Problem z usunięciem Gameztar toolbar

klony71 · 21 Grudzień 2009 08:32

Witam, przez przypadek zainstalowałem Gameztar toolbar i pomimo usunięcia tego programu z dysku w firefoxe wciąż wyskakują mi reklamy otwierające się w nowym oknie. Nie mam pojęcia jak to usunąć…pozdrawiam

tutaj są logi:

OTL: http://wklej.org/id/242264/

EXTRAS: http://wklej.org/id/242266/

deFco247 · 21 Grudzień 2009 10:06

W białe dolne okno Custom Scans/Fixes w OTL wklej:

:Processes Explorer.EXE :OTL PRC - [2009-12-17 14:43:34 | 00,348,160 | ---- | M] () – C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe FF - prefs.js…extensions.enabledItems: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080 FF - prefs.js…extensions.enabledItems: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290 FF - prefs.js…extensions.enabledItems: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960 FF - HKLM\software\mozilla\Firefox\extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.1.0.2080\FF [2009-12-19 17:01:46 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\extensions\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF [2009-12-19 17:01:50 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF [2009-12-19 17:01:59 | 00,000,000 | —D | M] O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5290\ACEIEAddOn.dll () O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll () O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll () O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll () O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.2080\WSO.dll () O4 - HKLM…\Run: [GEST] File not found [2009-12-19 17:02:43 | 00,000,000 | —D | C] – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Textual Content Provider [2009-12-19 17:02:37 | 00,000,000 | —D | C] – C:\Program Files\QuestService [2009-12-19 17:02:37 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\QuestService [2009-12-19 17:02:29 | 00,000,000 | —D | C] – C:\Program Files\Textual Content Provider [2009-12-19 17:02:21 | 00,000,000 | —D | C] – C:\Program Files\Content Management Wizard [2009-12-19 17:02:10 | 00,000,000 | —D | C] – C:\Program Files\Internet Today [2009-12-19 17:02:10 | 00,000,000 | —D | C] – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Internet Today [2009-12-19 17:01:59 | 00,000,000 | —D | C] – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer [2009-12-19 17:01:58 | 00,000,000 | —D | C] – C:\Program Files\Customized Platform Advancer [2009-12-19 17:01:51 | 00,000,000 | —D | C] – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer [2009-12-19 17:01:50 | 00,000,000 | —D | C] – C:\Program Files\Automated Content Enhancer [2009-12-19 17:01:46 | 00,000,000 | —D | C] – C:\Program Files\Web Search Operator [2009-12-19 17:01:46 | 00,000,000 | —D | C] – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Web Search Operator [2009-12-19 17:01:23 | 00,000,000 | —D | C] – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Gameztar Toolbar :Commands [emptytemp] [start explorer]

Run Fix. Restart, jeśli będzie potrzebny.

Potem log z usuwania oraz nowy log robiony opcją Run Scan.

Dodatkowo wklej log z System Repair Engineer.

klony71 · 21 Grudzień 2009 16:53

"

All processes killed

========== PROCESSES ==========

No active process named Explorer.EXE was found!

========== OTL ==========

No active process named InternetToday.exe was found!

Prefs.js: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080 removed from extensions.enabledItems

Prefs.js: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290 removed from extensions.enabledItems

Prefs.js: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960 removed from extensions.enabledItems

Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{E63605FC-D583-4C81-867F-9457BDB3EA1B}\ not found.

C:\Program Files\Web Search Operator\4.1.0.2080\FF\components folder moved successfully.

C:\Program Files\Web Search Operator\4.1.0.2080\FF\chrome\content folder moved successfully.

C:\Program Files\Web Search Operator\4.1.0.2080\FF\chrome folder moved successfully.

C:\Program Files\Web Search Operator\4.1.0.2080\FF folder moved successfully.

Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{8141440E-08F0-4339-9959-5C31C6A69F23} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{8141440E-08F0-4339-9959-5C31C6A69F23}\ not found.

C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF\components folder moved successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF\chrome\content folder moved successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF\chrome folder moved successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF folder moved successfully.

Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{E889F097-B0BE-471B-89AD-B86B6F04B506}\ not found.

C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF\components folder moved successfully.

C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF\chrome\content folder moved successfully.

C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF\chrome folder moved successfully.

C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF folder moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}\ deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5290\ACEIEAddOn.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{42C7C39F-3128-4a17-BDB7-91C46032B5B9}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{42C7C39F-3128-4a17-BDB7-91C46032B5B9}\ deleted successfully.

C:\Program Files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}\ deleted successfully.

C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{CAC89FF9-34A9-4431-8CFE-292A47F843BC}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CAC89FF9-34A9-4431-8CFE-292A47F843BC}\ deleted successfully.

C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}\ deleted successfully.

C:\Program Files\Web Search Operator\4.1.0.2080\WSO.dll moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\GEST deleted successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Textual Content Provider\1.1.0.1810\Data folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Textual Content Provider\1.1.0.1810 folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Textual Content Provider folder moved successfully.

C:\Program Files\QuestService folder moved successfully.

C:\Documents and Settings\All Users\Dane aplikacji\QuestService folder moved successfully.

C:\Program Files\Textual Content Provider\1.1.0.1810\data folder moved successfully.

C:\Program Files\Textual Content Provider\1.1.0.1810 folder moved successfully.

C:\Program Files\Textual Content Provider folder moved successfully.

C:\Program Files\Content Management Wizard\1.1.0.1990 folder moved successfully.

C:\Program Files\Content Management Wizard folder moved successfully.

C:\Program Files\Internet Today\1.1.0.1260 folder moved successfully.

C:\Program Files\Internet Today folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Internet Today folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960 folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer folder moved successfully.

C:\Program Files\Customized Platform Advancer\4.1.0.1960\Data folder moved successfully.

C:\Program Files\Customized Platform Advancer\4.1.0.1960 folder moved successfully.

C:\Program Files\Customized Platform Advancer folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290 folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer folder moved successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5290\Data folder moved successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5290 folder moved successfully.

C:\Program Files\Automated Content Enhancer folder moved successfully.

C:\Program Files\Web Search Operator\4.1.0.2080\Data folder moved successfully.

C:\Program Files\Web Search Operator\4.1.0.2080 folder moved successfully.

C:\Program Files\Web Search Operator folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Web Search Operator\4.1.0.2080 folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Web Search Operator folder moved successfully.

C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\Gameztar Toolbar folder moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: klony

->Temp folder emptied: 917608 bytes

->Temporary Internet Files folder emptied: 57448535 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 82921841 bytes

User: LocalService

->Temp folder emptied: 65984 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

Windows Temp folder emptied: 32768 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 135,00 mb

OTL by OldTimer - Version 3.1.19.0 log created on 12212009_174914

Files\Folders moved on Reboot…

File move failed. C:\WINDOWS\temp_avast4_\Webshlock.txt scheduled to be moved on reboot.

File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7b4.dat not found!

Registry entries deleted on Reboot…

"

Leon1 · 21 Grudzień 2009 16:54

klony71 · 21 Grudzień 2009 16:56

OTL logfile created on: 2009-12-21 17:54:17 - Run 2

OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\klony\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free

5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 97,65 Gb Total Space | 65,14 Gb Free Space | 66,71% Space Free | Partition Type: NTFS

Drive D: | 368,10 Gb Total Space | 230,16 Gb Free Space | 62,53% Space Free | Partition Type: NTFS

Drive E: | 7,28 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: KLONY-38B8A835D

Current User Name: klony

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (All) ==========

PRC - [2009-12-20 15:24:56 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\klony\Pulpit\OTL.exe

PRC - [2009-11-25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software) – D:\Programy\Alwil Software\Avast4\ashDisp.exe

PRC - [2009-11-25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) – D:\Programy\Alwil Software\Avast4\ashServ.exe

PRC - [2009-11-25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) – D:\Programy\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2009-11-25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) – D:\Programy\Alwil Software\Avast4\ashWebSv.exe

PRC - [2009-11-25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) – D:\Programy\Alwil Software\Avast4\aswUpdSv.exe

PRC - [2009-11-07 09:49:28 | 00,323,392 | ---- | M] (BitTorrent, Inc.) – C:\Program Files\DNA\btdna.exe

PRC - [2009-10-11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\jusched.exe

PRC - [2009-10-11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2009-08-06 19:24:06 | 00,053,472 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wuauclt.exe

PRC - [2009-03-08 14:09:31 | 00,066,872 | ---- | M] () – C:\WINDOWS\system32\PnkBstrA.exe

PRC - [2009-03-05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) – D:\Programy\Spybot - Search & Destroy\TeaTimer.exe

PRC - [2009-02-09 12:25:57 | 00,111,104 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\services.exe

PRC - [2009-02-06 11:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\wmiprvse.exe

PRC - [2008-12-01 21:38:42 | 00,598,016 | ---- | M] (ATI Technologies Inc.) – C:\WINDOWS\system32\ati2evxx.exe

PRC - [2008-10-18 17:28:51 | 00,068,856 | ---- | M] (Google Inc.) – C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2008-09-25 16:46:20 | 00,307,712 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2008-09-02 11:48:12 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) – C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

PRC - [2008-09-02 11:40:46 | 00,049,152 | ---- | M] (ATI Technologies Inc.) – C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

PRC - [2008-08-21 02:18:00 | 00,443,968 | ---- | M] (Google Inc.) – D:\Programy\Picasa2\PicasaMediaDetector.exe

PRC - [2008-08-04 00:02:20 | 00,036,352 | ---- | M] () – D:\Programy\Winamp\winampa.exe

PRC - [2008-05-13 17:07:24 | 00,080,392 | ---- | M] () – C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe

PRC - [2008-05-07 08:39:52 | 16,862,208 | R— | M] (Realtek Semiconductor Corp.) – C:\WINDOWS\RTHDCPL.exe

PRC - [2008-04-15 13:00:00 | 01,035,264 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

PRC - [2008-04-15 13:00:00 | 00,510,464 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winlogon.exe

PRC - [2008-04-15 13:00:00 | 00,126,464 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\wmiapsrv.exe

PRC - [2008-04-15 13:00:00 | 00,070,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\NOTEPAD.EXE

PRC - [2008-04-15 13:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\spoolsv.exe

PRC - [2008-04-15 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\smss.exe

PRC - [2008-04-15 13:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\alg.exe

PRC - [2008-04-15 13:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe

PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]

PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [RPCSS]

PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]

PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETSVCS]

PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]

PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [imgSVC]

PRC - [2008-04-15 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]

PRC - [2008-04-15 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\lsass.exe

PRC - [2008-04-15 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\csrss.exe

PRC - [2008-03-20 11:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) – D:\Programy\Gadu-Gadu\gg.exe

PRC - [2007-07-24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) – C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

PRC - [2007-05-17 16:08:14 | 00,661,776 | ---- | M] (IVT Corporation.) – D:\Programy\IVT Corporation\BlueSoleil\BlueSoleil.exe

PRC - [2007-02-23 15:32:56 | 00,126,976 | ---- | M] (SAMSUNG ELECTRONICS) – D:\Programy\samsung\SMSTray.exe

PRC - [2007-01-30 19:36:30 | 00,057,344 | ---- | M] ((주)마크애니) – C:\Program Files\MarkAny\ContentSafer\MaAgent.exe

PRC - [2007-01-04 19:48:52 | 00,112,152 | R— | M] (InterVideo) – C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

PRC - [2006-03-20 20:43:16 | 00,331,776 | ---- | M] () – C:\Program Files\AGEIA Technologies\TrayIcon.exe

========== Modules (All) ==========

MOD - [2009-12-20 15:24:56 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\klony\Pulpit\OTL.exe

MOD - [2009-06-25 09:27:54 | 00,056,832 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll

MOD - [2009-04-15 15:54:38 | 00,585,216 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rpcrt4.dll

MOD - [2009-03-21 15:08:59 | 01,018,368 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll

MOD - [2009-02-09 11:53:44 | 00,686,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll

MOD - [2009-02-09 11:53:43 | 00,722,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll

MOD - [2008-10-23 13:42:41 | 00,286,720 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll

MOD - [2008-06-17 20:03:15 | 08,489,984 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll

MOD - [2008-04-15 13:00:00 | 01,287,168 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll

MOD - [2008-04-15 13:00:00 | 01,054,208 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

MOD - [2008-04-15 13:00:00 | 00,997,888 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll

MOD - [2008-04-15 13:00:00 | 00,732,672 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\userenv.dll

MOD - [2008-04-15 13:00:00 | 00,580,096 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.dll

MOD - [2008-04-15 13:00:00 | 00,551,936 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll

MOD - [2008-04-15 13:00:00 | 00,474,112 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shlwapi.dll

MOD - [2008-04-15 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll

MOD - [2008-04-15 13:00:00 | 00,297,984 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTF.dll

MOD - [2008-04-15 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll

MOD - [2008-04-15 13:00:00 | 00,185,344 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\framedyn.dll

MOD - [2008-04-15 13:00:00 | 00,177,152 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTFIME.IME

MOD - [2008-04-15 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv

MOD - [2008-04-15 13:00:00 | 00,110,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\imm32.dll

MOD - [2008-04-15 13:00:00 | 00,084,992 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll

MOD - [2008-04-15 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll

MOD - [2008-04-15 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll

MOD - [2008-04-15 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll

MOD - [2004-11-24 19:58:24 | 00,163,840 | ---- | M] (MarkAny Co., Ltd.) – C:\Program Files\MarkAny\ContentSafer\MaCSProHook.dll

========== Win32 Services (SafeList) ==========

SRV - [2009-11-25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] – D:\Programy\Alwil Software\Avast4\ashServ.exe – (avast! Antivirus)

SRV - [2009-11-25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] – D:\Programy\Alwil Software\Avast4\ashMaiSv.exe – (avast! Mail Scanner)

SRV - [2009-11-25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] – D:\Programy\Alwil Software\Avast4\ashWebSv.exe – (avast! Web Scanner)

SRV - [2009-11-25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] – D:\Programy\Alwil Software\Avast4\aswUpdSv.exe – (aswUpdSv)

SRV - [2009-10-11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] – C:\Program Files\Java\jre6\bin\jqs.exe – (JavaQuickStarterService)

SRV - [2009-04-24 20:46:59 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe – (gusvc)

SRV - [2009-03-08 14:09:31 | 00,066,872 | ---- | M] () [Auto | Running] – C:\WINDOWS\system32\PnkBstrA.exe – (PnkBstrA)

SRV - [2008-12-01 21:38:42 | 00,598,016 | ---- | M] (ATI Technologies Inc.) [Auto | Running] – C:\WINDOWS\system32\ati2evxx.exe – (Ati HotKey Poller)

SRV - [2008-12-01 14:35:00 | 00,593,920 | ---- | M] () [Auto | Stopped] – C:\WINDOWS\system32\ati2sgag.exe – (ATI Smart)

SRV - [2008-05-13 17:07:24 | 00,080,392 | ---- | M] () [Auto | Running] – C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe – (GEST Service)

SRV - [2007-07-24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] – C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe – (PSI_SVC_2)

SRV - [2007-01-04 19:48:52 | 00,112,152 | R— | M] (InterVideo) [Auto | Running] – C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe – (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - [2009-12-21 17:51:04 | 00,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\gdrv.sys – (gdrv)

DRV - [2009-11-25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\aswmon2.sys – (aswMon2)

DRV - [2009-11-25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\aswSP.sys – (aswSP)

DRV - [2009-11-25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\aswFsBlk.sys – (aswFsBlk)

DRV - [2009-11-25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\aswTdi.sys – (aswTdi)

DRV - [2009-11-25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\aswRdr.sys – (aswRdr)

DRV - [2009-11-25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\aavmker4.sys – (Aavmker4)

DRV - [2008-12-01 23:13:40 | 03,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)

DRV - [2008-10-10 17:33:34 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)

DRV - [2008-07-31 23:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)

DRV - [2008-05-07 12:21:40 | 04,739,072 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008-04-15 13:00:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\hdaudbus.sys – (HDAudBus)

DRV - [2008-04-15 13:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)

DRV - [2008-04-15 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)

DRV - [2008-04-15 13:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\rootmdm.sys – (ROOTMODEM)

DRV - [2008-01-03 15:10:16 | 00,105,856 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Rtenicxp.sys – (RTLE8023xp)

DRV - [2007-11-14 08:48:20 | 00,084,992 | R— | M] (ATI Research Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\AtiHdmi.sys – (AtiHdmiService)

DRV - [2007-05-11 02:10:50 | 00,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\blueletaudio.sys – (BlueletAudio)

DRV - [2007-05-09 00:59:40 | 00,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\btcusb.sys – (Btcsrusb)

DRV - [2007-04-17 20:09:28 | 00,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\regi.sys – (regi)

DRV - [2007-03-05 05:00:04 | 00,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys – (BlueletSCOAudio)

DRV - [2007-03-05 04:59:04 | 00,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\btnetdrv.sys – (BT)

DRV - [2007-03-05 04:56:18 | 00,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\BTHidMgr.sys – (BTHidMgr)

DRV - [2007-03-05 04:55:12 | 00,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\vbtenum.sys – (BTHidEnum)

DRV - [2007-03-05 04:53:18 | 00,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\VcommMgr.sys – (VcommMgr)

DRV - [2007-03-05 04:52:18 | 00,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\VComm.sys – (VComm)

DRV - [2006-11-21 21:41:18 | 00,022,416 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] – D:\Programy\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys – (BTNetFilter)

DRV - [2005-09-20 17:27:20 | 00,010,368 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\iviaspi.sys – (Iviaspi)

DRV - [2002-04-26 12:04:16 | 00,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\KMM4XNT.SYS – (Kmm4xNT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js…browser.startup.homepage: “www.google.pl”

FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.3\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009-12-20 11:40:32 | 00,000,000 | —D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.3\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-20 11:40:27 | 00,000,000 | —D | M]

[2009-12-20 11:40:32 | 00,000,000 | —D | M] – C:\Documents and Settings\klony\Dane aplikacji\Mozilla\Extensions

[2009-08-07 21:35:36 | 00,000,000 | —D | M] – C:\Documents and Settings\klony\Dane aplikacji\Mozilla\Extensions\MediaCoder

[2009-12-20 11:41:30 | 00,000,000 | —D | M] – C:\Documents and Settings\klony\Dane aplikacji\Mozilla\Firefox\Profiles\y9w3p90o.default\extensions

[2009-12-20 11:40:28 | 00,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions

[2006-06-03 17:43:22 | 00,000,896 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2008-04-03 18:19:08 | 00,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2007-03-31 18:11:54 | 00,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2006-06-03 17:43:22 | 00,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2008-03-28 22:36:04 | 00,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2007-01-05 12:40:56 | 00,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programy\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - No CLSID value found.

O2 - BHO: (no name) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - No CLSID value found.

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)

O2 - BHO: (no name) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - No CLSID value found.

O2 - BHO: (no name) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - No CLSID value found.

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O2 - BHO: (no name) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - No CLSID value found.

O3 - HKLM…\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU…\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM…\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe ()

O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [avast!] D:\Programy\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM…\Run: [internet Today Task] C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe File not found

O4 - HKLM…\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MaAgent.exe ((주)마크애니)

O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM…\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [sMSTray] D:\Programy\samsung\SMSTray.exe (SAMSUNG ELECTRONICS)

O4 - HKLM…\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM…\Run: [WinampAgent] D:\Programy\Winamp\winampa.exe ()

O4 - HKCU…\Run: [bitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)

O4 - HKCU…\Run: [Gadu-Gadu] D:\Programy\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)

O4 - HKCU…\Run: [Picasa Media Detector] D:\Programy\Picasa2\PicasaMediaDetector.exe (Google Inc.)

O4 - HKCU…\Run: [RGSC] D:\Gry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found

O4 - HKCU…\Run: [spybotSD TeaTimer] D:\Programy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BlueSoleil.lnk = D:\Programy\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = D:\Programy\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Programy\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Google Sidewiki… - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)

O8 - Extra context menu item: Pobierz z &BitSpirit - D:\Programy\BitSpirit\bsurl.htm ()

O9 - Extra ‘Tools’ menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ … mv9VCM.CAB (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl … rashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.228.7.228 217.172.224.160

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-10-09 19:28:07 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]

O32 - AutoRun File - [2007-07-16 02:07:53 | 00,000,044 | R— | M] () - E:\Autorun.inf – [CDFS]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] – “%1” %*

O35 - exefile [open] – “%1” %*

========== Files/Folders - Created Within 30 Days ==========

File not found – C:\Documents and Settings\klony\Moje dokumenty\klony.

[2009-12-21 17:49:14 | 00,000,000 | —D | C] – C:_OTL

[2009-12-20 15:24:56 | 00,513,536 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\klony\Pulpit\OTL.exe

[2009-12-20 11:40:27 | 00,000,000 | —D | C] – C:\Program Files\Mozilla Firefox

[2009-12-20 10:14:45 | 00,000,000 | RH-D | C] – C:\Documents and Settings\klony\Recent

[2009-12-16 16:18:23 | 00,000,000 | —D | C] – C:\Documents and Settings\klony\Pulpit\czysta krew

[2009-01-29 18:34:35 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google

[2009-01-23 16:14:20 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2008-10-09 19:30:02 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2008-10-09 19:28:05 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2008-10-09 19:28:05 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

========== Files - Modified Within 30 Days ==========

File not found – C:\Documents and Settings\klony\Moje dokumenty\klony.

[2009-12-21 17:51:04 | 00,016,608 | ---- | M] (Windows ® 2000 DDK provider) – C:\WINDOWS\gdrv.sys

[2009-12-21 17:50:49 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT

[2009-12-21 17:50:45 | 00,069,112 | ---- | M] () – C:\WINDOWS\System32\ativvaxx.cap

[2009-12-21 17:50:45 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2009-12-21 17:49:39 | 06,029,312 | -H-- | M] () – C:\Documents and Settings\klony\NTUSER.DAT

[2009-12-21 17:49:39 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\klony\ntuser.ini

[2009-12-20 15:56:13 | 00,000,116 | ---- | M] () – C:\WINDOWS\NeroDigital.ini

[2009-12-20 15:24:56 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\klony\Pulpit\OTL.exe

[2009-12-20 12:07:05 | 00,019,696 | ---- | M] () – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2009-12-20 12:06:54 | 00,125,320 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT

[2009-12-20 11:40:29 | 00,001,602 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk

[2009-12-20 10:09:02 | 00,490,628 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat

[2009-12-20 10:09:02 | 00,083,880 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat

[2009-12-20 10:09:01 | 01,087,700 | ---- | M] () – C:\WINDOWS\System32\PerfStringBackup.INI

[2009-12-20 10:09:01 | 00,432,492 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat

[2009-12-20 10:09:01 | 00,067,448 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat

[2009-12-20 00:07:09 | 00,000,619 | ---- | M] () – C:\Documents and Settings\klony\Pulpit\CCleaner.lnk

[2009-12-19 12:15:18 | 00,212,480 | ---- | M] () – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-12-08 16:34:13 | 00,002,422 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl

[2009-12-02 16:23:54 | 00,002,645 | ---- | M] () – C:\WINDOWS\System32\CONFIG.NT

[2009-11-29 13:53:14 | 00,110,592 | ---- | M] () – C:\Documents and Settings\klony\Pulpit\urlop.doc

[2009-11-25 00:54:29 | 01,280,480 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\aswBoot.exe

[2009-11-25 00:51:09 | 00,093,424 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswmon.sys

[2009-11-25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswmon2.sys

[2009-11-25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswSP.sys

[2009-11-25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2009-11-25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswTdi.sys

[2009-11-25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswRdr.sys

[2009-11-25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aavmker4.sys

[2009-11-25 00:47:28 | 00,097,480 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\AvastSS.scr

[2009-11-21 19:22:03 | 00,028,013 | ---- | M] () – C:\Documents and Settings\klony\Dane aplikacji\OFMissionEditorConfig.xml

========== Files Created - No Company Name ==========

[2009-12-20 11:40:29 | 00,001,602 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk

[2009-12-20 00:07:09 | 00,000,619 | ---- | C] () – C:\Documents and Settings\klony\Pulpit\CCleaner.lnk

[2009-11-29 13:53:13 | 00,110,592 | ---- | C] () – C:\Documents and Settings\klony\Pulpit\urlop.doc

[2009-11-11 13:21:31 | 00,028,013 | ---- | C] () – C:\Documents and Settings\klony\Dane aplikacji\OFMissionEditorConfig.xml

[2009-09-19 12:38:49 | 00,021,840 | ---- | C] () – C:\WINDOWS\System32\SIntfNT.dll

[2009-09-19 12:38:49 | 00,017,212 | ---- | C] () – C:\WINDOWS\System32\SIntf32.dll

[2009-09-19 12:38:49 | 00,012,067 | ---- | C] () – C:\WINDOWS\System32\SIntf16.dll

[2009-05-29 09:54:17 | 00,043,520 | ---- | C] () – C:\WINDOWS\System32\CmdLineExt03.dll

[2009-04-06 13:09:56 | 00,000,034 | ---- | C] () – C:\WINDOWS\WAR2R.INI

[2009-03-16 17:39:02 | 00,000,034 | ---- | C] () – C:\WINDOWS\cdplayer.ini

[2009-03-08 14:11:03 | 00,140,216 | ---- | C] () – C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-03-08 12:06:40 | 00,354,816 | ---- | C] () – C:\WINDOWS\System32\psisdecd.dll

[2009-01-23 16:11:30 | 00,000,010 | ---- | C] () – C:\WINDOWS\WININIT.INI

[2009-01-15 12:21:33 | 03,596,288 | ---- | C] () – C:\WINDOWS\System32\qt-dx331.dll

[2009-01-15 12:21:33 | 00,755,027 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll

[2009-01-15 12:21:33 | 00,159,839 | ---- | C] () – C:\WINDOWS\System32\xvidvfw.dll

[2009-01-15 12:21:32 | 00,007,680 | ---- | C] () – C:\WINDOWS\System32\ff_vfw.dll

[2009-01-15 12:21:32 | 00,000,547 | ---- | C] () – C:\WINDOWS\System32\ff_vfw.dll.manifest

[2009-01-10 22:33:08 | 00,164,352 | ---- | C] () – C:\WINDOWS\System32\unrar.dll

[2009-01-10 22:33:08 | 00,000,038 | ---- | C] () – C:\WINDOWS\avisplitter.ini

[2009-01-05 11:01:57 | 00,003,140 | -HS- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys

[2009-01-05 11:01:57 | 00,000,088 | RHS- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\376E789B25.sys

[2008-12-03 21:39:54 | 00,000,427 | ---- | C] () – C:\WINDOWS\ODBC.INI

[2008-10-20 17:51:30 | 00,921,600 | ---- | C] () – C:\WINDOWS\System32\vorbisenc.dll

[2008-10-20 17:51:30 | 00,237,568 | ---- | C] () – C:\WINDOWS\System32\OggDS.dll

[2008-10-20 17:51:30 | 00,188,416 | ---- | C] () – C:\WINDOWS\System32\vorbis.dll

[2008-10-20 17:51:30 | 00,045,056 | ---- | C] () – C:\WINDOWS\System32\Ogg.dll

[2008-10-13 13:54:47 | 00,000,116 | ---- | C] () – C:\WINDOWS\NeroDigital.ini

[2008-10-13 13:53:53 | 00,212,480 | ---- | C] () – C:\Documents and Settings\klony\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-10-10 17:33:34 | 00,717,296 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelKorean.dll

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelGerman.dll

[2008-04-28 11:11:16 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\AgCPanelFrench.dll

< End of report >

deFco247 · 21 Grudzień 2009 16:59

Nie wklejaj logów na forum, tylko tak jak te w pierwszym poście.

W białe dolne okno Custom Scans/Fixes w OTL wklej:

Run Fix. Restart, jeśli będzie potrzebny.

Leon1 · 21 Grudzień 2009 17:05

OTL w oknie Custom Scans-Fixes wklej następujący skrypt:

:Processes explorer.exe :OTL O2 - BHO: (no name) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - No CLSID value found. O2 - BHO: (no name) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - No CLSID value found. O2 - BHO: (no name) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - No CLSID value found. O2 - BHO: (no name) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - No CLSID value found. O2 - BHO: (no name) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - No CLSID value found. O4 - HKLM…\Run: [internet Today Task] C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe File not found O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ … mv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl … rashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Reg Error: Key error.) :Commands [emptytemp] [start explorer] [Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

Pobierz CCleaner http://www.filehippo.com/download_ccleaner/

przeskanuj nim i wyczyść rejestr.

zrób optymalizacje uruchamiania

http://cybertrash.netarteria.pl/cyber/i … 378.0.html

W OTL kilknij CleanUp

Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html gdy będą wirusy pokaż raport

lub

Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html

klony71 · 21 Grudzień 2009 17:06

==================================

Running Processes

[PID][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

[PID][??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

[PID][??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

[C] [ATI Technologies Inc., 6.14.10.4177]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

[PID][C] [ATI Technologies Inc., 6.14.10.4213]

[C] [ATI Technologies, Inc., 6, 14, 10, 2513]

[C] [ATI Technologies, Inc., 6, 14, 10, 2543]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

[PID][C] [ATI Technologies Inc., 6.14.10.4213]

[C] [ATI Technologies, Inc., 6, 14, 10, 2513]

[C] [ATI Technologies, Inc., 6, 14, 10, 2543]

[C] [ATI Technologies Inc., 6.14.10.4177]

[PID][D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[C] [Microsoft Corporation, 7.10.3077.0]

[C] [Microsoft Corporation, 7.10.3052.4]

[D] [ALWIL Software, 4, 8, 1367, 0]

[PID][D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[C] [Microsoft Corporation, 7.10.3077.0]

[C] [Microsoft Corporation, 7.10.3052.4]

[D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1356, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]

[PID][C] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[C] [MarkAny Cooperation., 1, 4, 0, 1]

[C] [MarkAny Co., Ltd., 1, 4, 0, 2]

[D] [N/A,]

[D] [ALWIL Software, 4, 8, 1367, 0]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

[PID][C] [N/A,]

[C] [N/A,]

[PID][C] [interVideo, 1, 0, 4, 0]

[PID][C] [sun Microsystems, Inc., 6.0.170.4]

[C] [Microsoft Corporation, 7.10.3052.4]

[C] [Microsoft Corporation, 1.1.4322.573]

[PID][C] [N/A,]

[PID][C] [Protexis Inc., 2.0.1.124]

[PID][D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[C] [Microsoft Corporation, 7.10.3077.0]

[C] [Microsoft Corporation, 7.10.3052.4]

[D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1356, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1356, 0]

[C] [Microsoft Corporation, 7.10.3077.0]

[D] [ALWIL Software, 4, 8, 1356, 0]

[PID][D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[C] [Microsoft Corporation, 7.10.3077.0]

[C] [Microsoft Corporation, 7.10.3052.4]

[D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1356, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]

[PID][C] [Realtek Semiconductor Corp., 2.2.1.0]

[C] [MarkAny Co., Ltd., 1, 4, 0, 2]

[PID][D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[C] [Microsoft Corporation, 7.10.3077.0]

[C] [Microsoft Corporation, 7.10.3052.4]

[D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1356, 0]

[C] [Microsoft Corporation, 7.10.3077.0]

[d] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1367, 0]

[D] [ALWIL Software, 4, 8, 1317, 0]

[D]

[Codejock Software, 1, 9, 4, 0]

Agaton · 21 Grudzień 2009 17:20

klony71 ,

Wklejanie logów na forum - przeczytaj i zastosuj się do zaleceń

klony71 · 22 Grudzień 2009 12:47

Problem jak narazie zniknął. Dziękuję za pomoc i przepraszam za bałagan w poście:P pozdrawiam