Wyskakujące strony pornograficzne, niechciane reklamy.

przez daniel1992 » 12.12.2009 (So) 17:25

Mam problem od jakiegoś czasu wyskakują mi niechciane strony internetowe przy uruchomieniu Mozilli, obok strony startowej ładuje się strona www.byteseeker.com, podczas przeglądania stron wyskakują mi rożne reklamy, strony pornograficzne. AVG Anti Virus, NOD32 nie wykrywają nic, potrzebuje pomocy.

Wklejam log z hijackthis:

Kod: Zaznacz cały: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:21:41, on 2009-12-12 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\RUNDLL32.EXE E:\WINDOWS\RTHDCPL.EXE E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe E:\Documents and Settings\Daniel\Pulpit\CS\GammaAdjuster.exe E:\Program Files\VDOTool\TBPanel.exe D:\steam\steam.exe E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe E:\Program Files\EslWire\wire.exe E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe E:\Program Files\Java\jre6\bin\jqs.exe E:\WINDOWS\system32\nvsvc32.exe E:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\QuestService\questservice.exe E:\WINDOWS\system32\wbem\wmiapsrv.exe E:\Program Files\Mozilla Firefox\firefox.exe C:\Nowe Gadu-Gadu\gg.exe C:\Nowe Gadu-Gadu\spellchecker_gg.exe E:\WINDOWS\system32\NOTEPAD.EXE E:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = WindowZ IE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: (no name) - *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file) R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - E:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing) O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - E:\Program Files\BearShareTb\BearShareDx.dll O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - E:\Program Files\Automated Content Enhancer\4.1.0.5050\ACEIEAddOn.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: CommandBar.CtrlMHook - {3f1ab67e-12aa-352e-b4e0-a5f1810b60dd} - mscoree.dll (file missing) O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - E:\Program Files\Customized Platform Advancer\3.1.0.1540\CPAIEAddOn.dll O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - E:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - E:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing) O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - E:\Program Files\Content Management Wizard\1.1.0.1820\CMWIE.dll O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - E:\Program Files\Textual Content Provider\1.1.0.1380\TCPIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - E:\Program Files\Web Search Operator\3.1.0.1800\wso.dll O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - E:\WINDOWS\system32\FindeXer.dll O3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing) O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing) O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing) O3 - Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - (no file) O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - E:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - E:\Program Files\BearShareTb\BearShareDx.dll O3 - Toolbar: Gameztar Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - E:\Program Files\Gameztar Toolbar\2.1.1.5200\mvb0.dll (file missing) O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG8_TRAY] E:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Internet Today Task] "E:\Program Files\Internet Today\1.1.0.1090\InternetToday.exe" O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [GammaAdjuster] E:\Documents and Settings\Daniel\Pulpit\CS\GammaAdjuster.exe O4 - HKCU\..\Run: [TBPanel] E:\Program Files\VDOTool\TBPanel.exe /A O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Octoshape Streaming Services] "E:\Documents and Settings\Daniel\Dane aplikacji\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [ESL Wire] "E:\Program Files\EslWire\wire.exe" --tray O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - S-1-5-18 Startup: Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: z.cmd (User 'SYSTEM') O4 - .DEFAULT Startup: Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (User 'Default user') O4 - .DEFAULT Startup: z.cmd (User 'Default user') O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O13 - Gopher Prefix: O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG8\avgpp.dll (file missing) O20 - AppInit_DLLs: prio.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - E:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing) O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing) O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: QuestService Service - Unknown owner - E:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe -- End of file - 9788 bytes

przez Leon$ » 12.12.2009 (So) 17:37

Zastosuj Malwarebytes' Anti-Malware http://cybertrash.pl/Tata/MBAM/Malwarebytes_%20Anti-Malware.html pełny skan - jak coś znajdzie to usuń zaznaczone - pokaż log

Pobierz OTListIt2: http://www.searchengines.pl/index.php?s ... =392369&#2 przeskanuj daj log OTListIT.txt oraz Extras.txt.

przez daniel1992 » 12.12.2009 (So) 18:22

SKAN Z MALWAREBYTES:

Kod: Zaznacz cały: Malwarebytes' Anti-Malware 1.42 Wersja bazy definicji: 3349 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2009-12-12 17:21:38 mbam-log-2009-12-12 (17-21-37).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|) Przeskanowane obiekty: 141814 Upłynęło: 8 minute(s), 59 second(s) Zainfekowane procesy w pamięci: 2 Zainfekowane moduły pamięci: 7 Zainfekowane klucze rejestru: 69 Zainfekowane wartości rejestru: 6 Zainfekowane pliki rejestru: 3 Zainfekowane foldery: 35 Zainfekowane pliki: 82 Zainfekowane procesy w pamięci: E:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe (Adware.DoubleD) -> Unloaded process successfully. E:\Program Files\QuestService\questservice.exe (Adware.DoubleD) -> Unloaded process successfully. Zainfekowane moduły pamięci: E:\Program Files\Web Search Operator\3.1.0.1800\WSOCommon.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Automated Content Enhancer\4.1.0.5050\ACECommon.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540\CPACommon.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\QuestService\questservice.dll (Adware.DoubleD) -> Delete on reboot. Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{f5b8c69c-9b45-4a6a-9380-df225c546ae7} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{629cd6c2-e4c5-4554-aeb8-12e4e2cd40ff} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{2a743834-05f4-4ed4-8a1c-41332b10ac0c} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1081d532-7de4-40bd-b912-388fa6b27c78} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{565dd573-549e-4da9-8cd7-6ae3df25339a} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\questservice (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QuestService Service (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet today task (Adware.Agent) -> Quarantined and deleted successfully. Zainfekowane pliki rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Zainfekowane foldery: E:\Program Files\MyGlobalSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. E:\Program Files\MyGlobalSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. E:\Program Files\MyGlobalSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. E:\Program Files\MyGlobalSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. E:\Program Files\Internet Today\1.1.0.1090 (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Temp\cmw\newSetup (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator (Adware.Agent) -> Delete on reboot. E:\Program Files\Web Search Operator\3.1.0.1800 (Adware.Agent) -> Delete on reboot. E:\Program Files\Web Search Operator\3.1.0.1800\Data (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\FF (Adware.Agent) -> Delete on reboot. E:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome (Adware.Agent) -> Delete on reboot. E:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\FF\components (Adware.Agent) -> Delete on reboot. E:\Program Files\Textual Content Provider (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380 (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\data (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050 (Adware.Agent) -> Delete on reboot. E:\Program Files\Automated Content Enhancer\4.1.0.5050\Data (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF (Adware.Agent) -> Delete on reboot. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome (Adware.Agent) -> Delete on reboot. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components (Adware.Agent) -> Delete on reboot. E:\Program Files\Content Management Wizard\1.1.0.1820 (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540 (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540\Data (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\chrome (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\components (Adware.Agent) -> Delete on reboot. E:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully. E:\Documents and Settings\All Users\Dane aplikacji\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully. E:\Program Files\QuestService (Adware.DoubleD) -> Delete on reboot. Zainfekowane pliki: E:\Program Files\Content Management Wizard\1.1.0.1820\CMWIE.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\CPAIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\TCPIE.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\ACEIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully. E:\Program Files\QuestService\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\RECYCLER\S-1-5-21-2000478354-484061587-1801674531-1002\De6\2.1.1.5200\ProductInfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully. E:\WINDOWS\Temp\QUE1B.tmp\upgrade.exe (Adware.DoubleD) -> Quarantined and deleted successfully. E:\Program Files\MyGlobalSearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully. E:\Program Files\Internet Today\1.1.0.1090\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Internet Today\1.1.0.1090\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Internet Today\1.1.0.1090\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Internet Today\1.1.0.1090\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Internet Today\1.1.0.1090\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Internet Today\1.1.0.1090\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Internet Today\1.1.0.1090\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\WSOCommon.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Web Search Operator\3.1.0.1800\wsopx.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Delete on reboot. E:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Web Search Operator\3.1.0.1800\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\tcppx.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\data\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\data\TP_Config.mx (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\data\TP_Data.mx (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Textual Content Provider\1.1.0.1380\data\TP_DomainExcludeList.mx (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\ACECommon.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Automated Content Enhancer\4.1.0.5050\ACEIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\ACEIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\acepx.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Delete on reboot. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\cmwpx.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\config.mx (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\data.mx (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Content Management Wizard\1.1.0.1820\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\CPACommon.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540\CPAHelper.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\CPAIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\CPAIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Delete on reboot. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully. E:\Program Files\Customized Platform Advancer\3.1.0.1540\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully. E:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe (Adware.DoubleD) -> Quarantined and deleted successfully. E:\Program Files\QuestService\questservice.dll (Adware.DoubleD) -> Delete on reboot. E:\Program Files\QuestService\questservice.exe (Adware.DoubleD) -> Quarantined and deleted successfully. E:\Program Files\Mozilla Firefox\searchPlugins\questservice125.xml (Adware.DoubleD) -> Quarantined and deleted successfully. E:\Program Files\Mozilla Firefox\searchPlugins\questservice127.xml (Adware.DoubleD) -> Quarantined and deleted successfully. E:\Program Files\Mozilla Firefox\searchPlugins\questservice129.xml (Adware.DoubleD) -> Quarantined and deleted successfully.

przez Leon$ » 12.12.2009 (So) 18:28

a to

Pobierz OTListIt2: http://www.searchengines.pl/index.php?s ... =392369&#2 przeskanuj daj log OTListIT.txt oraz Extras.txt.

przez daniel1992 » 12.12.2009 (So) 18:30

OTL.txt

Kod: Zaznacz cały: OTL logfile created on: 2009-12-12 17:25:53 - Run 1 OTL by OldTimer - Version 3.1.16.0 Folder = E:\Documents and Settings\Daniel\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,51% Memory free 3,85 Gb Paging File | 3,42 Gb Available in Paging File | 88,81% Paging File free Paging file location(s): E:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files Drive C: | 6,82 Gb Total Space | 6,27 Gb Free Space | 91,94% Space Free | Partition Type: FAT32 Drive D: | 97,65 Gb Total Space | 89,48 Gb Free Space | 91,63% Space Free | Partition Type: NTFS Drive E: | 128,39 Gb Total Space | 119,45 Gb Free Space | 93,04% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: WINDOWZ Current User Name: Daniel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-12-12 17:12:49 | 00,538,112 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Daniel\Pulpit\OTL.exe PRC - [2009-12-06 00:14:16 | 00,908,248 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-12-03 16:14:00 | 01,394,000 | ---- | M] (Malwarebytes Corporation) -- E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2009-12-03 12:37:28 | 07,148,032 | ---- | M] (Turtle Entertainment GmbH) -- E:\Program Files\EslWire\wire.exe PRC - [2009-11-27 17:04:40 | 01,217,808 | ---- | M] (Valve Corporation) -- D:\steam\steam.exe PRC - [2009-09-29 13:03:46 | 00,735,960 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-09-29 13:02:52 | 02,054,360 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-08-30 14:25:37 | 00,191,488 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\CS\GammaAdjuster.exe PRC - [2009-07-25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-06-14 14:36:55 | 01,591,808 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe PRC - [2008-06-04 11:37:52 | 02,157,096 | ---- | M] (Palit Microsystems, Inc.) -- E:\Program Files\VDOTool\TBPANEL.exe PRC - [2008-05-03 04:16:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- E:\WINDOWS\system32\nvsvc32.exe PRC - [2007-08-20 08:38:02 | 16,384,512 | R--- | M] (Realtek Semiconductor Corp.) -- E:\WINDOWS\RTHDCPL.exe PRC - [2005-10-28 16:25:44 | 00,094,208 | ---- | M] (Nero AG) -- E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009-12-12 17:12:49 | 00,538,112 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Daniel\Pulpit\OTL.exe MOD - [2009-09-29 13:14:42 | 00,011,952 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET NOD32 Antivirus\eplgHooks.dll MOD - [2009-01-12 16:19:02 | 00,011,000 | ---- | M] (O&K Software) -- E:\Program Files\Prio\prio.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (avg8wd) SRV - File not found [Auto | Stopped] -- -- (avg8emc) SRV - [2009-09-29 13:11:10 | 00,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-09-29 13:03:46 | 00,735,960 | ---- | M] (ESET) [Auto | Running] -- E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009-07-25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- E:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-01-12 16:18:54 | 00,005,120 | ---- | M] () [Disabled | Stopped] -- E:\Program Files\Prio\prio_svc.exe -- (prio_svc) SRV - [2008-11-20 20:18:52 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2008-10-20 22:18:26 | 00,071,096 | ---- | M] () [On_Demand | Stopped] -- E:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008-05-03 04:16:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2007-11-14 21:46:00 | 00,131,072 | ---- | M] (Brio) [Disabled | Stopped] -- E:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-12-03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2009-12-03 11:17:48 | 00,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1) DRV - [2009-09-29 13:05:54 | 00,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2009-09-29 13:02:58 | 00,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-09-29 12:56:32 | 00,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- E:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-06-25 14:02:54 | 00,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Stopped] -- E:\WINDOWS\system32\drivers\si3112.sys -- (Si3112) DRV - [2008-08-20 18:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2008-05-03 04:16:00 | 06,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008-04-15 13:00:00 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-04-15 13:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008-04-15 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2007-09-20 12:07:40 | 00,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-09-20 12:07:38 | 00,053,632 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2007-08-28 09:55:10 | 04,609,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-07-07 08:13:10 | 00,012,032 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2007-03-16 10:11:38 | 00,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 10:11:38 | 00,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2001-12-19 11:45:00 | 00,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- E:\Program Files\System\CPL Bonus\vcdrom.sys -- (vcdrom) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.bearshare.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKCU\..\URLSearchHook: *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - E:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Gameztar Toolbar" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.16.1 FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.4 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0 FF - prefs.js..extensions.enabledItems: {F2DDDB92-1605-4260-9B25-45A4DAE87B50}:1.0 FF - prefs.js..keyword.URL: "http://search.avg.com/dispatcher.aspx?i=40&tp=ab&q=" FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: E:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2009-12-12 17:25:21 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2009-12-06 00:14:19 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: E:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-12-11 16:04:00 | 00,000,000 | ---D | M] [2009-10-25 12:04:17 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Extensions [2009-12-11 20:15:25 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions [2009-10-25 13:20:00 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-12-09 14:28:16 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-11-10 09:59:18 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} [2009-12-01 21:41:09 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\foxyproxy@eric.h.jung [2009-11-25 15:27:12 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\illimitux@illimitux.net [2009-10-25 13:20:04 | 00,000,681 | ---- | M] () -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\searchplugins\ask.xml [2009-07-18 00:02:48 | 00,002,476 | ---- | M] () -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\searchplugins\BearShareWebSearch.xml [2009-10-25 13:20:08 | 00,001,196 | ---- | M] () -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\searchplugins\winamp-search.xml [2009-12-11 20:15:25 | 00,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions [2009-12-05 14:31:46 | 00,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions\{F2DDDB92-1605-4260-9B25-45A4DAE87B50} [2009-10-14 23:51:28 | 00,120,296 | ---- | M] ( ) -- E:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2009-12-06 00:14:17 | 00,002,767 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-07-18 00:02:48 | 00,002,476 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml [2009-12-06 00:14:17 | 00,001,406 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-12-06 00:14:17 | 00,000,917 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-12-06 00:14:17 | 00,000,858 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-12-06 00:14:17 | 00,001,183 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-12-06 00:14:17 | 00,001,683 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - E:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - E:\Program Files\BearShareTb\BearShareDx.dll () O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG8\avgssie.dll File not found O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - E:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll () O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - E:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (Loader Class) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - E:\WINDOWS\system32\FindeXer.dll (A Part of the LessCliX Suite by Alianyn) O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - E:\Program Files\BearShareTb\BearShareDx.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - E:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found O3 - HKLM\..\Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - No CLSID value found. O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - E:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Alcmtr] E:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG8_TRAY] E:\PROGRA~1\AVG\AVG8\avgtray.exe File not found O4 - HKLM..\Run: [egui] E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [GammaAdjuster] E:\Documents and Settings\Daniel\Pulpit\CS\GammaAdjuster.exe () O4 - HKLM..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] E:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [Resume copy] E:\WINDOWS\copyfstq.exe () O4 - HKLM..\Run: [RTHDCPL] E:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [ESL Wire] E:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH) O4 - HKCU..\Run: [Octoshape Streaming Services] E:\Documents and Settings\Daniel\Dane aplikacji\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS) O4 - HKCU..\Run: [Steam] d:\steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [TBPanel] E:\Program Files\VDOTool\TBPanel.exe (Palit Microsystems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuEjectPC = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: Add to Google Photos Screensa&ver - E:\WINDOWS\System32\GPhotos.scr (Google Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG8\avgpp.dll File not found O20 - AppInit_DLLs: (prio.dll) - E:\Program Files\Prio\prio.dll (O&K Software) O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-10-25 11:36:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O33 - MountPoints2\{80cb06d0-cee7-11de-8c90-0021851970d8}\Shell - "" = AutoRun O33 - MountPoints2\{f900eaf2-c78f-11de-8c7e-0021851970d8}\Shell - "" = AutoRun O33 - MountPoints2\{f900eaf3-c78f-11de-8c7e-0021851970d8}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-12-12 17:22:47 | 00,000,000 | -HSD | C] -- E:\Documents and Settings\Daniel\Recent [2009-12-12 17:12:40 | 00,538,112 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Daniel\Pulpit\OTL.exe [2009-12-12 17:11:32 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Malwarebytes [2009-12-12 17:11:28 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-12-12 17:11:27 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys [2009-12-12 17:11:27 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2009-12-12 17:11:26 | 00,000,000 | ---D | C] -- E:\Program Files\Malwarebytes' Anti-Malware [2009-12-12 17:11:06 | 04,844,296 | ---- | C] (Malwarebytes Corporation ) -- E:\Documents and Settings\Daniel\Pulpit\mbam-setup.exe [2009-12-12 16:17:18 | 00,000,000 | ---D | C] -- E:\Program Files\Trend Micro [2009-12-12 14:05:47 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Pulpit\AEQ [2009-12-11 19:05:52 | 00,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-12-11 16:05:18 | 00,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2009-12-11 16:05:04 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\ESET [2009-12-11 16:03:59 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-12-09 21:34:19 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\WinAVI [2009-12-09 16:32:29 | 00,000,000 | --SD | M] -- E:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-12-09 16:32:29 | 00,000,000 | --SD | M] -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-12-09 16:32:29 | 00,000,000 | ---D | M] -- E:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2009-12-09 15:50:09 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Pulpit\blubVolley [2009-12-09 14:11:48 | 00,000,000 | ---D | C] -- E:\Program Files\ESET [2009-12-08 20:58:06 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Dev-Cpp [2009-12-07 19:00:41 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Pulpit\2-2 [2009-12-07 16:50:44 | 00,000,000 | ---D | C] -- E:\WINDOWS\System32\ReinstallBackups [2009-12-07 11:01:01 | 00,000,000 | ---D | C] -- E:\Program Files\2+2 v.2.1a [2009-12-07 10:44:20 | 00,000,000 | ---D | C] -- E:\WINDOWS\AM [2009-12-06 15:56:46 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Moje dokumenty\Pobieranie [2009-12-03 23:35:25 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\LOG [2009-12-03 22:35:02 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Moje dokumenty\ESL Match Media [2009-12-03 22:34:02 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\ESL Wire Game Client [2009-12-03 22:33:37 | 00,024,504 | ---- | C] (Turtle Entertainment GmbH) -- E:\WINDOWS\System32\drivers\ESLvnic.sys [2009-12-03 22:33:37 | 00,000,000 | ---D | C] -- E:\Program Files\EslWire [2009-12-03 22:33:37 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\ESL Wire [2009-11-30 16:28:53 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\.gstreamer-0.10 [2009-11-27 15:10:58 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider [2009-11-27 15:09:44 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer [2009-11-27 15:09:26 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer [2009-11-27 15:09:13 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Web Search Operator [2009-11-27 15:08:30 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Gameztar Toolbar [2009-11-21 22:09:53 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Ahead [2009-11-21 22:08:20 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Ahead [2009-11-21 22:07:33 | 00,000,000 | ---D | C] -- E:\Program Files\Nero [2009-11-21 22:07:33 | 00,000,000 | ---D | C] -- E:\Program Files\Common Files\Ahead [2009-11-17 17:57:36 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Pulpit\kultura [2009-11-15 22:03:45 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Tibia [2009-11-15 22:00:54 | 00,000,000 | ---D | C] -- E:\Program Files\TibiaCam TV Lite [2009-11-15 22:00:43 | 00,000,000 | ---D | C] -- E:\Program Files\Tibia [2009-11-15 19:28:39 | 00,000,000 | -HSD | C] -- E:\Documents and Settings\Daniel\IECompatCache [2 E:\Documents and Settings\Daniel\*.tmp files -> E:\Documents and Settings\Daniel\*.tmp -> ] [1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-12-12 17:23:41 | 00,182,129 | ---- | M] () -- E:\WINDOWS\System32\nvapps.xml [2009-12-12 17:23:39 | 00,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT [2009-12-12 17:23:38 | 00,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat [2009-12-12 17:22:53 | 04,456,448 | -H-- | M] () -- E:\Documents and Settings\Daniel\NTUSER.DAT [2009-12-12 17:22:53 | 00,000,188 | -HS- | M] () -- E:\Documents and Settings\Daniel\ntuser.ini [2009-12-12 17:12:49 | 00,538,112 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Daniel\Pulpit\OTL.exe [2009-12-12 17:11:31 | 00,000,714 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2009-12-12 17:11:17 | 04,844,296 | ---- | M] (Malwarebytes Corporation ) -- E:\Documents and Settings\Daniel\Pulpit\mbam-setup.exe [2009-12-12 16:38:29 | 00,003,186 | ---- | M] () -- E:\WINDOWS\System32\NOTEPAD.ini [2009-12-12 16:17:18 | 00,001,740 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\HijackThis.lnk [2009-12-11 13:50:02 | 00,002,184 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl [2009-12-10 15:46:43 | 00,212,300 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\wizulizacja.JPG [2009-12-09 23:34:38 | 00,000,622 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\AFIRMACJA.rtf [2009-12-07 20:01:13 | 00,003,251 | ---- | M] () -- E:\WINDOWS\System32\SpeedCrunch.ini [2009-12-07 16:50:29 | 00,000,649 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\ESL Wire.lnk [2009-12-07 13:15:48 | 01,578,952 | -H-- | M] () -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-12-04 14:15:10 | 00,000,989 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\tren [2009-12-04 14:14:29 | 00,000,754 | ---- | M] () -- E:\WINDOWS\WORDPAD.INI [2009-12-03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-12-03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys [2009-12-03 11:17:48 | 00,024,504 | ---- | M] (Turtle Entertainment GmbH) -- E:\WINDOWS\System32\drivers\ESLvnic.sys [2009-11-21 22:10:57 | 00,043,062 | ---- | M] () -- E:\Documents and Settings\Daniel\Moje dokumenty\UserImages.bmp [2009-11-21 22:08:32 | 00,002,363 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2009-11-21 22:08:32 | 00,002,271 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Nero Home.lnk [2009-11-16 20:55:59 | 00,645,967 | ---- | M] () -- E:\Documents and Settings\Daniel\Moje dokumenty\img001.jpg [2009-11-15 22:00:45 | 00,000,638 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Tibia.lnk [2009-11-15 19:29:28 | 00,000,045 | ---- | M] () -- E:\Program Files\Settings.ini [2 E:\Documents and Settings\Daniel\*.tmp files -> E:\Documents and Settings\Daniel\*.tmp -> ] [1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-12-12 17:11:31 | 00,000,714 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2009-12-12 16:17:18 | 00,001,740 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\HijackThis.lnk [2009-12-10 14:10:08 | 00,212,300 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\wizulizacja.JPG [2009-12-09 23:34:38 | 00,000,622 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\AFIRMACJA.rtf [2009-12-09 19:18:21 | 28,845,2884 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\Ziemi Niczyja - Powrót Szaleńca.rmvb [2009-12-09 19:10:51 | 32,111,2449 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\Cube 3 - Zero.rmvb [2009-12-09 19:10:39 | 38,593,4645 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\W Rytmie Hip-Hopu.rmvb [2009-12-09 19:10:19 | 36,104,1515 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\Cube 2 - Hipersześcian.rmvb [2009-12-04 14:14:19 | 00,000,754 | ---- | C] () -- E:\WINDOWS\WORDPAD.INI [2009-12-03 22:33:41 | 00,000,649 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\ESL Wire.lnk [2009-11-21 22:10:57 | 00,043,062 | ---- | C] () -- E:\Documents and Settings\Daniel\Moje dokumenty\UserImages.bmp [2009-11-21 22:08:32 | 00,002,363 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2009-11-21 22:08:32 | 00,002,271 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Nero Home.lnk [2009-11-16 20:55:53 | 00,645,967 | ---- | C] () -- E:\Documents and Settings\Daniel\Moje dokumenty\img001.jpg [2009-11-15 22:00:45 | 00,000,638 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Tibia.lnk [2009-11-15 19:29:28 | 00,000,045 | ---- | C] () -- E:\Program Files\Settings.ini [2009-11-15 13:40:29 | 00,003,251 | ---- | C] () -- E:\WINDOWS\System32\SpeedCrunch.ini [2009-11-10 01:36:56 | 00,076,407 | ---- | C] () -- E:\Documents and Settings\Daniel\Dane aplikacji\Smiley.ico [2009-10-27 16:06:39 | 00,000,097 | ---- | C] () -- E:\WINDOWS\System32\PICSDK.ini [2009-10-27 16:04:22 | 00,000,026 | ---- | C] () -- E:\WINDOWS\CDE DX4400DEFGIPS.ini [2009-10-25 12:44:21 | 00,003,186 | ---- | C] () -- E:\WINDOWS\System32\NOTEPAD.ini [2009-10-25 11:48:35 | 01,703,936 | ---- | C] () -- E:\WINDOWS\System32\nvwdmcpl.dll [2009-10-25 11:48:35 | 01,486,848 | ---- | C] () -- E:\WINDOWS\System32\nview.dll [2009-10-25 11:48:35 | 01,019,904 | ---- | C] () -- E:\WINDOWS\System32\nvwimg.dll [2009-10-25 11:48:35 | 00,466,944 | ---- | C] () -- E:\WINDOWS\System32\nvshell.dll [2009-10-25 11:48:35 | 00,286,720 | ---- | C] () -- E:\WINDOWS\System32\nvnt4cpl.dll [2009-10-25 11:43:38 | 00,000,026 | ---- | C] () -- E:\Documents and Settings\Daniel\Dane aplikacji\prio.ini [2009-10-25 11:39:36 | 00,013,339 | ---- | C] () -- E:\WINDOWS\System32\shConvert.dll [2009-10-25 11:39:36 | 00,013,312 | ---- | C] () -- E:\WINDOWS\System32\shpicgf.dll [2009-10-25 11:39:35 | 00,211,968 | ---- | C] () -- E:\WINDOWS\System32\Formats.dll [2009-10-25 11:39:34 | 00,040,448 | ---- | C] () -- E:\WINDOWS\System32\cdeject.dll [2009-10-25 11:39:30 | 00,348,160 | ---- | C] () -- E:\WINDOWS\labels.dll [2009-10-25 11:39:30 | 00,000,026 | ---- | C] () -- E:\WINDOWS\prio.ini [2009-10-25 11:38:57 | 00,001,958 | ---- | C] () -- E:\WINDOWS\uninstall.ini [2009-10-25 11:38:38 | 00,168,448 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll [2009-10-25 11:38:35 | 00,795,648 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll [2009-10-25 11:38:35 | 00,130,048 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll [2009-10-25 11:38:34 | 03,596,288 | ---- | C] () -- E:\WINDOWS\System32\qt-dx331.dll [2009-10-25 11:38:33 | 00,067,584 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll [2009-10-25 11:38:33 | 00,000,547 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll.manifest [2003-06-09 14:05:18 | 00,094,636 | ---- | C] () -- E:\WINDOWS\dropcpyr.dll < End of report >

Kod: Zaznacz cały: OTL Extras logfile created on: 2009-12-12 17:25:53 - Run 1 OTL by OldTimer - Version 3.1.16.0 Folder = E:\Documents and Settings\Daniel\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,51% Memory free 3,85 Gb Paging File | 3,42 Gb Available in Paging File | 88,81% Paging File free Paging file location(s): E:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files Drive C: | 6,82 Gb Total Space | 6,27 Gb Free Space | 91,94% Space Free | Partition Type: FAT32 Drive D: | 97,65 Gb Total Space | 89,48 Gb Free Space | 91,63% Space Free | Partition Type: NTFS Drive E: | 128,39 Gb Total Space | 119,45 Gb Free Space | 93,04% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: WINDOWZ Current User Name: Daniel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- E:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .inf [@ = inffile] -- E:\WINDOWS\System32\NOTEPAD.EXE () .ini [@ = inifile] -- E:\WINDOWS\System32\NOTEPAD.EXE () .txt [@ = txtfile] -- E:\WINDOWS\System32\NOTEPAD.EXE () [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () batfile [open] -- "%1" %* batfile [print] -- Reg Error: Key error. cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () cmdfile [open] -- "%1" %* cmdfile [print] -- Reg Error: Key error. comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () inifile [print] -- Reg Error: Key error. jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () regfile [merge] -- Reg Error: Key error. regfile [print] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () txtfile [print] -- Reg Error: Key error. txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" () vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [openNew] -- explorer %1 (Microsoft Corporation) Directory [StyleFolder] -- "E:\Program Files\StyleFolder\StyleFolder.exe" %1 (Xaviorsoft Studios) Directory [Winamp.Bookmark] -- "C:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "E:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 1 "AntiVirusDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM) "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{26A24AE4-039D-4CA4-87B4-2F83216011F0}" = Java(TM) 6 Update 11 "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85C70286-A56F-4834-BD24-B34EB76A93A2}" = ESET NOD32 Antivirus "{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9DC696F3-BEDF-4069-A18D-89B41BF89769}" = Command Prompt Explorer Bar "{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print "{BC85DD5F-1E88-4E38-B77F-0371DFD41045}" = Nero 7 Demo "{C93C7A4B-7DD9-4725-9993-4F032063926B}_is1" = VPX.PL Uploader 1.0 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1 "{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM) "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}" = Folder Size for Windows "2+2 v.2.1a" = 2+2 v.2.1a "AbiWord2" = AbiWord 2.6.8 "AbiwordToolsPlugins" = AbiWord Tools Plugins "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AIMP2" = AIMP2 "Ask Toolbar_is1" = Ask Toolbar "AVG8Uninstall" = AVG Free 8.5 "BearShare" = BearShare "bearsharetb" = MediaBar "BiL_j._angielski_DEMO_Polish" = Bolek i Lolek j. angielski "CCleaner" = CCleaner (remove only) "CPLBonus" = Kels' CPL Bonus Pack! "CX4300_5500_DX4400 Podręcznik" = CX4300_5500_DX4400 Podręcznik "Deep Space 3D Screensaver" = Deep Space 3D Screensaver "Defraggler" = Defraggler (remove only) "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Driver Magician_is1" = Driver Magician 3.42 "DriveSpace" = Drive Space Indicator "EPSON Printer and Utilities" = Oprogramowanie drukarki EPSON "EPSON Scanner" = EPSON Scan "ESET Online Scanner" = ESET Online Scanner v3 "ESL Wire_is1" = ESL Wire 1.2 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "HFSLIPTotalSlipstream" = HFSLIP Total Slipstream (v1.7.8, build 80614) "HijackThis" = HijackThis 2.0.2 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.7.5 "Koi Fish 3D Screensaver" = Koi Fish 3D Screensaver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mechanical Clock 3D Screensaver" = Mechanical Clock 3D Screensaver "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "mIRC" = mIRC "Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5) "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NVIDIA Drivers" = NVIDIA Drivers "Picasa 3" = Picasa 3 "Prio" = Prio v1.9.9.1732 "QuicktimeAlt_is1" = QuickTime Alternative 2.8.0 "RegCompact.NET" = RegCompact.NET 2.0 "StyleFolder_is1" = StyleFolder 1.0.3 "SwitchOff" = Switch Off "Tibia_is1" = Tibia "TibiaCam TV Lite_is1" = TibiaCam TV Lite 3.0 "Total Copy 1.1 NetHorror Edition" = Total Copy 1.1 NetHorror Edition "VDOTool_is1" = VDOTool 6.4 "VentriloMIX" = VentriloMIX "Visual Task Tips" = Visual Task Tips 3.4 "vjpeg" = VJPEG Image Viewer (remove) "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar "WinAVI Video Converter_is1" = WinAVI Video Converter "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Octoshape Streaming Services" = Uslugi streamingowe Octoshape "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2009-10-25 06:37:35 | Computer Name = WINDOWZ | Source = .NET Runtime Optimization Service | ID = 1111 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800736b1. Error - 2009-10-25 06:38:25 | Computer Name = WINDOWZ | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2009-12-03 17:33:51 | Computer Name = WINDOWZ | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wystąpił wewnętrzny błąd obsługi łańcucha certyfikatów. [ System Events ] Error - 2009-12-12 11:07:34 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183 Error - 2009-12-12 12:08:39 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi AVG Free8 WatchDog z powodu następującego błędu: %%3 Error - 2009-12-12 12:08:39 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7001 Description = Usługa AVG Free8 E-mail Scanner zależy od usługi AVG Free8 WatchDog, której nie można uruchomić z powodu następującego błędu: %%3 Error - 2009-12-12 12:08:39 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AvgLdx86 AvgMfx86 AvgTdiX Error - 2009-12-12 12:08:39 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183 Error - 2009-12-12 12:21:37 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7034 Description = Usługa QuestService Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2009-12-12 12:25:16 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi AVG Free8 WatchDog z powodu następującego błędu: %%3 Error - 2009-12-12 12:25:16 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7001 Description = Usługa AVG Free8 E-mail Scanner zależy od usługi AVG Free8 WatchDog, której nie można uruchomić z powodu następującego błędu: %%3 Error - 2009-12-12 12:25:16 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AvgLdx86 AvgMfx86 AvgTdiX Si3112 Error - 2009-12-12 12:25:16 | Computer Name = WINDOWZ | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183 < End of report >

przez Leon$ » 12.12.2009 (So) 18:51

OTL w oknie Custom Scans-Fixes wklej następujący skrypt:

:Processes
explorer.exe

:OTL
IE - HKCU\..\URLSearchHook: *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.selectedEngine: "Gameztar Toolbar"
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - E:\Program Files\BearShareTb\BearShareDx.dll ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - E:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - E:\Program Files\BearShareTb\BearShareDx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - E:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG8\avgpp.dll File not found

:Files
E:\Program Files\AskBarDis
E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer
E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer
E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Web Search Operator
E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Gameztar Toolbar

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

z logu wynika że usunąłeś AVG8 jeśli tak to do usuwania zastosuj unistalery antywirów http://www.hotfix.pl/articles.php?article_id=136

potem nowy scan i log OTL

przez daniel1992 » 12.12.2009 (So) 22:35

Kod: Zaznacz cały: All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== OTL ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found. Prefs.js: "Gameztar Toolbar" removed from browser.search.selectedEngine Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}\ deleted successfully. E:\Program Files\BearShareTb\BearShareDx.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. E:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully. E:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}\ not found. File E:\Program Files\BearShareTb\BearShareDx.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully. File E:\Program Files\AskBarDis\bar\bin\askBar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D2F8F919-690B-4EA2-9FA7-A203D1E04F75}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found. File E:\Program Files\AskBarDis\bar\bin\askBar.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully. File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG8\avgpp.dll File not found not found. ========== FILES ========== E:\Program Files\AskBarDis\bar\Settings folder moved successfully. E:\Program Files\AskBarDis\bar\History folder moved successfully. E:\Program Files\AskBarDis\bar\Cache folder moved successfully. E:\Program Files\AskBarDis\bar\bin folder moved successfully. E:\Program Files\AskBarDis\bar folder moved successfully. E:\Program Files\AskBarDis folder moved successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\3.1.0.1540 folder moved successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer folder moved successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5050 folder moved successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer folder moved successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Web Search Operator\3.1.0.1800 folder moved successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Web Search Operator folder moved successfully. E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Gameztar Toolbar folder moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 4009 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: All Users User: Daniel ->Temp folder emptied: 1324666518 bytes ->Temporary Internet Files folder emptied: 6784487 bytes ->Java cache emptied: 259788 bytes ->FireFox cache emptied: 77083733 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1364513 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 2596 bytes Windows Temp folder emptied: 740040 bytes RecycleBin emptied: 633586611 bytes Total Files Cleaned = 1949,87 mb OTL by OldTimer - Version 3.1.16.0 log created on 12122009_181127 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

przez Leon$ » 13.12.2009 (N) 12:53

Leon$ napisał(a):potem nowy scan i log OTL

przez daniel1992 » 13.12.2009 (N) 20:33

OTL logfile created on: 2009-12-13 19:33:09 - Run 2
OTL by OldTimer - Version 3.1.16.0 Folder = E:\Documents and Settings\Daniel\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 65,11% Memory free
3,85 Gb Paging File | 3,32 Gb Available in Paging File | 86,24% Paging File free
Paging file location(s): E:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 6,82 Gb Total Space | 6,27 Gb Free Space | 91,94% Space Free | Partition Type: FAT32
Drive D: | 97,65 Gb Total Space | 88,99 Gb Free Space | 91,13% Space Free | Partition Type: NTFS
Drive E: | 128,39 Gb Total Space | 120,93 Gb Free Space | 94,19% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WINDOWZ
Current User Name: Daniel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-12-12 21:34:11 | 00,538,112 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Daniel\Pulpit\OTL.exe
PRC - [2009-12-06 00:14:16 | 00,908,248 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-03 12:37:28 | 07,148,032 | ---- | M] (Turtle Entertainment GmbH) -- E:\Program Files\EslWire\wire.exe
PRC - [2009-11-27 17:04:40 | 01,217,808 | ---- | M] (Valve Corporation) -- D:\steam\steam.exe
PRC - [2009-09-29 13:03:46 | 00,735,960 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-09-29 13:02:52 | 02,054,360 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-08-31 17:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Nowe Gadu-Gadu\gg.exe
PRC - [2009-08-31 15:56:26 | 00,077,824 | ---- | M] () -- C:\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-08-30 14:25:37 | 00,191,488 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\CS\GammaAdjuster.exe
PRC - [2009-07-25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-06-14 14:37:48 | 00,744,448 | ---- | M] () -- E:\WINDOWS\NOTEPAD.EXE
PRC - [2009-06-14 14:36:55 | 01,591,808 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe
PRC - [2009-05-01 03:57:20 | 00,355,840 | ---- | M] (Microsoft Corporation) -- E:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2008-06-04 11:37:52 | 02,157,096 | ---- | M] (Palit Microsystems, Inc.) -- E:\Program Files\VDOTool\TBPANEL.exe
PRC - [2008-05-03 04:16:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- E:\WINDOWS\system32\nvsvc32.exe
PRC - [2007-08-20 08:38:02 | 16,384,512 | R--- | M] (Realtek Semiconductor Corp.) -- E:\WINDOWS\RTHDCPL.exe
PRC - [2005-10-28 16:25:44 | 00,094,208 | ---- | M] (Nero AG) -- E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2003-12-22 16:36:14 | 00,581,632 | ---- | M] () -- C:\Program Files\VentriloMIX\Ventrilo 2.1.4.exe

========== Modules (SafeList) ==========

MOD - [2009-12-12 21:34:11 | 00,538,112 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Daniel\Pulpit\OTL.exe
MOD - [2009-09-29 13:14:42 | 00,011,952 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET NOD32 Antivirus\eplgHooks.dll
MOD - [2009-01-12 16:19:02 | 00,011,000 | ---- | M] (O&K Software) -- E:\Program Files\Prio\prio.dll
MOD - [2008-04-15 13:00:00 | 00,019,968 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\linkinfo.dll

========== Win32 Services (SafeList) ==========

SRV - [2009-09-29 13:11:10 | 00,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-09-29 13:03:46 | 00,735,960 | ---- | M] (ESET) [Auto | Running] -- E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-07-25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- E:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-01-12 16:18:54 | 00,005,120 | ---- | M] () [Disabled | Stopped] -- E:\Program Files\Prio\prio_svc.exe -- (prio_svc)
SRV - [2008-11-20 20:18:52 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008-10-20 22:18:26 | 00,071,096 | ---- | M] () [On_Demand | Stopped] -- E:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008-05-03 04:16:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2007-11-14 21:46:00 | 00,131,072 | ---- | M] (Brio) [Disabled | Stopped] -- E:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)

========== Driver Services (SafeList) ==========

DRV - [2009-12-03 11:17:48 | 00,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1)
DRV - [2009-09-29 13:05:54 | 00,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-09-29 13:02:58 | 00,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-09-29 12:56:32 | 00,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- E:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-06-25 14:02:54 | 00,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- E:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)
DRV - [2008-08-20 18:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-05-03 04:16:00 | 06,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-04-15 13:00:00 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-04-15 13:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-15 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2008-03-26 15:56:00 | 00,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008-03-26 15:55:00 | 00,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008-03-26 15:55:00 | 00,012,800 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007-09-20 12:07:40 | 00,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007-09-20 12:07:38 | 00,053,632 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007-08-28 09:55:10 | 04,609,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-07-07 08:13:10 | 00,012,032 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007-03-16 10:11:38 | 00,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 10:11:38 | 00,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2001-12-19 11:45:00 | 00,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- E:\Program Files\System\CPL Bonus\vcdrom.sys -- (vcdrom)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.bearshare.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.2
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.16.1
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js..extensions.enabledItems: {F2DDDB92-1605-4260-9B25-45A4DAE87B50}:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..keyword.URL: "http://search.avg.com/dispatcher.aspx?i=40&tp=ab&q="

FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: E:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2009-12-12 17:25:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2009-12-06 00:14:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: E:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-12-11 16:04:00 | 00,000,000 | ---D | M]

[2009-10-25 12:04:17 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Extensions
[2009-12-13 19:23:18 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions
[2009-10-25 13:20:00 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-12-12 22:02:25 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-11-10 09:59:18 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009-12-01 21:41:09 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\foxyproxy@eric.h.jung
[2009-11-25 15:27:12 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\extensions\illimitux@illimitux.net
[2009-10-25 13:20:04 | 00,000,681 | ---- | M] () -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\searchplugins\ask.xml
[2009-07-18 00:02:48 | 00,002,476 | ---- | M] () -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\searchplugins\BearShareWebSearch.xml
[2009-10-25 13:20:08 | 00,001,196 | ---- | M] () -- E:\Documents and Settings\Daniel\Dane aplikacji\Mozilla\Firefox\Profiles\hr01l2t4.default\searchplugins\winamp-search.xml
[2009-12-13 19:31:45 | 00,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions
[2009-12-05 14:31:46 | 00,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions\{F2DDDB92-1605-4260-9B25-45A4DAE87B50}
[2009-10-14 23:51:28 | 00,120,296 | ---- | M] ( ) -- E:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2009-12-06 00:14:17 | 00,002,767 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-18 00:02:48 | 00,002,476 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2009-12-06 00:14:17 | 00,001,406 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-06 00:14:17 | 00,000,917 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-06 00:14:17 | 00,000,858 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-06 00:14:17 | 00,001,183 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-06 00:14:17 | 00,001,683 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Loader Class) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - E:\WINDOWS\system32\FindeXer.dll (A Part of the LessCliX Suite by Alianyn)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Alcmtr] E:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [egui] E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [GammaAdjuster] E:\Documents and Settings\Daniel\Pulpit\CS\GammaAdjuster.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] E:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Resume copy] E:\WINDOWS\copyfstq.exe ()
O4 - HKLM..\Run: [RTHDCPL] E:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ESL Wire] E:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
O4 - HKCU..\Run: [Octoshape Streaming Services] E:\Documents and Settings\Daniel\Dane aplikacji\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [Skype] E:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Steam] d:\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TBPanel] E:\Program Files\VDOTool\TBPanel.exe (Palit Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuEjectPC = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O8 - Extra context menu item: &Winamp Search - E:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - E:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (prio.dll) - E:\Program Files\Prio\prio.dll (O&K Software)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-10-25 11:36:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009-12-13 17:41:24 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\skypePM
[2009-12-13 17:37:27 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Skype
[2009-12-13 17:37:08 | 00,000,000 | ---D | C] -- E:\Program Files\Common Files\Skype
[2009-12-13 17:37:06 | 00,000,000 | R--D | C] -- E:\Program Files\Skype
[2009-12-13 17:37:03 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\Skype
[2009-12-13 12:16:51 | 00,000,000 | -HSD | C] -- E:\Documents and Settings\Daniel\Recent
[2009-12-13 10:13:42 | 00,000,000 | ---D | C] -- E:\WINDOWS\SoftwareDistribution
[2009-12-13 10:10:39 | 00,024,832 | ---- | C] (LG Electronics Inc.) -- E:\WINDOWS\System32\drivers\lgusbmodem.sys
[2009-12-13 10:10:38 | 00,019,840 | ---- | C] (LG Electronics Inc.) -- E:\WINDOWS\System32\drivers\lgusbdiag.sys
[2009-12-13 10:10:38 | 00,012,800 | ---- | C] (LG Electronics Inc.) -- E:\WINDOWS\System32\drivers\lgusbbus.sys
[2009-12-13 10:10:37 | 00,000,000 | ---D | C] -- E:\Program Files\LG Electronics
[2009-12-13 10:09:53 | 00,419,240 | ---- | C] (VideoSoft) -- E:\WINDOWS\System32\Vsflex7L.ocx
[2009-12-13 10:09:52 | 01,164,728 | ---- | C] (NuMedia Soft, Inc.) -- E:\WINDOWS\System32\NMSDVDXU.dll
[2009-12-13 10:09:52 | 00,630,784 | ---- | C] (ComponentOne) -- E:\WINDOWS\System32\vsflex8u.ocx
[2009-12-13 10:09:52 | 00,244,416 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\Msflxgrd.ocx
[2009-12-13 10:09:41 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\LG Electronics
[2009-12-13 10:09:40 | 00,000,000 | ---D | C] -- E:\Program Files\LG PC Suite II
[2009-12-12 21:34:21 | 00,538,112 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Daniel\Pulpit\OTL.exe
[2009-12-12 18:11:27 | 00,000,000 | ---D | C] -- E:\_OTL
[2009-12-12 17:11:32 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Malwarebytes
[2009-12-12 17:11:28 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-12-12 17:11:27 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2009-12-12 17:11:27 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2009-12-12 17:11:26 | 00,000,000 | ---D | C] -- E:\Program Files\Malwarebytes' Anti-Malware
[2009-12-12 16:17:18 | 00,000,000 | ---D | C] -- E:\Program Files\Trend Micro
[2009-12-12 14:05:47 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Pulpit\AEQ
[2009-12-11 19:05:52 | 00,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-12-11 16:05:18 | 00,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2009-12-11 16:05:04 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\ESET
[2009-12-11 16:03:59 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\ESET
[2009-12-09 21:34:19 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\WinAVI
[2009-12-09 16:32:29 | 00,000,000 | --SD | M] -- E:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-12-09 16:32:29 | 00,000,000 | --SD | M] -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-12-09 16:32:29 | 00,000,000 | ---D | M] -- E:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-12-09 15:50:09 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Pulpit\blubVolley
[2009-12-09 14:11:48 | 00,000,000 | ---D | C] -- E:\Program Files\ESET
[2009-12-08 20:58:06 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Dev-Cpp
[2009-12-07 19:00:41 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Pulpit\2-2
[2009-12-07 16:50:44 | 00,000,000 | ---D | C] -- E:\WINDOWS\System32\ReinstallBackups
[2009-12-07 11:01:01 | 00,000,000 | ---D | C] -- E:\Program Files\2+2 v.2.1a
[2009-12-07 10:44:20 | 00,000,000 | ---D | C] -- E:\WINDOWS\AM
[2009-12-06 15:56:46 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Moje dokumenty\Pobieranie
[2009-12-03 23:35:25 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\LOG
[2009-12-03 22:35:02 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Moje dokumenty\ESL Match Media
[2009-12-03 22:34:02 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\ESL Wire Game Client
[2009-12-03 22:33:37 | 00,024,504 | ---- | C] (Turtle Entertainment GmbH) -- E:\WINDOWS\System32\drivers\ESLvnic.sys
[2009-12-03 22:33:37 | 00,000,000 | ---D | C] -- E:\Program Files\EslWire
[2009-12-03 22:33:37 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\ESL Wire
[2009-11-30 16:28:53 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\.gstreamer-0.10
[2009-11-27 15:10:58 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider
[2009-11-21 22:09:53 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\Ahead
[2009-11-21 22:08:20 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Ahead
[2009-11-21 22:07:33 | 00,000,000 | ---D | C] -- E:\Program Files\Nero
[2009-11-21 22:07:33 | 00,000,000 | ---D | C] -- E:\Program Files\Common Files\Ahead
[2009-11-17 17:57:36 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Pulpit\kultura
[2009-11-15 22:03:45 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Daniel\Dane aplikacji\Tibia
[2009-11-15 22:00:54 | 00,000,000 | ---D | C] -- E:\Program Files\TibiaCam TV Lite
[2009-11-15 22:00:43 | 00,000,000 | ---D | C] -- E:\Program Files\Tibia
[2009-11-15 19:28:39 | 00,000,000 | -HSD | C] -- E:\Documents and Settings\Daniel\IECompatCache
[2 E:\Documents and Settings\Daniel\*.tmp files -> E:\Documents and Settings\Daniel\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009-12-13 19:33:21 | 00,003,186 | ---- | M] () -- E:\WINDOWS\System32\NOTEPAD.ini
[2009-12-13 18:09:09 | 00,002,267 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-12-13 17:41:24 | 00,000,056 | -H-- | M] () -- E:\WINDOWS\System32\ezsidmv.dat
[2009-12-13 17:03:45 | 00,182,129 | ---- | M] () -- E:\WINDOWS\System32\nvapps.xml
[2009-12-13 17:03:43 | 00,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT
[2009-12-13 17:03:42 | 00,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2009-12-13 12:16:57 | 04,456,448 | -H-- | M] () -- E:\Documents and Settings\Daniel\NTUSER.DAT
[2009-12-13 12:16:57 | 00,000,188 | -HS- | M] () -- E:\Documents and Settings\Daniel\ntuser.ini
[2009-12-13 10:09:56 | 00,001,459 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\LG PC Suite II.lnk
[2009-12-12 23:33:07 | 00,002,739 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\AFIRMACJA.rtf
[2009-12-12 21:34:11 | 00,538,112 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Daniel\Pulpit\OTL.exe
[2009-12-12 18:12:27 | 00,093,480 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2009-12-12 17:11:31 | 00,000,714 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-12-12 16:17:18 | 00,001,740 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\HijackThis.lnk
[2009-12-11 13:50:02 | 00,002,184 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2009-12-10 15:46:43 | 00,212,300 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\wizulizacja.JPG
[2009-12-07 20:01:13 | 00,003,251 | ---- | M] () -- E:\WINDOWS\System32\SpeedCrunch.ini
[2009-12-07 16:50:29 | 00,000,649 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\ESL Wire.lnk
[2009-12-07 13:15:48 | 01,578,952 | -H-- | M] () -- E:\Documents and Settings\Daniel\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-12-04 14:15:10 | 00,000,989 | ---- | M] () -- E:\Documents and Settings\Daniel\Pulpit\tren
[2009-12-04 14:14:29 | 00,000,754 | ---- | M] () -- E:\WINDOWS\WORDPAD.INI
[2009-12-03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-12-03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2009-12-03 11:17:48 | 00,024,504 | ---- | M] (Turtle Entertainment GmbH) -- E:\WINDOWS\System32\drivers\ESLvnic.sys
[2009-11-21 22:10:57 | 00,043,062 | ---- | M] () -- E:\Documents and Settings\Daniel\Moje dokumenty\UserImages.bmp
[2009-11-21 22:08:32 | 00,002,363 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2009-11-21 22:08:32 | 00,002,271 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Nero Home.lnk
[2009-11-16 20:55:59 | 00,645,967 | ---- | M] () -- E:\Documents and Settings\Daniel\Moje dokumenty\img001.jpg
[2009-11-15 22:00:45 | 00,000,638 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2009-11-15 19:29:28 | 00,000,045 | ---- | M] () -- E:\Program Files\Settings.ini
[2 E:\Documents and Settings\Daniel\*.tmp files -> E:\Documents and Settings\Daniel\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009-12-13 17:41:24 | 00,000,056 | -H-- | C] () -- E:\WINDOWS\System32\ezsidmv.dat
[2009-12-13 17:37:09 | 00,002,267 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-12-13 10:09:56 | 00,001,459 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\LG PC Suite II.lnk
[2009-12-12 17:11:31 | 00,000,714 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-12-12 16:17:18 | 00,001,740 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\HijackThis.lnk
[2009-12-10 14:10:08 | 00,212,300 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\wizulizacja.JPG
[2009-12-09 23:34:38 | 00,002,739 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\AFIRMACJA.rtf
[2009-12-09 19:18:21 | 28,845,2884 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\Ziemi Niczyja - Powrót Szaleńca.rmvb
[2009-12-09 19:10:51 | 32,111,2449 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\Cube 3 - Zero.rmvb
[2009-12-09 19:10:39 | 38,593,4645 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\W Rytmie Hip-Hopu.rmvb
[2009-12-09 19:10:19 | 36,104,1515 | ---- | C] () -- E:\Documents and Settings\Daniel\Pulpit\Cube 2 - Hipersześcian.rmvb
[2009-12-04 14:14:19 | 00,000,754 | ---- | C] () -- E:\WINDOWS\WORDPAD.INI
[2009-12-03 22:33:41 | 00,000,649 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\ESL Wire.lnk
[2009-11-21 22:10:57 | 00,043,062 | ---- | C] () -- E:\Documents and Settings\Daniel\Moje dokumenty\UserImages.bmp
[2009-11-21 22:08:32 | 00,002,363 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2009-11-21 22:08:32 | 00,002,271 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Nero Home.lnk
[2009-11-16 20:55:53 | 00,645,967 | ---- | C] () -- E:\Documents and Settings\Daniel\Moje dokumenty\img001.jpg
[2009-11-15 22:00:45 | 00,000,638 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2009-11-15 19:29:28 | 00,000,045 | ---- | C] () -- E:\Program Files\Settings.ini
[2009-11-15 13:40:29 | 00,003,251 | ---- | C] () -- E:\WINDOWS\System32\SpeedCrunch.ini
[2009-11-10 01:36:56 | 00,076,407 | ---- | C] () -- E:\Documents and Settings\Daniel\Dane aplikacji\Smiley.ico
[2009-10-27 16:06:39 | 00,000,097 | ---- | C] () -- E:\WINDOWS\System32\PICSDK.ini
[2009-10-27 16:04:22 | 00,000,026 | ---- | C] () -- E:\WINDOWS\CDE DX4400DEFGIPS.ini
[2009-10-25 12:44:21 | 00,003,186 | ---- | C] () -- E:\WINDOWS\System32\NOTEPAD.ini
[2009-10-25 11:48:35 | 01,703,936 | ---- | C] () -- E:\WINDOWS\System32\nvwdmcpl.dll
[2009-10-25 11:48:35 | 01,486,848 | ---- | C] () -- E:\WINDOWS\System32\nview.dll
[2009-10-25 11:48:35 | 01,019,904 | ---- | C] () -- E:\WINDOWS\System32\nvwimg.dll
[2009-10-25 11:48:35 | 00,466,944 | ---- | C] () -- E:\WINDOWS\System32\nvshell.dll
[2009-10-25 11:48:35 | 00,286,720 | ---- | C] () -- E:\WINDOWS\System32\nvnt4cpl.dll
[2009-10-25 11:43:38 | 00,000,026 | ---- | C] () -- E:\Documents and Settings\Daniel\Dane aplikacji\prio.ini
[2009-10-25 11:39:36 | 00,013,339 | ---- | C] () -- E:\WINDOWS\System32\shConvert.dll
[2009-10-25 11:39:36 | 00,013,312 | ---- | C] () -- E:\WINDOWS\System32\shpicgf.dll
[2009-10-25 11:39:35 | 00,211,968 | ---- | C] () -- E:\WINDOWS\System32\Formats.dll
[2009-10-25 11:39:34 | 00,040,448 | ---- | C] () -- E:\WINDOWS\System32\cdeject.dll
[2009-10-25 11:39:30 | 00,348,160 | ---- | C] () -- E:\WINDOWS\labels.dll
[2009-10-25 11:39:30 | 00,000,026 | ---- | C] () -- E:\WINDOWS\prio.ini
[2009-10-25 11:38:57 | 00,001,958 | ---- | C] () -- E:\WINDOWS\uninstall.ini
[2009-10-25 11:38:38 | 00,168,448 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll
[2009-10-25 11:38:35 | 00,795,648 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2009-10-25 11:38:35 | 00,130,048 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2009-10-25 11:38:34 | 03,596,288 | ---- | C] () -- E:\WINDOWS\System32\qt-dx331.dll
[2009-10-25 11:38:33 | 00,067,584 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll
[2009-10-25 11:38:33 | 00,000,547 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll.manifest
[2003-06-09 14:05:18 | 00,094,636 | ---- | C] () -- E:\WINDOWS\dropcpyr.dll
< End of report >

-- Dodane 13.12.2009 (N) 19:40 --

Już nie wyskakują żadne okienka, wszystko w porządku.

przez Gutek » 14.12.2009 (Pn) 0:36

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052
Uruchom OTL i w oknie Custom Scans/Fixes wklej to:
:

OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.bearshare.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js..extensions.enabledItems: {F2DDDB92-1605-4260-9B25-45A4DAE87B50}:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
[2009-07-18 00:02:48 | 00,002,476 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
O4 - HKLM..\Run: [Resume copy] E:\WINDOWS\copyfstq.exe ()

:Commands
[emptytemp]
[Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.
Następnie uruchom OTL ponownie i kliknij na przycisk CleanUp

przez daniel1992 » 14.12.2009 (Pn) 19:46

Dzięki uprzejmie za pomoc, już wszystko OK.

Wyskakujące strony pornograficzne, niechciane reklamy.

Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Re: Wyskakujące strony pornograficzne, niechciane reklamy.

Kto przegląda forum