Problem z uruchomieniem partycji

Oprogramowanie komputerowe Windows (ogólnie)
#1

Witam

mój problem może okazać się wam banalny, ale dla mnie jest bardzo uciążliwy :frowning: wszystko zaczęło się od zainstalowania avasta, od tego momentu “normalne” włączanie partycji (C i D) przez podwójne kliknięcie lewym przyciskiem nie działa, opcja “otwórz” z meni jakie się rozwija po kliknięciu prawym przyciskiem myszy także nie działa. Jedyne co umożliwia mi wejście do moich partycji to opcja eksploruj z wcześniej wspomnianego meni. Po odinstalowaniu avasta problem nadal pozostał :frowning:

i z tym wiąże się moje pytanie, czy można w jakiś sposób przywrócić “normalność” włączania partycji czy konieczny jest format, czego nie ukrywam nie chciałabym robić :?

z góry dziękuje za pomoc

pozdrawiam

#2

Ja mam avasta i nie było żadnego problemu. Wirus się wkradł. Pokaż logi z Hjacka This. I prosze administratorów o przeniesienie tematu do “Bezpieczeństwo i logi HjackThis”

#3

jeśli to masz na myśli to proszę, oto wynik działania Hijack This:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:46:01, on 2009-12-23

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)

O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O4 - HKLM…\Run: [ATICCC] “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime -Delay

O4 - HKLM…\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.1\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM…\Run: [internet Today Task] “C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe”

O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [ALLUpdate] “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”

O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe (file missing)

End of file - 4867 bytes

#4

W HiJackThis zanzacz te pozycje i daj Fix Checked

O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe (file missing)

O4 - HKLM…\Run: [internet Today Task] “C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe”

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)

Po usunięciu tych wpisów prosze o ponowne wstawienie loga po czyszczeniu

#5

po czyszczeniu: (zaznaczam że “normalność” nie powróciła)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:02:12, on 2009-12-23

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Adobe\Reader 9.1\Reader\Reader_sl.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\ALLPlayer\ALLUpdate.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O4 - HKLM…\Run: [ATICCC] “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime -Delay

O4 - HKLM…\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.1\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [ALLUpdate] “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”

O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

End of file - 4408 bytes

#6

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) Jeszcze to wyrzuć

#7

Pobierz OTListIt2: http://www.searchengines.pl/index.php?s … =392369 przeskanuj daj log OTListIT.txt oraz Extras.txt.

:slight_smile:

#8

nadal nie działa:-/

log po kolejnym czyszczeniu:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:15:53, on 2009-12-23

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\ALLPlayer\ALLUpdate.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O4 - HKLM…\Run: [ATICCC] “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime -Delay

O4 - HKLM…\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.1\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [ALLUpdate] “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”

O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

End of file - 4228 bytes

#9

Tak jak Leon$ poradził pobierz OTListit2 i daj dwa logi OTListIT.txt oraz Extras.txt

#10

z OTL.Txt: (przy okazji skąd wziąć Extras.txt??)

OTL logfile created on: 2009-12-23 22:19:35 - Run 3

OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Justyna\Moje dokumenty\Pobieranie

Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

446,00 Mb Total Physical Memory | 109,00 Mb Available Physical Memory | 24,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 26,86 Gb Total Space | 10,97 Gb Free Space | 40,84% Space Free | Partition Type: NTFS

Drive D: | 29,03 Gb Total Space | 14,10 Gb Free Space | 48,59% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: JUSTYNA-DEB6A12

Current User Name: Justyna

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (All) ==========

PRC - [2009-12-23 20:14:31 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Justyna\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2009-12-17 14:39:16 | 00,908,248 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-12-12 20:40:47 | 00,189,248 | ---- | M] () – C:\WINDOWS\system32\PnkBstrB.exe

PRC - [2009-12-12 20:40:35 | 00,075,064 | ---- | M] () – C:\WINDOWS\system32\PnkBstrA.exe

PRC - [2009-04-23 14:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) – C:\Program Files\DAEMON Tools Lite\daemon.exe

PRC - [2009-02-09 11:10:45 | 00,111,104 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\services.exe

PRC - [2009-02-06 17:39:29 | 00,227,840 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\wmiprvse.exe

PRC - [2008-10-16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wuauclt.exe

PRC - [2006-03-14 10:01:40 | 16,010,752 | R— | M] (Realtek Semiconductor Corp.) – C:\WINDOWS\RTHDCPL.exe

PRC - [2006-03-08 15:42:00 | 00,405,504 | ---- | M] (ATI Technologies Inc.) – C:\WINDOWS\system32\ati2evxx.exe

PRC - [2006-03-03 06:07:38 | 00,761,946 | ---- | M] (Synaptics, Inc.) – C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

PRC - [2006-03-02 13:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

PRC - [2006-03-02 13:00:00 | 00,504,832 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winlogon.exe

PRC - [2006-03-02 13:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\spoolsv.exe

PRC - [2006-03-02 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\smss.exe

PRC - [2006-03-02 13:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\alg.exe

PRC - [2006-03-02 13:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe

PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [RPCSS]

PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]

PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETSVCS]

PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]

PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]

PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [imgSVC]

PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]

PRC - [2006-03-02 13:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wscntfy.exe

PRC - [2006-03-02 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\lsass.exe

PRC - [2006-03-02 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\csrss.exe

PRC - [2006-01-02 17:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) – C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

PRC - [2004-08-04 00:55:54 | 01,667,584 | ---- | M] (Microsoft Corporation) – C:\Program Files\Messenger\msmsgs.exe

========== Modules (All) ==========

MOD - [2009-12-23 20:14:31 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Justyna\Moje dokumenty\Pobieranie\OTL.exe

MOD - [2009-04-29 05:53:39 | 00,474,112 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shlwapi.dll

MOD - [2009-04-15 16:18:19 | 00,584,192 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rpcrt4.dll

MOD - [2009-03-21 15:21:24 | 01,014,784 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll

MOD - [2009-02-09 11:22:08 | 00,686,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll

MOD - [2009-02-09 11:22:06 | 00,722,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll

MOD - [2009-02-03 21:11:07 | 00,055,808 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll

MOD - [2008-10-23 14:01:37 | 00,283,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll

MOD - [2008-07-03 14:16:27 | 08,483,328 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll

MOD - [2006-03-02 13:00:00 | 01,281,024 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll

MOD - [2006-03-02 13:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

MOD - [2006-03-02 13:00:00 | 00,996,352 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll

MOD - [2006-03-02 13:00:00 | 00,578,560 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.dll

MOD - [2006-03-02 13:00:00 | 00,553,472 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll

MOD - [2006-03-02 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll

MOD - [2006-03-02 13:00:00 | 00,294,400 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTF.dll

MOD - [2006-03-02 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll

MOD - [2006-03-02 13:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\framedyn.dll

MOD - [2006-03-02 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv

MOD - [2006-03-02 13:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll

MOD - [2006-03-02 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll

MOD - [2006-03-02 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll

MOD - [2006-03-02 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] – -- (QuestService Service)

SRV - [2009-12-12 20:40:47 | 00,189,248 | ---- | M] () [Auto | Running] – C:\WINDOWS\system32\PnkBstrB.exe – (PnkBstrB)

SRV - [2009-12-12 20:40:35 | 00,075,064 | ---- | M] () [Auto | Running] – C:\WINDOWS\system32\PnkBstrA.exe – (PnkBstrA)

SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE – (odserv)

SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose)

SRV - [2006-03-08 15:42:00 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] – C:\WINDOWS\system32\ati2evxx.exe – (Ati HotKey Poller)

========== Driver Services (SafeList) ==========

DRV - [2009-05-24 13:31:49 | 00,721,904 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)

DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)

DRV - [2006-03-16 06:24:06 | 04,249,088 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2006-03-08 15:49:20 | 01,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)

DRV - [2006-03-03 05:52:30 | 00,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynTP.sys – (SynTP)

DRV - [2006-03-02 13:00:00 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)

DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)

DRV - [2006-01-25 03:44:52 | 00,488,448 | R— | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ar5211.sys – (AR5211)

DRV - [2005-10-24 03:20:52 | 00,218,496 | R— | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSFHWAZL.sys – (HSFHWAZL)

DRV - [2005-10-18 09:53:24 | 00,998,656 | R— | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSF_DPV.sys – (HSF_DPV)

DRV - [2005-10-18 09:52:30 | 00,721,280 | R— | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSF_CNXT.sys – (winachsf)

DRV - [2005-10-05 08:57:08 | 00,012,544 | R— | M] (Conexant) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\mdmxsdk.sys – (mdmxsdk)

DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Hdaudbus.sys – (HDAudBus)

DRV - [2004-08-03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RTL8139.sys – (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com

IE - HKCU…\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js…browser.search.defaultengine: “Ask.com

FF - prefs.js…browser.search.defaultenginename: “Ask.com

FF - prefs.js…browser.search.order.1: “Ask.com

FF - prefs.js…browser.search.selectedEngine: “Google”

FF - prefs.js…browser.search.useDBForOrder: true

FF - prefs.js…browser.startup.homepage: “http://www.google.pl/

FF - prefs.js…extensions.enabledItems: toolbar@ask.com:3.5.0.145

FF - prefs.js…extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.27.0

FF - prefs.js…extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009-12-19 21:26:32 | 00,000,000 | —D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-19 21:26:37 | 00,000,000 | —D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009-03-18 22:15:36 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Extensions

[2009-12-23 11:34:23 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\extensions

[2009-12-12 19:38:17 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\extensions\battlefieldheroespatcher@ea.com

[2009-12-17 01:05:12 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\extensions\DTToolbar@toolbarnet.com

[2009-11-25 00:03:19 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\extensions\toolbar@ask.com

[2009-11-25 00:03:20 | 00,002,255 | ---- | M] () – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\searchplugins\askcom.xml

[2009-12-17 01:04:59 | 00,002,395 | ---- | M] () – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\searchplugins\daemon-search.xml

[2009-12-23 20:33:01 | 00,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions

[2009-10-16 19:45:02 | 00,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2009-10-16 19:45:02 | 00,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2009-10-16 19:45:02 | 00,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2009-10-16 19:45:02 | 00,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2009-11-30 22:33:41 | 00,002,405 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\questservice127.xml

[2009-10-16 19:45:02 | 00,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2009-10-16 19:45:02 | 00,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (Conduit Ltd.)

O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM…\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (Conduit Ltd.)

O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU…\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (Conduit Ltd.)

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.1\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)

O4 - HKLM…\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [KernelFaultCheck] File not found

O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM…\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found

O4 - HKCU…\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()

O4 - HKCU…\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh … wflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.17.0.1 82.160.1.1

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-04-07 09:25:46 | 00,000,000 | —D | M] - C:\Autodesk – [NTFS]

O32 - AutoRun File - [2009-03-18 19:29:17 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]

O32 - AutoRun File - [2009-12-23 13:36:42 | 00,000,055 | RHS- | M] () - C:\autorun.inf – [NTFS]

O32 - AutoRun File - [2009-12-23 13:36:42 | 00,000,055 | RHS- | M] () - D:\autorun.inf – [NTFS]

O33 - MountPoints2{7fc1499d-13e9-11de-9bda-806d6172696f}\Shell\AutoRun\command - “” = 9ffp.exe

O33 - MountPoints2{7fc1499d-13e9-11de-9bda-806d6172696f}\Shell\open\Command - “” = 9ffp.exe

O33 - MountPoints2{7fc1499f-13e9-11de-9bda-806d6172696f}\Shell\AutoRun\command - “” = 9ffp.exe

O33 - MountPoints2{7fc1499f-13e9-11de-9bda-806d6172696f}\Shell\open\Command - “” = 9ffp.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] – “%1” %*

O35 - exefile [open] – “%1” %*

========== Files/Folders - Created Within 30 Days ==========

[2009-12-23 21:45:37 | 00,000,000 | —D | C] – C:\Program Files\Trend Micro

[2009-12-23 13:30:29 | 00,000,000 | -HSD | C] – C:\Config.Msi

[2009-12-19 23:02:07 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Pulpit\kodeki

[2009-12-18 23:19:51 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2009-12-18 23:09:15 | 00,014,640 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\spmsg.dll

[2009-12-18 23:08:05 | 00,000,000 | —D | C] – C:\Program Files\Windows Media Connect 2

[2009-12-18 23:02:36 | 00,000,000 | —D | C] – C:\WINDOWS\System32\drivers\UMDF

[2009-12-17 01:38:50 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Moje dokumenty\FIFA 10

[2009-12-17 01:37:06 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Dane aplikacji\Leadertech

[2009-12-17 01:14:18 | 03,786,760 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\D3DX9_37.dll

[2009-12-17 01:14:14 | 03,727,720 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_35.dll

[2009-12-17 01:14:11 | 03,497,832 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_34.dll

[2009-12-17 01:14:07 | 00,081,768 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\xinput1_3.dll

[2009-12-17 01:14:03 | 03,495,784 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_33.dll

[2009-12-17 01:14:02 | 03,426,072 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_32.dll

[2009-12-17 01:14:02 | 02,414,360 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_31.dll

[2009-12-17 01:13:46 | 02,388,176 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_30.dll

[2009-12-17 01:13:46 | 02,332,368 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_29.dll

[2009-12-17 01:13:45 | 02,323,664 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_28.dll

[2009-12-17 01:13:45 | 02,319,568 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_27.dll

[2009-12-17 01:13:45 | 00,061,136 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\xinput9_1_0.dll

[2009-12-17 01:13:44 | 02,337,488 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_25.dll

[2009-12-17 01:13:44 | 02,297,552 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_26.dll

[2009-12-17 01:13:42 | 02,222,800 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_24.dll

[2009-12-17 01:04:48 | 00,000,000 | —D | C] – C:\Program Files\DAEMON Tools Lite

[2009-12-16 23:50:09 | 00,000,000 | —D | C] – C:\totalcmd

[2009-12-16 23:50:09 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Dane aplikacji\GHISLER

[2009-12-12 21:06:05 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Google

[2009-12-12 20:40:33 | 00,000,000 | —D | C] – C:\WINDOWS\System32\LogFiles

[2009-11-30 22:11:24 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\Textual Content Provider

[2009-11-30 22:10:29 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\Internet Today

[2009-11-30 22:10:21 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer

[2009-11-30 22:10:14 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer

[2009-11-30 22:10:09 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\Web Search Operator

[2009-11-30 22:09:14 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\Gameztar Toolbar

[2009-11-29 20:28:52 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Pulpit\Tapety STALÓWKI

[2009-11-26 23:26:12 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\AskToolbar

[2009-11-24 23:58:26 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Dane aplikacji\BitTorrent

[2009-11-24 23:55:36 | 00,000,000 | —D | C] – C:\Program Files\Ask.com

[2009-11-24 23:55:12 | 00,000,000 | —D | C] – C:\Program Files\BitTorrent

[2009-10-10 21:58:00 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google

[2009-10-10 21:44:50 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google

[2009-04-11 14:49:37 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET

[2009-03-18 19:33:45 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[2009-03-18 19:33:23 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2009-03-18 19:33:23 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2004-11-24 20:25:52 | 00,335,872 | ---- | C] ( ) – C:\WINDOWS\System32\drvc.dll

========== Files - Modified Within 30 Days ==========

[2009-12-23 22:14:41 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT

[2009-12-23 22:14:39 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2009-12-23 22:13:48 | 05,242,880 | -H-- | M] () – C:\Documents and Settings\Justyna\NTUSER.DAT

[2009-12-23 22:13:48 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\Justyna\ntuser.ini

[2009-12-23 22:01:03 | 00,000,238 | ---- | M] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2009-12-23 21:45:38 | 00,001,734 | ---- | M] () – C:\Documents and Settings\Justyna\Pulpit\HijackThis.lnk

[2009-12-23 15:34:14 | 04,808,098 | -H-- | M] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2009-12-23 15:17:12 | 00,002,596 | ---- | M] () – C:\WINDOWS\System32\CONFIG.NT

[2009-12-23 13:36:42 | 00,000,055 | RHS- | M] () – C:\autorun.inf

[2009-12-22 09:03:08 | 00,121,316 | RHS- | M] () – C:\nymdik.exe

[2009-12-20 19:28:05 | 00,120,315 | RHS- | M] () – C:\nx.exe

[2009-12-19 21:47:17 | 00,042,496 | ---- | M] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-12-19 16:55:44 | 00,120,299 | RHS- | M] () – C:\yu3.exe

[2009-12-18 23:09:20 | 00,001,393 | ---- | M] () – C:\WINDOWS\imsins.BAK

[2009-12-18 23:09:02 | 00,023,392 | ---- | M] () – C:\WINDOWS\System32\nscompat.tlb

[2009-12-18 23:09:02 | 00,016,832 | ---- | M] () – C:\WINDOWS\System32\amcompat.tlb

[2009-12-18 23:08:37 | 00,000,507 | ---- | M] () – C:\WINDOWS\win.ini

[2009-12-18 23:05:17 | 00,316,640 | ---- | M] () – C:\WINDOWS\WMSysPr9.prx

[2009-12-18 23:02:54 | 00,000,000 | -H-- | M] () – C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2009-12-17 23:59:58 | 00,000,600 | ---- | M] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\PUTTY.RND

[2009-12-17 01:39:57 | 00,000,514 | ---- | M] () – C:\Documents and Settings\Justyna\Pulpit\Skrót do FIFA10.lnk

[2009-12-17 01:36:40 | 00,001,446 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\FIFA 10.lnk

[2009-12-17 01:04:54 | 00,001,613 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk

[2009-12-16 23:55:34 | 00,002,422 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl

[2009-12-16 23:50:13 | 00,000,548 | ---- | M] () – C:\Documents and Settings\Justyna\Pulpit\Total Commander.lnk

[2009-12-12 20:41:01 | 00,138,056 | ---- | M] () – C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-12-12 20:41:01 | 00,138,056 | ---- | M] () – C:\Documents and Settings\Justyna\Dane aplikacji\PnkBstrK.sys

[2009-12-12 20:40:47 | 00,189,248 | ---- | M] () – C:\WINDOWS\System32\PnkBstrB.exe

[2009-12-12 20:40:35 | 00,075,064 | ---- | M] () – C:\WINDOWS\System32\PnkBstrA.exe

[2009-12-12 20:40:34 | 02,395,944 | ---- | M] () – C:\WINDOWS\System32\pbsvc_heroes.exe

[2009-12-10 08:38:13 | 00,119,009 | RHS- | M] () – C:\nqdymj.exe

[2009-11-29 18:23:13 | 00,115,191 | RHS- | M] () – C:\q3kku.exe

[2009-11-26 02:36:35 | 00,114,819 | RHS- | M] () – C:\wfx062.exe

[2009-11-24 00:27:14 | 00,113,508 | RHS- | M] () – C:\wu1n.exe

========== Files Created - No Company Name ==========

[2009-12-23 21:45:38 | 00,001,734 | ---- | C] () – C:\Documents and Settings\Justyna\Pulpit\HijackThis.lnk

[2009-12-22 09:03:37 | 00,121,316 | RHS- | C] () – C:\nymdik.exe

[2009-12-19 17:47:18 | 00,120,315 | RHS- | C] () – C:\nx.exe

[2009-12-18 23:19:59 | 00,120,299 | RHS- | C] () – C:\yu3.exe

[2009-12-18 23:02:54 | 00,000,000 | -H-- | C] () – C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2009-12-17 01:39:57 | 00,000,514 | ---- | C] () – C:\Documents and Settings\Justyna\Pulpit\Skrót do FIFA10.lnk

[2009-12-17 01:36:40 | 00,001,446 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\FIFA 10.lnk

[2009-12-17 01:04:54 | 00,001,613 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk

[2009-12-16 23:50:13 | 00,000,548 | ---- | C] () – C:\Documents and Settings\Justyna\Pulpit\Total Commander.lnk

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\UC.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\RAR.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\PKZIP.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\PKUNZIP.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\NOCLOSE.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\LHA.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\ARJ.PIF

[2009-12-12 20:41:01 | 00,138,056 | ---- | C] () – C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-12-12 20:41:01 | 00,138,056 | ---- | C] () – C:\Documents and Settings\Justyna\Dane aplikacji\PnkBstrK.sys

[2009-12-12 20:40:39 | 00,189,248 | ---- | C] () – C:\WINDOWS\System32\PnkBstrB.exe

[2009-12-12 20:40:35 | 00,075,064 | ---- | C] () – C:\WINDOWS\System32\PnkBstrA.exe

[2009-12-12 20:40:34 | 02,395,944 | ---- | C] () – C:\WINDOWS\System32\pbsvc_heroes.exe

[2009-12-10 08:38:44 | 00,119,009 | RHS- | C] () – C:\nqdymj.exe

[2009-11-29 18:23:41 | 00,115,191 | RHS- | C] () – C:\q3kku.exe

[2009-11-26 02:37:03 | 00,114,819 | RHS- | C] () – C:\wfx062.exe

[2009-11-24 23:55:47 | 00,000,238 | ---- | C] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2009-11-24 00:27:41 | 00,113,508 | RHS- | C] () – C:\wu1n.exe

[2009-10-22 15:21:20 | 00,000,600 | ---- | C] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\PUTTY.RND

[2009-10-10 21:28:34 | 00,795,648 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll

[2009-10-10 21:18:56 | 00,168,448 | ---- | C] () – C:\WINDOWS\System32\unrar.dll

[2009-05-24 13:24:55 | 00,721,904 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys

[2009-05-17 14:04:01 | 00,000,059 | ---- | C] () – C:\WINDOWS\wininit.ini

[2009-03-18 22:09:19 | 00,042,496 | ---- | C] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-03-18 20:11:07 | 00,000,427 | ---- | C] () – C:\WINDOWS\ODBC.INI

[2008-06-22 18:34:00 | 00,177,664 | ---- | C] () – C:\WINDOWS\System32\ff_theora.dll

[2006-12-12 17:24:42 | 00,012,288 | ---- | C] () – C:\WINDOWS\System32\DivXWMPExtType.dll

[2006-03-02 13:00:00 | 00,027,440 | ---- | C] () – C:\WINDOWS\System32\drivers\secdrv.sys

[2004-10-03 18:50:54 | 00,129,024 | ---- | C] () – C:\WINDOWS\System32\ff_mpeg2enc.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:9494338C

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D56F6BEE

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:592D7272

< End of report >

#11

Wylecz pendriva lub kartę pamięci http://www.softpedia.com/get/Security/S … Tool.shtml

Flash Disinfector http://www.searchengines.pl/index.php?s … ntry369724

lub format

OTL w oknie Custom Scans-Fixes wklej następujący skrypt:

Kliknij w Run Fix. Zatwierdź restart komputera.

potem nowy scan OTL i pokaż log

:slight_smile:

#12

dzięki Wszystkim za pomocne rady =D> . Po wykonaniu ostatniej wskazówki wszystko działa bez problemu, “normalność” powróciła :smiley:

p.s.życzę Wam Wesołych Świąt:)

dla formalności najnowszy log po wprowadzeniu wcześniej wspomnianej wskazówki w życie:

OTL logfile created on: 2009-12-23 22:55:20 - Run 4

OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Justyna\Moje dokumenty\Pobieranie

Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

446,00 Mb Total Physical Memory | 102,00 Mb Available Physical Memory | 23,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 26,86 Gb Total Space | 11,03 Gb Free Space | 41,07% Space Free | Partition Type: NTFS

Drive D: | 29,03 Gb Total Space | 14,10 Gb Free Space | 48,59% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: JUSTYNA-DEB6A12

Current User Name: Justyna

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-12-23 20:14:31 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Justyna\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2009-12-17 14:39:16 | 00,908,248 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-12-12 20:40:47 | 00,189,248 | ---- | M] () – C:\WINDOWS\system32\PnkBstrB.exe

PRC - [2009-12-12 20:40:35 | 00,075,064 | ---- | M] () – C:\WINDOWS\system32\PnkBstrA.exe

PRC - [2009-06-04 21:56:22 | 00,869,888 | ---- | M] () – C:\Program Files\ALLPlayer\ALLUpdate.exe

PRC - [2009-04-23 14:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) – C:\Program Files\DAEMON Tools Lite\daemon.exe

PRC - [2009-02-27 16:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) – C:\Program Files\Adobe\Reader 9.1\Reader\reader_sl.exe

PRC - [2006-03-14 10:01:40 | 16,010,752 | R— | M] (Realtek Semiconductor Corp.) – C:\WINDOWS\RTHDCPL.exe

PRC - [2006-03-08 15:42:00 | 00,405,504 | ---- | M] (ATI Technologies Inc.) – C:\WINDOWS\system32\ati2evxx.exe

PRC - [2006-03-03 06:07:38 | 00,761,946 | ---- | M] (Synaptics, Inc.) – C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

PRC - [2006-03-02 13:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

PRC - [2006-03-02 13:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wscntfy.exe

PRC - [2006-01-02 17:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) – C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

========== Modules (SafeList) ==========

MOD - [2009-12-23 20:14:31 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Justyna\Moje dokumenty\Pobieranie\OTL.exe

MOD - [2006-03-02 13:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2009-12-12 20:40:47 | 00,189,248 | ---- | M] () [Auto | Running] – C:\WINDOWS\system32\PnkBstrB.exe – (PnkBstrB)

SRV - [2009-12-12 20:40:35 | 00,075,064 | ---- | M] () [Auto | Running] – C:\WINDOWS\system32\PnkBstrA.exe – (PnkBstrA)

SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE – (odserv)

SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose)

SRV - [2006-03-08 15:42:00 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] – C:\WINDOWS\system32\ati2evxx.exe – (Ati HotKey Poller)

========== Driver Services (SafeList) ==========

DRV - [2009-05-24 13:31:49 | 00,721,904 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)

DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)

DRV - [2006-03-16 06:24:06 | 04,249,088 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2006-03-08 15:49:20 | 01,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)

DRV - [2006-03-03 05:52:30 | 00,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynTP.sys – (SynTP)

DRV - [2006-03-02 13:00:00 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)

DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)

DRV - [2006-01-25 03:44:52 | 00,488,448 | R— | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ar5211.sys – (AR5211)

DRV - [2005-10-24 03:20:52 | 00,218,496 | R— | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSFHWAZL.sys – (HSFHWAZL)

DRV - [2005-10-18 09:53:24 | 00,998,656 | R— | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSF_DPV.sys – (HSF_DPV)

DRV - [2005-10-18 09:52:30 | 00,721,280 | R— | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSF_CNXT.sys – (winachsf)

DRV - [2005-10-05 08:57:08 | 00,012,544 | R— | M] (Conexant) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\mdmxsdk.sys – (mdmxsdk)

DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Hdaudbus.sys – (HDAudBus)

DRV - [2004-08-03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RTL8139.sys – (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com

IE - HKCU…\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js…browser.search.defaultengine: “”

FF - prefs.js…browser.search.defaultenginename: “”

FF - prefs.js…browser.search.order.1: “”

FF - prefs.js…browser.search.selectedEngine: “Google”

FF - prefs.js…browser.search.useDBForOrder: true

FF - prefs.js…browser.startup.homepage: “http://www.google.pl/

FF - prefs.js…extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.27.0

FF - prefs.js…extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009-12-19 21:26:32 | 00,000,000 | —D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-19 21:26:37 | 00,000,000 | —D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009-03-18 22:15:36 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Extensions

[2009-12-23 22:53:54 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\extensions

[2009-12-12 19:38:17 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\extensions\battlefieldheroespatcher@ea.com

[2009-12-17 01:05:12 | 00,000,000 | —D | M] – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\extensions\DTToolbar@toolbarnet.com

[2009-12-17 01:04:59 | 00,002,395 | ---- | M] () – C:\Documents and Settings\Justyna\Dane aplikacji\Mozilla\Firefox\Profiles\cqrd5kwu.default\searchplugins\daemon-search.xml

[2009-12-23 20:33:01 | 00,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions

[2009-10-16 19:45:02 | 00,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2009-10-16 19:45:02 | 00,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2009-10-16 19:45:02 | 00,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2009-10-16 19:45:02 | 00,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2009-11-30 22:33:41 | 00,002,405 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\questservice127.xml

[2009-10-16 19:45:02 | 00,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2009-10-16 19:45:02 | 00,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (Conduit Ltd.)

O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM…\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (Conduit Ltd.)

O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU…\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (Conduit Ltd.)

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.1\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)

O4 - HKLM…\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [KernelFaultCheck] File not found

O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM…\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

O4 - HKCU…\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()

O4 - HKCU…\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh … wflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.17.0.1 82.160.1.1

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-04-07 09:25:46 | 00,000,000 | —D | M] - C:\Autodesk – [NTFS]

O32 - AutoRun File - [2009-03-18 19:29:17 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] – “%1” %*

O35 - exefile [open] – “%1” %*

========== Files/Folders - Created Within 30 Days ==========

[2009-12-23 22:51:45 | 00,000,000 | —D | C] – C:_OTL

[2009-12-23 21:45:37 | 00,000,000 | —D | C] – C:\Program Files\Trend Micro

[2009-12-23 13:30:29 | 00,000,000 | -HSD | C] – C:\Config.Msi

[2009-12-19 23:02:07 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Pulpit\kodeki

[2009-12-18 23:19:51 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2009-12-18 23:09:15 | 00,014,640 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\spmsg.dll

[2009-12-18 23:08:05 | 00,000,000 | —D | C] – C:\Program Files\Windows Media Connect 2

[2009-12-18 23:02:36 | 00,000,000 | —D | C] – C:\WINDOWS\System32\drivers\UMDF

[2009-12-17 01:38:50 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Moje dokumenty\FIFA 10

[2009-12-17 01:37:06 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Dane aplikacji\Leadertech

[2009-12-17 01:14:18 | 03,786,760 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\D3DX9_37.dll

[2009-12-17 01:14:14 | 03,727,720 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_35.dll

[2009-12-17 01:14:11 | 03,497,832 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_34.dll

[2009-12-17 01:14:07 | 00,081,768 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\xinput1_3.dll

[2009-12-17 01:14:03 | 03,495,784 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_33.dll

[2009-12-17 01:14:02 | 03,426,072 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_32.dll

[2009-12-17 01:14:02 | 02,414,360 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_31.dll

[2009-12-17 01:13:46 | 02,388,176 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_30.dll

[2009-12-17 01:13:46 | 02,332,368 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_29.dll

[2009-12-17 01:13:45 | 02,323,664 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_28.dll

[2009-12-17 01:13:45 | 02,319,568 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_27.dll

[2009-12-17 01:13:45 | 00,061,136 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\xinput9_1_0.dll

[2009-12-17 01:13:44 | 02,337,488 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_25.dll

[2009-12-17 01:13:44 | 02,297,552 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_26.dll

[2009-12-17 01:13:42 | 02,222,800 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\d3dx9_24.dll

[2009-12-17 01:04:48 | 00,000,000 | —D | C] – C:\Program Files\DAEMON Tools Lite

[2009-12-16 23:50:09 | 00,000,000 | —D | C] – C:\totalcmd

[2009-12-16 23:50:09 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Dane aplikacji\GHISLER

[2009-12-12 21:06:05 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Google

[2009-12-12 20:40:33 | 00,000,000 | —D | C] – C:\WINDOWS\System32\LogFiles

[2009-11-29 20:28:52 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Pulpit\Tapety STALÓWKI

[2009-11-24 23:58:26 | 00,000,000 | —D | C] – C:\Documents and Settings\Justyna\Dane aplikacji\BitTorrent

[2009-11-24 23:55:12 | 00,000,000 | —D | C] – C:\Program Files\BitTorrent

[2009-10-10 21:58:00 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google

[2009-10-10 21:44:50 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google

[2009-04-11 14:49:37 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET

[2009-03-18 19:33:45 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[2009-03-18 19:33:23 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2009-03-18 19:33:23 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2004-11-24 20:25:52 | 00,335,872 | ---- | C] ( ) – C:\WINDOWS\System32\drvc.dll

========== Files - Modified Within 30 Days ==========

[2009-12-23 22:52:55 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT

[2009-12-23 22:52:53 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2009-12-23 22:52:05 | 05,242,880 | -H-- | M] () – C:\Documents and Settings\Justyna\NTUSER.DAT

[2009-12-23 22:52:05 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\Justyna\ntuser.ini

[2009-12-23 21:45:38 | 00,001,734 | ---- | M] () – C:\Documents and Settings\Justyna\Pulpit\HijackThis.lnk

[2009-12-23 15:34:14 | 04,808,098 | -H-- | M] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2009-12-23 15:17:12 | 00,002,596 | ---- | M] () – C:\WINDOWS\System32\CONFIG.NT

[2009-12-19 21:47:17 | 00,042,496 | ---- | M] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-12-18 23:09:20 | 00,001,393 | ---- | M] () – C:\WINDOWS\imsins.BAK

[2009-12-18 23:09:02 | 00,023,392 | ---- | M] () – C:\WINDOWS\System32\nscompat.tlb

[2009-12-18 23:09:02 | 00,016,832 | ---- | M] () – C:\WINDOWS\System32\amcompat.tlb

[2009-12-18 23:08:37 | 00,000,507 | ---- | M] () – C:\WINDOWS\win.ini

[2009-12-18 23:05:17 | 00,316,640 | ---- | M] () – C:\WINDOWS\WMSysPr9.prx

[2009-12-18 23:02:54 | 00,000,000 | -H-- | M] () – C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2009-12-17 23:59:58 | 00,000,600 | ---- | M] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\PUTTY.RND

[2009-12-17 01:39:57 | 00,000,514 | ---- | M] () – C:\Documents and Settings\Justyna\Pulpit\Skrót do FIFA10.lnk

[2009-12-17 01:36:40 | 00,001,446 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\FIFA 10.lnk

[2009-12-17 01:04:54 | 00,001,613 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk

[2009-12-16 23:55:34 | 00,002,422 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl

[2009-12-16 23:50:13 | 00,000,548 | ---- | M] () – C:\Documents and Settings\Justyna\Pulpit\Total Commander.lnk

[2009-12-12 20:41:01 | 00,138,056 | ---- | M] () – C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-12-12 20:41:01 | 00,138,056 | ---- | M] () – C:\Documents and Settings\Justyna\Dane aplikacji\PnkBstrK.sys

[2009-12-12 20:40:47 | 00,189,248 | ---- | M] () – C:\WINDOWS\System32\PnkBstrB.exe

[2009-12-12 20:40:35 | 00,075,064 | ---- | M] () – C:\WINDOWS\System32\PnkBstrA.exe

[2009-12-12 20:40:34 | 02,395,944 | ---- | M] () – C:\WINDOWS\System32\pbsvc_heroes.exe

========== Files Created - No Company Name ==========

[2009-12-23 21:45:38 | 00,001,734 | ---- | C] () – C:\Documents and Settings\Justyna\Pulpit\HijackThis.lnk

[2009-12-18 23:02:54 | 00,000,000 | -H-- | C] () – C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2009-12-17 01:39:57 | 00,000,514 | ---- | C] () – C:\Documents and Settings\Justyna\Pulpit\Skrót do FIFA10.lnk

[2009-12-17 01:36:40 | 00,001,446 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\FIFA 10.lnk

[2009-12-17 01:04:54 | 00,001,613 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk

[2009-12-16 23:50:13 | 00,000,548 | ---- | C] () – C:\Documents and Settings\Justyna\Pulpit\Total Commander.lnk

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\UC.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\RAR.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\PKZIP.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\PKUNZIP.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\NOCLOSE.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\LHA.PIF

[2009-12-16 23:50:09 | 00,000,545 | ---- | C] () – C:\WINDOWS\ARJ.PIF

[2009-12-12 20:41:01 | 00,138,056 | ---- | C] () – C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-12-12 20:41:01 | 00,138,056 | ---- | C] () – C:\Documents and Settings\Justyna\Dane aplikacji\PnkBstrK.sys

[2009-12-12 20:40:39 | 00,189,248 | ---- | C] () – C:\WINDOWS\System32\PnkBstrB.exe

[2009-12-12 20:40:35 | 00,075,064 | ---- | C] () – C:\WINDOWS\System32\PnkBstrA.exe

[2009-12-12 20:40:34 | 02,395,944 | ---- | C] () – C:\WINDOWS\System32\pbsvc_heroes.exe

[2009-10-22 15:21:20 | 00,000,600 | ---- | C] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\PUTTY.RND

[2009-10-10 21:28:34 | 00,795,648 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll

[2009-10-10 21:18:56 | 00,168,448 | ---- | C] () – C:\WINDOWS\System32\unrar.dll

[2009-05-24 13:24:55 | 00,721,904 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys

[2009-05-17 14:04:01 | 00,000,059 | ---- | C] () – C:\WINDOWS\wininit.ini

[2009-03-18 22:09:19 | 00,042,496 | ---- | C] () – C:\Documents and Settings\Justyna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-03-18 20:11:07 | 00,000,427 | ---- | C] () – C:\WINDOWS\ODBC.INI

[2008-06-22 18:34:00 | 00,177,664 | ---- | C] () – C:\WINDOWS\System32\ff_theora.dll

[2006-12-12 17:24:42 | 00,012,288 | ---- | C] () – C:\WINDOWS\System32\DivXWMPExtType.dll

[2006-03-02 13:00:00 | 00,027,440 | ---- | C] () – C:\WINDOWS\System32\drivers\secdrv.sys

[2004-10-03 18:50:54 | 00,129,024 | ---- | C] () – C:\WINDOWS\System32\ff_mpeg2enc.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:9494338C

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D56F6BEE

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:592D7272

< End of report >

#13

Log wygląda na czysty

Pobierz CCleaner http://www.filehippo.com/download_ccleaner/

przeskanuj nim i wyczyść rejestr.

zrób optymalizacje uruchamiania

http://cybertrash.netarteria.pl/cyber/i … 378.0.html

W OTL kilknij CleanUp

Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html gdy będą wirusy pokaż raport

lub

Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html

:slight_smile: