21 skanerów zgłaszają wirusy. Coś dziwnego się stało. Miałem GMER'a i OTL na dysku i wcięło je Skoro plik podmieniony to powinno być ok. Coś dziwnego się stało. Miałem GMER'a i OTL na dysku i wcięło je Nic się dziwnego nie stało, po kliknięciu CleanUp zostają usunięte wszelkie narzędzia typu OTL, GMER, Combofix, Avenger itp. Nic się dziwnego nie stało, po kliknięciu CleanUp zostają usunięte wszelkie narzędzia typu OTL, GMER, Combofix, Avenger itp. A to spoko Nie wiedziałem że tak to działa... A właśnie skoro problem już rozwiązany to pozwole sobie na offtopic edukacyjny. @Blade@ zauważyłem że często radzisz wyłączyć i włączyć przywracanie systemu. Dlaczego? Czemu to ma służyć? Pytam z ciekawości. Dlatego, że często w folderach przywracania znajdują się kopie szkodników. Wyłączenie przywracania systemu opróżnia te foldery. I to cała filozofia zanotowane.pl doc.pisz.pl pdf.pisz.pl mandragora32.opx.pl ďťż

Wszelkie Prawa ZastrzeĹźone! chomiki Design by SZABLONY.maniak.pl.

Darmowy hosting zapewnia PRV.PL

chomiki