Braviax.exe PC_antispyware2010


(Lporazinski) #1

Komp masakrycznie muli, po jakims czasie od wlaczenia komputera odcina neta pomaga wylaczenie jednego z procesow svchost.exe uzywalem juz Malwarebytes' Anti-Malware oczywiscie znalazl problemy, usunal je i po wlaczeniu kompa to samo. Plik braviax.exe mimo ze go usunalem nadal sie pojawia, czyszczenie folderu smieci internet explorera, Prefech, Temp, PC_Antispyware2010 na dysk C jak i z program files rowniez nic nie daje, po pewnym czasie samo sie tworzy, log z hijackthis przeslalem na www ale zadnych czerwonych wykrzyknikow nie znalazl :confused: any ideas ?

System to winxp oryginalny, program antywirusowy KAV rowniez oryg. z licencja


(Leon$) #2

Pobierz OTListIt2: http://www.searchengines.pl/index.php?s ... =392369 przeskanuj daj log OTListIT.txt oraz Extras.txt.

:slight_smile:


(Lporazinski) #3

OTL.txr

OTL logfile created on: 2009-08-08 15:14:45 - Run 1

*OTL by OldTimer - Version 3.0.10.5-(DefenseWall Status: Niezaufany) Folder = C:\Documents and Settings\Łukasz\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,50% Memory free

3,33 Gb Paging File | 2,89 Gb Available in Paging File | 86,76% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 82,82 Gb Total Space | 62,59 Gb Free Space | 75,57% Space Free | Partition Type: NTFS

Drive D: | 61,29 Gb Total Space | 33,21 Gb Free Space | 54,18% Space Free | Partition Type: NTFS

Drive E: | 3,80 Gb Total Space | 3,27 Gb Free Space | 86,09% Space Free | Partition Type: FAT32

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: LUKASZ

Current User Name: Łukasz

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-08-08 15:12:13 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009-06-05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])

SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

SRV - [2009-07-21 13:23:25 | 00,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP [Auto | Running])

SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])

SRV - [2008-09-02 08:26:16 | 00,346,720 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])

SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2009-06-29 21:07:45 | 00,094,208 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\defensewall_serv.exe -- (defensewall_serv [Auto | Running])

SRV - [2009-05-24 09:05:39 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])

SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (fontcache3.0.0.0 [On_Demand | Stopped])

SRV - [2008-04-15 14:00:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

SRV - [2009-06-05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])

SRV - 2007-01-04 20:48:50 | 00,112,152 | ---- | M -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr [Disabled | Stopped])

SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

SRV - [2007-08-24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])

SRV - [2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

SRV - 2008-11-11 09:38:06 | 00,620,544 | ---- | M -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])

SRV - 2009-05-24 10:17:39 | 00,045,056 | ---- | M -- C:\WINDOWS\System32\UTSCSI.EXE -- (UTSCSI [Auto | Stopped])

SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008-09-18 20:44:38 | 01,326,528 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\athw.sys -- (AR5416 [On_Demand | Running])

DRV - [2008-04-08 16:59:28 | 00,010,752 | ---- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\System32\DRIVERS\ASUSACPI.sys -- (AsusACPI [On_Demand | Running])

DRV - [2008-05-30 05:46:12 | 00,534,568 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\drivers\btaudio.sys -- (btaudio [On_Demand | Stopped])

DRV - [2008-02-04 11:57:44 | 00,037,160 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btport.sys -- (BTDriver [On_Demand | Running])

DRV - [2008-08-19 16:16:36 | 00,991,656 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])

DRV - [2008-07-24 11:37:10 | 00,156,816 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys -- (BTWDNDIS [On_Demand | Stopped])

DRV - [2008-03-10 12:18:42 | 00,057,384 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\DRIVERS\btwhid.sys -- (btwhid [On_Demand | Stopped])

DRV - [2008-08-19 16:16:28 | 00,047,272 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB [On_Demand | Stopped])

DRV - [2009-03-27 01:16:28 | 00,012,672 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\cpuz132_x32.sys -- (cpuz132 [On_Demand | Stopped])

DRV - [2009-06-29 20:18:12 | 00,753,664 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\Drivers\dwall.sys -- (dwall [system | Running])

DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Stopped])

DRV - [2008-04-15 14:00:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])

DRV - [2007-12-19 17:32:12 | 05,854,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Running])

DRV - [2008-09-18 12:48:58 | 04,816,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])

DRV - [2008-07-21 17:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [boot | Running])

DRV - [2009-04-19 23:32:45 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [boot | Running])

DRV - [2009-04-19 23:32:45 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klif.sys -- (KLIF [system | Running])

DRV - [2008-04-30 17:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])

DRV - [2008-11-27 14:25:06 | 00,025,216 | ---- | M] (ELANTECH Devices Corp.) -- C:\WINDOWS\System32\DRIVERS\ETD.sys -- (Ktp [On_Demand | Running])

DRV - [2008-09-23 19:15:00 | 00,038,400 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\l1e51x86.sys -- (L1e [On_Demand | Running])

DRV - 2009-02-09 07:37:46 | 00,017,664 | ---- | M -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])

DRV - 2009-02-09 07:37:46 | 00,022,016 | ---- | M -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])

DRV - 2009-03-19 13:48:18 | 00,136,704 | ---- | M -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu [On_Demand | Stopped])

DRV - 2009-03-19 13:48:12 | 00,008,320 | ---- | M -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc [On_Demand | Stopped])

DRV - 2009-08-06 14:53:57 | 00,619,296 | ---- | M -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs [Disabled | Running])

DRV - 2008-08-26 09:26:12 | 00,018,816 | ---- | M -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])

DRV - [2008-04-15 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2009-04-28 22:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

DRV - [2007-10-03 05:30:32 | 00,065,024 | ---- | M] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\DRIVERS\qcusbmdm6k.sys -- (qcusbmdm6k [On_Demand | Stopped])

DRV - [2007-10-03 05:30:32 | 00,065,024 | ---- | M] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\DRIVERS\qcusbnmea.sys -- (qcusbnmea [On_Demand | Stopped])

DRV - [2007-10-03 05:30:32 | 00,065,024 | ---- | M] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\DRIVERS\qcusbpcsync.sys -- (qcusbpcsync [On_Demand | Stopped])

DRV - [2007-10-03 05:30:32 | 00,065,024 | ---- | M] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\DRIVERS\qcusbser6k.sys -- (qcusbser6k [On_Demand | Stopped])

DRV - 2007-04-17 21:09:28 | 00,011,032 | ---- | M -- C:\WINDOWS\System32\drivers\regi.sys -- (regi [Auto | Running])

DRV - [2008-04-15 14:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

DRV - [2008-02-11 17:07:00 | 00,018,816 | ---- | M] (Bytemobile, Inc.) -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM [system | Running])

DRV - [2006-05-18 08:48:50 | 00,047,249 | ---- | M] (FTDI Ltd.) -- C:\WINDOWS\System32\drivers\ufs2xx.sys -- (ufs2xx [On_Demand | Stopped])

DRV - 2009-02-09 07:37:48 | 00,007,808 | ---- | M -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])

DRV - [2009-06-05 11:42:38 | 00,039,424 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])

DRV - [2008-04-14 00:15:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])

DRV - 2009-02-09 07:37:56 | 00,007,808 | ---- | M -- C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped])

DRV - [2008-04-14 00:26:50 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])

DRV - [2006-11-06 18:04:56 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wceusbsh.sys -- (wceusbsh [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com

IE - HKU.default\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU.default\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU.default.default\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\s-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\s-1-5-18\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006\s-1-5-21-3174984377-1649888885-1636730511-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006\s-1-5-21-3174984377-1649888885-1636730511-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006\s-1-5-21-3174984377-1649888885-1636730511-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 80.48.208.2:8080

FF - HKLM\software\mozilla\Firefox\Extensions\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-05-10 09:14:13 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-07 19:30:48 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\mozilla firefox 3.0.13\extensions\Components: C:\Program Files\Mozilla Firefox\components

FF - HKLM\software\mozilla\mozilla firefox 3.0.13\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins

FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\Components: C:\Program Files\Mozilla Thunderbird\components

FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009-05-04 21:18:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\mozilla\Extensions

[2009-05-04 21:18:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\mozilla\Extensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O3 - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [braviax] File not found

O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\PL\Programs\Registration.exe (Corel Corporation)

O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

O4 - HKLM..\Run: [DefenseWall] C:\Program Files\DefenseWall\DefenseWall.exe (SoftSphere Technologies)

O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELANTECH Devices Corp.)

O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)

O4 - HKLM..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)

O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [Regedit32] C:\WINDOWS\System32\regedit.exe File not found

O4 - HKLM..\Run: [userFaultCheck] File not found

O4 - HKU.default..\Run: [braviax] File not found

O4 - HKU\s-1-5-18..\Run: [braviax] File not found

O4 - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1

O7 - HKU\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1

O7 - HKU\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\s-1-5-21-3174984377-1649888885-1636730511-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE File not found

O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_17\bin\npjpi150_17.dll (Sun Microsystems, Inc.)

O9 - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKLM..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {14E35D5F-DEBA-4DB3-B2ED-17542BA12D1F} http://192.168.1.1/AV718.cab (CV781Object Object)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3169540218 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_17)

O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (cru629.dat) - File not found

O20 - AppInit_DLLs: (FILES\QUI) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - 2009-02-12 10:45:29 | 00,000,000 | ---- | M - C:\AUTOEXEC.BAT -- [NTFS]

O33 - MountPoints2{221deacc-349a-11de-88a9-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{221deacc-349a-11de-88a9-002243791adc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{3fbe4d88-5713-11de-88d1-002243cfea7f}\Shell\AutoRun\command - "" = F:\x.cmd -- File not found

O33 - MountPoints2{3fbe4d88-5713-11de-88d1-002243cfea7f}\Shell\open\Command - "" = F:\x.cmd -- File not found

O33 - MountPoints2{4336059c-4830-11de-88c0-002243791adc}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found

O33 - MountPoints2{433605ae-4830-11de-88c0-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{433605ae-4830-11de-88c0-002243791adc}\Shell\AutoRun\command - "" = G:\PdtStart.exe -- File not found

O33 - MountPoints2{5533cced-58ee-11de-88d2-002243cfea7f}\Shell - "" = AutoRun

O33 - MountPoints2{71a7f6af-2fed-11de-88a5-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{71a7f6af-2fed-11de-88a5-002243791adc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{71a7f6b0-2fed-11de-88a5-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{71a7f6b0-2fed-11de-88a5-002243791adc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{91f87343-7529-11de-88ee-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{91f87343-7529-11de-88ee-002243791adc}\Shell\Auto\command - "" = E:\wupdmgr.exe -- File not found

O33 - MountPoints2{93c23b62-46a7-11de-88be-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{93c23b62-46a7-11de-88be-002243791adc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{93c23b63-46a7-11de-88be-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{93c23b63-46a7-11de-88be-002243791adc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{abf1056d-2b9f-11de-889f-002243cfea7f}\Shell - "" = AutoRun

O33 - MountPoints2{abf1056d-2b9f-11de-889f-002243cfea7f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{abf10570-2b9f-11de-889f-002243cfea7f}\Shell - "" = AutoRun

O33 - MountPoints2{abf10570-2b9f-11de-889f-002243cfea7f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{abf105bd-2b9f-11de-889f-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{abf105bd-2b9f-11de-889f-002243791adc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{abf105be-2b9f-11de-889f-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{abf105be-2b9f-11de-889f-002243791adc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2{ad440cff-3b27-11de-88ae-002243791adc}\Shell - "" = AutoRun

O33 - MountPoints2{ad440cff-3b27-11de-88ae-002243791adc}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found

O33 - MountPoints2{fef787eb-42b4-11de-88bc-002243791adc}\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32*.tmp files]

2009-08-08 15:19:10 | 00,000,302 | -HS- | C -- C:\WINDOWS\klif.spi

[2009-08-08 15:12:19 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe

2009-08-08 14:37:32 | 00,190,307 | ---- | C -- C:\WINDOWS\System32\wisdstr.exe

2009-08-08 14:32:23 | 00,012,288 | ---- | C -- C:\WINDOWS\System32\braviax.exe

2009-08-08 14:32:22 | 00,030,208 | ---- | C -- C:\WINDOWS\System32\drivers\beep.sys

2009-08-08 14:32:22 | 00,030,208 | ---- | C -- C:\WINDOWS\System32\dllcache\beep.sys

2009-08-08 14:32:21 | 00,030,208 | ---- | C -- C:\WINDOWS\System32\dllcache\figaro.sys

2009-08-08 14:19:11 | 00,001,734 | ---- | C -- C:\Documents and Settings\Łukasz\Pulpit\HijackThis.lnk

[2009-08-08 14:19:10 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

2009-08-08 10:51:17 | 00,019,483 | ---- | C -- C:\WINDOWS\System32\evapiq._dl

2009-08-08 10:51:17 | 00,018,444 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\upenini._sy

2009-08-08 10:51:17 | 00,016,662 | ---- | C -- C:\WINDOWS\System32\ehiri._dl

2009-08-08 10:51:17 | 00,016,410 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\tilenyfohe.vbs

2009-08-08 10:51:17 | 00,016,341 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\enobykof.dll

2009-08-08 10:51:17 | 00,016,320 | ---- | C -- C:\Program Files\Common Files\wuvoxa._sy

2009-08-08 10:51:17 | 00,015,504 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\ruvew.dat

2009-08-08 10:51:17 | 00,014,451 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\exuh.scr

2009-08-08 10:51:17 | 00,013,787 | ---- | C -- C:\Program Files\Common Files\nytafe.lib

2009-08-08 10:51:17 | 00,011,752 | ---- | C -- C:\WINDOWS\gizurycex.bin

2009-08-08 10:51:17 | 00,011,713 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\fijile.exe

2009-08-08 10:51:17 | 00,011,697 | ---- | C -- C:\Program Files\Common Files\asakum.lib

2009-08-08 10:51:17 | 00,011,084 | ---- | C -- C:\Documents and Settings\All Users\Dane aplikacji\rynafy._sy

[2009-08-08 08:23:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DefenseWall HIPS

[2009-08-08 08:20:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DefenseWall HIPS

2009-08-08 08:20:36 | 03,395,347 | ---- | C -- C:\Documents and Settings\Łukasz\Pulpit\DefenseWall_HIPS_v2_56.exe

[2009-08-08 08:18:36 | 00,094,208 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_ext.dll

[2009-08-08 08:18:36 | 00,077,824 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall.dll

[2009-08-08 08:18:36 | 00,057,344 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_com.dll

2009-08-08 08:18:36 | 00,053,248 | ---- | C -- C:\WINDOWS\System32\dwall_excel.dll

2009-08-08 08:18:36 | 00,045,056 | ---- | C -- C:\WINDOWS\System32\dwall_service.dll

[2009-08-08 08:18:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DefenseWall HIPS

[2009-08-08 08:18:35 | 00,094,208 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\defensewall_serv.exe

[2009-08-08 08:18:34 | 00,753,664 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\drivers\dwall.sys

[2009-08-08 08:18:34 | 00,000,000 | ---D | C] -- C:\Program Files\DefenseWall

2009-08-08 00:04:34 | 00,017,357 | ---- | C -- C:\WINDOWS\mawovo.inf

2009-08-08 00:04:34 | 00,014,675 | ---- | C -- C:\WINDOWS\cusodycegy.bin

2009-08-08 00:04:34 | 00,013,733 | ---- | C -- C:\WINDOWS\gymyx.dat

2009-08-08 00:04:33 | 00,019,272 | ---- | C -- C:\WINDOWS\uhedydase.inf

2009-08-08 00:04:33 | 00,019,120 | ---- | C -- C:\WINDOWS\System32\jipe.scr

2009-08-08 00:04:33 | 00,019,017 | ---- | C -- C:\Program Files\Common Files\wopo.sys

2009-08-08 00:04:33 | 00,018,897 | ---- | C -- C:\WINDOWS\gizike.vbs

2009-08-08 00:04:33 | 00,017,915 | ---- | C -- C:\Documents and Settings\All Users\Dane aplikacji\cavepeq.bat

2009-08-08 00:04:33 | 00,016,838 | ---- | C -- C:\WINDOWS\uvoquzen.bin

2009-08-08 00:04:33 | 00,016,672 | ---- | C -- C:\Program Files\Common Files\uxem.dll

2009-08-08 00:04:33 | 00,016,450 | ---- | C -- C:\Program Files\Common Files\cyruho.vbs

2009-08-08 00:04:33 | 00,015,836 | ---- | C -- C:\Documents and Settings\All Users\Dane aplikacji\uqop.vbs

2009-08-08 00:04:33 | 00,015,357 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\pivele.dll

[2009-08-07 22:52:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump

2009-08-07 22:38:33 | 00,000,006 | -H-- | C -- C:\WINDOWS\tasks\SA.DAT

2009-08-07 22:21:29 | 00,019,752 | ---- | C -- C:\WINDOWS\odizaji.ban

2009-08-07 22:21:29 | 00,018,856 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\cageponi._dl

2009-08-07 22:21:29 | 00,018,194 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\wujecugepy._sy

2009-08-07 22:21:29 | 00,017,444 | ---- | C -- C:\WINDOWS\ulejehow.ban

2009-08-07 22:21:29 | 00,016,917 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\gaxalimade.ban

2009-08-07 22:21:29 | 00,015,907 | ---- | C -- C:\Documents and Settings\All Users\Dane aplikacji\mypecunat._sy

2009-08-07 22:21:29 | 00,015,683 | ---- | C -- C:\WINDOWS\System32\uriha.bat

2009-08-07 22:21:29 | 00,015,053 | ---- | C -- C:\WINDOWS\System32\ygahu.sys

2009-08-07 22:21:29 | 00,013,956 | ---- | C -- C:\WINDOWS\jewu.bat

2009-08-07 22:21:29 | 00,013,605 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\cigof.vbs

2009-08-07 22:21:29 | 00,012,743 | ---- | C -- C:\Program Files\Common Files\iruneniwik.bin

2009-08-07 22:21:29 | 00,011,730 | ---- | C -- C:\WINDOWS\ecis.exe

2009-08-07 22:21:29 | 00,011,321 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\sanu._dl

2009-08-07 22:21:28 | 00,019,961 | ---- | C -- C:\WINDOWS\ogumyf._sy

2009-08-07 22:21:28 | 00,013,121 | ---- | C -- C:\WINDOWS\ovives.com

2009-08-07 22:21:28 | 00,011,329 | ---- | C -- C:\WINDOWS\uwewunywu.inf

2009-08-07 22:21:28 | 00,011,020 | ---- | C -- C:\WINDOWS\eliwemyji.db

2009-08-07 15:26:24 | 00,188,416 | ---- | C -- C:\WINDOWS\System32\ufs2xxun.exe

[2009-08-07 15:26:24 | 00,176,128 | ---- | C] (FTDI Ltd) -- C:\WINDOWS\System32\ufs2xx.dll

[2009-08-07 15:26:24 | 00,047,249 | ---- | C] (FTDI Ltd.) -- C:\WINDOWS\System32\drivers\ufs2xx.sys

2009-08-07 15:26:24 | 00,000,086 | ---- | C -- C:\WINDOWS\System32\ufs2xxun.ini

[2009-08-07 15:25:56 | 00,000,000 | ---D | C] -- C:\Program Files\SarasSoft

2009-08-06 18:24:38 | 00,019,225 | ---- | C -- C:\Program Files\Common Files\katebe.ban

2009-08-06 18:24:38 | 00,018,507 | ---- | C -- C:\Documents and Settings\All Users\Dane aplikacji\ykamyx.bin

2009-08-06 18:24:38 | 00,017,225 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\ivycavelo.inf

2009-08-06 18:24:38 | 00,016,423 | ---- | C -- C:\WINDOWS\pyneha.pif

2009-08-06 18:24:38 | 00,015,012 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\tijigigu.vbs

2009-08-06 18:24:38 | 00,012,242 | ---- | C -- C:\Documents and Settings\All Users\Dokumenty\ekulime.dll

2009-08-06 18:24:38 | 00,011,511 | ---- | C -- C:\WINDOWS\System32\keworyhy.dat

2009-08-06 18:24:38 | 00,010,285 | ---- | C -- C:\WINDOWS\System32\dupygyzow.bin

2009-08-06 18:24:38 | 00,010,181 | ---- | C -- C:\Documents and Settings\All Users\Dane aplikacji\orajafo.ban

2009-08-06 15:22:39 | 00,052,096 | ---- | C -- C:\WINDOWS\System32\drivers\207e98a2.sys

[2009-08-06 15:01:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Malwarebytes

[2009-08-06 15:01:27 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009-08-06 15:01:24 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009-08-06 15:01:24 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2009-08-06 15:01:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes

2009-08-06 14:50:25 | 00,000,787 | ---- | C -- C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts\SuperHybridEngine.lnk

2009-08-06 14:50:02 | 00,052,096 | ---- | C -- C:\WINDOWS\System32\drivers\340dd073.sys

[2009-08-04 00:05:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\MIPLO_22.07.2009_Fotoradary___Najwazniejsze_kategorie__ikony___komunikaty_ostrzezen_

2009-08-03 22:31:20 | 00,589,734 | ---- | C -- C:\Documents and Settings\Łukasz\Pulpit\mio moow m300.bmp

2009-08-03 20:06:11 | 00,129,536 | ---- | C -- C:\WINDOWS\inout2.dll

[2009-08-03 19:39:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\kav

[2009-08-03 12:55:14 | 00,000,000 | ---D | C] -- C:\Program Files\Code Factory

[2009-07-29 17:04:33 | 00,000,000 | ---D | C] -- C:\Program Files\Wizard Service Tool

[2009-07-29 17:00:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Wojtek-SPV Moje dokumenty

2009-07-29 13:45:58 | 02,033,642 | ---- | C -- C:\huawei e160 inicjacja polaczenia era.avi

2009-07-29 13:39:10 | 01,950,480 | ---- | C -- C:\huawei e160 inicjacja polaczenia heyah.avi

[2009-07-29 13:29:10 | 00,000,000 | ---D | C] -- C:\Program Files\HyCam2

[2009-07-26 00:24:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\alchemikj

2009-07-19 17:58:57 | 00,059,213 | ---- | C -- C:\Documents and Settings\Łukasz\Pulpit\Wysyłki.ods

[2009-07-11 23:35:14 | 00,000,000 | ---D | C] -- C:\Program Files\HD Tune

2009-06-13 09:00:38 | 00,022,723 | ---- | C -- C:\WINDOWS\System32\sx450sl3.dll

2009-05-23 17:54:40 | 00,116,224 | ---- | C -- C:\WINDOWS\System32\pdfcmnnt.dll

2009-04-24 09:43:14 | 00,000,547 | ---- | C -- C:\WINDOWS\System32\ff_vfw.dll.manifest

2009-04-24 09:43:13 | 00,084,480 | ---- | C -- C:\WINDOWS\System32\ff_vfw.dll

2009-04-18 00:22:59 | 00,000,448 | ---- | C -- C:\WINDOWS\wcx_ftp.ini

2009-04-18 00:21:55 | 00,003,792 | ---- | C -- C:\WINDOWS\wincmd.ini

2009-02-16 14:57:24 | 00,000,061 | ---- | C -- C:\WINDOWS\smscfg.ini

2009-02-12 11:41:27 | 00,147,456 | ---- | C -- C:\WINDOWS\System32\igfxCoIn_v4906.dll

2009-02-12 11:29:05 | 00,005,312 | ---- | C -- C:\WINDOWS\System32\OEMINFO.INI

2009-02-12 11:28:56 | 01,847,424 | ---- | C -- C:\WINDOWS\System32\win32k.sys

2009-02-12 11:28:56 | 00,000,507 | ---- | C -- C:\WINDOWS\win.ini

2009-02-12 11:28:55 | 00,000,227 | ---- | C -- C:\WINDOWS\system.ini

2009-02-12 11:28:52 | 00,619,296 | ---- | C -- C:\WINDOWS\System32\drivers\ntfs.sys

2008-11-14 19:12:56 | 00,012,208 | ---- | C -- C:\WINDOWS\AsTrayLang.ini

2008-09-02 08:25:26 | 02,854,912 | ---- | C -- C:\WINDOWS\System32\btwicons.dll

2008-07-30 20:31:52 | 00,021,864 | ---- | C -- C:\WINDOWS\AsAcpiSvrLang.ini

2007-12-04 14:38:18 | 00,147,456 | ---- | C -- C:\WINDOWS\System32\AVC718Viewer.dll

2007-03-29 22:00:40 | 00,203,264 | ---- | C -- C:\WINDOWS\System32\CddbCdda.dll

2005-02-17 13:41:32 | 00,000,603 | ---- | C -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

2005-02-17 13:41:30 | 00,000,593 | ---- | C -- C:\WINDOWS\System32\btcss.dll.manifest

2001-11-14 14:56:00 | 01,802,240 | ---- | C -- C:\WINDOWS\System32\lcppn21.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32*.tmp files]

2009-08-08 15:26:22 | 00,052,096 | ---- | M -- C:\WINDOWS\System32\drivers\207e98a2.sys

2009-08-08 15:26:20 | 00,052,096 | ---- | M -- C:\WINDOWS\System32\drivers\340dd073.sys

2009-08-08 15:21:05 | 00,000,302 | -HS- | M -- C:\WINDOWS\klif.spi

2009-08-08 15:12:18 | 00,000,006 | -H-- | M -- C:\WINDOWS\tasks\SA.DAT

[2009-08-08 15:12:13 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe

2009-08-08 14:38:26 | 00,003,792 | ---- | M -- C:\WINDOWS\wincmd.ini

2009-08-08 14:37:32 | 00,190,307 | ---- | M -- C:\WINDOWS\System32\wisdstr.exe

2009-08-08 14:32:23 | 00,012,288 | ---- | M -- C:\WINDOWS\System32\braviax.exe

2009-08-08 14:29:43 | 00,002,048 | --S- | M -- C:\WINDOWS\bootstat.dat

2009-08-08 14:29:02 | 05,451,296 | -HS- | M -- C:\WINDOWS\System32\drivers\fidbox.dat

2009-08-08 14:29:02 | 00,802,848 | -HS- | M -- C:\WINDOWS\System32\drivers\fidbox2.dat

2009-08-08 14:29:02 | 00,048,908 | -HS- | M -- C:\WINDOWS\System32\drivers\fidbox.idx

2009-08-08 14:29:02 | 00,004,872 | -HS- | M -- C:\WINDOWS\System32\drivers\fidbox2.idx

2009-08-08 14:19:12 | 00,001,734 | ---- | M -- C:\Documents and Settings\Łukasz\Pulpit\HijackThis.lnk

2009-08-08 13:40:35 | 00,000,507 | ---- | M -- C:\WINDOWS\win.ini

2009-08-08 13:40:35 | 00,000,227 | ---- | M -- C:\WINDOWS\system.ini

2009-08-08 13:40:35 | 00,000,211 | -HS- | M -- C:\boot.ini

2009-08-08 10:51:17 | 00,019,483 | ---- | M -- C:\WINDOWS\System32\evapiq._dl

2009-08-08 10:51:17 | 00,018,444 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\upenini._sy

2009-08-08 10:51:17 | 00,016,662 | ---- | M -- C:\WINDOWS\System32\ehiri._dl

2009-08-08 10:51:17 | 00,016,410 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\tilenyfohe.vbs

2009-08-08 10:51:17 | 00,016,341 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\enobykof.dll

2009-08-08 10:51:17 | 00,016,320 | ---- | M -- C:\Program Files\Common Files\wuvoxa._sy

2009-08-08 10:51:17 | 00,015,504 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\ruvew.dat

2009-08-08 10:51:17 | 00,014,451 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\exuh.scr

2009-08-08 10:51:17 | 00,013,787 | ---- | M -- C:\Program Files\Common Files\nytafe.lib

2009-08-08 10:51:17 | 00,011,752 | ---- | M -- C:\WINDOWS\gizurycex.bin

2009-08-08 10:51:17 | 00,011,713 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\fijile.exe

2009-08-08 10:51:17 | 00,011,697 | ---- | M -- C:\Program Files\Common Files\asakum.lib

2009-08-08 10:51:17 | 00,011,084 | ---- | M -- C:\Documents and Settings\All Users\Dane aplikacji\rynafy._sy

2009-08-08 08:18:37 | 00,049,944 | ---- | M -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-08-08 08:18:19 | 03,395,347 | ---- | M -- C:\Documents and Settings\Łukasz\Pulpit\DefenseWall_HIPS_v2_56.exe

2009-08-08 00:04:34 | 00,017,357 | ---- | M -- C:\WINDOWS\mawovo.inf

2009-08-08 00:04:34 | 00,014,675 | ---- | M -- C:\WINDOWS\cusodycegy.bin

2009-08-08 00:04:34 | 00,013,733 | ---- | M -- C:\WINDOWS\gymyx.dat

2009-08-08 00:04:33 | 00,019,272 | ---- | M -- C:\WINDOWS\uhedydase.inf

2009-08-08 00:04:33 | 00,019,120 | ---- | M -- C:\WINDOWS\System32\jipe.scr

2009-08-08 00:04:33 | 00,019,017 | ---- | M -- C:\Program Files\Common Files\wopo.sys

2009-08-08 00:04:33 | 00,018,897 | ---- | M -- C:\WINDOWS\gizike.vbs

2009-08-08 00:04:33 | 00,017,915 | ---- | M -- C:\Documents and Settings\All Users\Dane aplikacji\cavepeq.bat

2009-08-08 00:04:33 | 00,016,838 | ---- | M -- C:\WINDOWS\uvoquzen.bin

2009-08-08 00:04:33 | 00,016,672 | ---- | M -- C:\Program Files\Common Files\uxem.dll

2009-08-08 00:04:33 | 00,016,450 | ---- | M -- C:\Program Files\Common Files\cyruho.vbs

2009-08-08 00:04:33 | 00,015,836 | ---- | M -- C:\Documents and Settings\All Users\Dane aplikacji\uqop.vbs

2009-08-08 00:04:33 | 00,015,357 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\pivele.dll

2009-08-07 23:12:57 | 00,059,213 | ---- | M -- C:\Documents and Settings\Łukasz\Pulpit\Wysyłki.ods

2009-08-07 22:21:29 | 00,019,752 | ---- | M -- C:\WINDOWS\odizaji.ban

2009-08-07 22:21:29 | 00,018,856 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\cageponi._dl

2009-08-07 22:21:29 | 00,018,194 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\wujecugepy._sy

2009-08-07 22:21:29 | 00,017,444 | ---- | M -- C:\WINDOWS\ulejehow.ban

2009-08-07 22:21:29 | 00,016,917 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\gaxalimade.ban

2009-08-07 22:21:29 | 00,015,907 | ---- | M -- C:\Documents and Settings\All Users\Dane aplikacji\mypecunat._sy

2009-08-07 22:21:29 | 00,015,683 | ---- | M -- C:\WINDOWS\System32\uriha.bat

2009-08-07 22:21:29 | 00,015,053 | ---- | M -- C:\WINDOWS\System32\ygahu.sys

2009-08-07 22:21:29 | 00,013,956 | ---- | M -- C:\WINDOWS\jewu.bat

2009-08-07 22:21:29 | 00,013,605 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\cigof.vbs

2009-08-07 22:21:29 | 00,012,743 | ---- | M -- C:\Program Files\Common Files\iruneniwik.bin

2009-08-07 22:21:29 | 00,011,730 | ---- | M -- C:\WINDOWS\ecis.exe

2009-08-07 22:21:29 | 00,011,321 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\sanu._dl

2009-08-07 22:21:28 | 00,019,961 | ---- | M -- C:\WINDOWS\ogumyf._sy

2009-08-07 22:21:28 | 00,013,121 | ---- | M -- C:\WINDOWS\ovives.com

2009-08-07 22:21:28 | 00,011,329 | ---- | M -- C:\WINDOWS\uwewunywu.inf

2009-08-07 22:21:28 | 00,011,020 | ---- | M -- C:\WINDOWS\eliwemyji.db

2009-08-07 20:08:25 | 01,510,688 | ---- | M -- C:\WINDOWS\System32\FNTCACHE.DAT

2009-08-07 19:40:24 | 01,071,916 | ---- | M -- C:\WINDOWS\System32\PerfStringBackup.INI

2009-08-07 19:40:24 | 00,500,540 | ---- | M -- C:\WINDOWS\System32\perfh015.dat

2009-08-07 19:40:24 | 00,441,458 | ---- | M -- C:\WINDOWS\System32\perfh009.dat

2009-08-07 19:40:24 | 00,089,036 | ---- | M -- C:\WINDOWS\System32\perfc015.dat

2009-08-07 19:40:24 | 00,071,394 | ---- | M -- C:\WINDOWS\System32\perfc009.dat

2009-08-07 11:09:52 | 00,000,448 | ---- | M -- C:\WINDOWS\wcx_ftp.ini

2009-08-06 23:41:55 | 00,049,152 | ---- | M -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2009-08-06 18:24:38 | 00,019,225 | ---- | M -- C:\Program Files\Common Files\katebe.ban

2009-08-06 18:24:38 | 00,018,507 | ---- | M -- C:\Documents and Settings\All Users\Dane aplikacji\ykamyx.bin

2009-08-06 18:24:38 | 00,017,225 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\ivycavelo.inf

2009-08-06 18:24:38 | 00,016,423 | ---- | M -- C:\WINDOWS\pyneha.pif

2009-08-06 18:24:38 | 00,015,012 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\tijigigu.vbs

2009-08-06 18:24:38 | 00,012,242 | ---- | M -- C:\Documents and Settings\All Users\Dokumenty\ekulime.dll

2009-08-06 18:24:38 | 00,011,511 | ---- | M -- C:\WINDOWS\System32\keworyhy.dat

2009-08-06 18:24:38 | 00,010,285 | ---- | M -- C:\WINDOWS\System32\dupygyzow.bin

2009-08-06 18:24:38 | 00,010,181 | ---- | M -- C:\Documents and Settings\All Users\Dane aplikacji\orajafo.ban

2009-08-06 15:10:52 | 00,021,141 | ---- | M -- C:\Documents and Settings\Łukasz\Pulpit\zakupy zagraniczne.ods

2009-08-06 14:53:58 | 00,619,296 | ---- | M -- C:\WINDOWS\System32\dllcache\ntfs.sys

2009-08-06 14:53:57 | 00,619,296 | ---- | M -- C:\WINDOWS\System32\drivers\ntfs.sys

2009-08-03 22:31:18 | 00,589,734 | ---- | M -- C:\Documents and Settings\Łukasz\Pulpit\mio moow m300.bmp

2009-08-03 20:06:11 | 00,129,536 | ---- | M -- C:\WINDOWS\inout2.dll

[2009-08-03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009-08-03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

2009-07-29 13:47:56 | 02,033,642 | ---- | M -- C:\huawei e160 inicjacja polaczenia era.avi

2009-07-29 13:42:43 | 01,950,480 | ---- | M -- C:\huawei e160 inicjacja polaczenia heyah.avi

2009-07-20 08:38:16 | 00,001,374 | ---- | M -- C:\WINDOWS\imsins.BAK

[2009-07-19 18:46:32 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll

[2009-07-19 18:46:32 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll

[2009-07-19 15:16:34 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll

[2009-07-19 15:16:34 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

========== LOP Check ==========

[2009-02-12 11:53:39 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji

[2009-08-08 10:43:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator.LUKASZ\Dane aplikacji

[2009-08-08 10:51:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji

[2009-06-14 11:16:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2009-02-16 14:48:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Atheros

[2009-08-08 15:18:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DefenseWall HIPS

[2009-05-24 09:25:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet

[2009-06-18 21:42:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations

[2009-05-10 09:21:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia

[2009-05-10 09:16:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite

[2009-02-12 11:53:39 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji

[2009-08-08 10:51:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji

[2009-02-12 10:49:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji

[2009-08-08 08:23:13 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji

[2009-04-17 23:13:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Corel

[2009-08-08 08:23:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DefenseWall HIPS

[2009-04-17 18:10:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Gadu-Gadu

[2009-05-20 18:16:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\GARMIN

[2009-05-08 18:13:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\HCM Updater

[2009-05-10 09:18:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Nokia

[2009-04-24 09:37:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\OpenOffice.ux.pl

[2009-04-17 18:19:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Opera

[2009-05-10 09:16:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\PC Suite

[2009-05-18 09:00:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Thunderbird

2009-08-08 15:12:18 | 00,000,006 | -H-- | M -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

< End of report >


(Leon$) #4

OTL w oknie Custom Scans-Fixes wklej następujący skrypt:

Kliknij w Run Fix. Zatwierdź restart komputera.

potem log z usuwania i nowy log OTL

:slight_smile:


(Lporazinski) #5

log z usuwania

All processes killed

========== OTL ==========

Process explorer.exe killed successfully!

Registry key HKEY_USERS\s-1-5-21-3174984377-1649888885-1636730511-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\braviax deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\UserFaultCheck deleted successfully.

Registry value HKEY_USERS.default\Software\Microsoft\Windows\CurrentVersion\Run\braviax deleted successfully.

Registry value HKEY_USERS\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\braviax not found.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksportuj do programu Microsoft Excel\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_Dlls:cru629.dat deleted successfully.

Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_Dlls:FILES\QUI scheduled to be deleted on reboot.

========== FILES ==========

C:\WINDOWS\System32\braviax.exe moved successfully.

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.LUKASZ

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 49286 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Łukasz

->Temp folder emptied: 25480 bytes

->Temporary Internet Files folder emptied: 131206 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 2542239 bytes

->Opera cache emptied: 84304038 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

Windows Temp folder emptied: 74752 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 83,12 mb

OTL by OldTimer - Version 3.0.10.5 log created on 08082009_234034

braviax.exe nadal jest ladowany podczas startu systemu / komp nadal muli


(Leon$) #6

:slight_smile:


(delf_) #7

a czasami nie masz jeszcze gdzieś na dysku pliku cru629.dat albo podobnego cruXXX.dat (XXX to kombinacja cyfr)?