tasker.exe, tasked.exe - wirus?

xQQ · 8 Października 2011

Procesy tasked.exe i czasem jak się pojawi tasker.exe zżerają 100% CPU. Jak wyłączę to się znów włącza.

To jest wirus? Jak się go pozbyć?

I co to jest to install-0.exe?

EDIT:

Jeszcze co jakiś czas samoczynnie otwierają się na nowej karcie strony typu:

http://click.klimpfjall.com/r2.php?h=8013a4860ef58a973d8107e70874c2ed&e=&s=&ai=&dip=&r=&oref=&c=&fm=&e2c=0&mca=0&rr=

xQQ · 8 Października 2011

OTL: http://wklej.to/XITm3

Extras: http://wklej.to/MVoTv

filutka78 · 10 Października 2011

Łoł! Gdzie nazbierałeś tyle Robali?

Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

:OTL
[2011-10-07 19:52:12 | 000,448,171 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\8E.exe
[2011-10-06 19:22:06 | 000,452,428 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\1.exe
[2011-10-05 21:46:29 | 000,452,428 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\7C.exe
[2011-10-05 21:24:48 | 000,452,428 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\6C.exe
[2011-10-05 21:19:08 | 000,452,428 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\67.exe
[2011-10-05 20:10:19 | 000,452,428 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\2F.exe
[2011-10-05 19:17:01 | 000,448,171 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\2.exe
[2011-10-01 11:07:45 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\lbwh21670br.exe
[2011-10-01 08:55:28 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\g9c1duupggb.exe
[2011-10-01 08:55:28 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\io70plgg7.exe
[2011-10-01 08:55:28 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\c6tu70vr.exe
[2011-10-01 08:55:24 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\h0iouzk6.exe
[2011-09-30 15:50:03 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\lrw5n0tp.exe
[2011-09-30 15:50:03 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\k6lw5n0tpk.exe
[2011-09-30 15:49:47 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\q70rniy6k.exe
[2011-09-30 15:49:47 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\a3r0xtezzaa.exe
[2011-09-29 14:56:02 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\dy1uqqlccx.exe
[2011-09-29 14:56:01 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\s1okkfwwri.exe
[2011-09-29 14:55:58 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\youaaq9m.exe
[2011-09-29 14:55:58 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\9ozfgg6.exe
[2011-09-28 21:41:19 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\zppglhxs.exe
[2011-09-28 21:41:18 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\2pkkqhx.exe
[2011-09-28 21:41:16 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ijffbmciy7.exe
[2011-09-27 19:38:25 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\zqq0rcnydo.exe
[2011-09-27 14:46:23 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\tjjfvvg3.exe
[2011-09-27 14:46:22 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\kggb3yytkk.exe
[2011-09-26 22:57:12 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\0lhcc6o.exe
[2011-09-26 22:57:10 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\3ye70fb.exe
[2011-09-26 09:27:30 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\a70bxss6e.exe
[2011-09-26 09:27:29 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\70vrmm6.exe
[2011-09-26 09:27:29 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\5a70bxs.exe
[2011-09-25 19:58:33 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\0hdojju.exe
[2011-09-25 19:58:32 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\z26gg6sn.exe
[2011-09-25 19:58:32 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\pggbss5t0.exe
[2011-09-25 19:58:32 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\p0vrmm6oj.exe
[2011-09-25 18:01:09 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\bb0nsyju.exe
[2011-09-25 18:01:00 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\6c4tj2v.exe
[2011-09-25 10:12:35 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\y1uqqlcc.exe
[2011-09-25 10:12:35 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\fvvrhhdt.exe
[2011-09-25 10:12:33 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\a6mmc9y1.exe
[2011-09-25 10:12:32 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\jfa6mmc9.exe
[2011-09-24 20:49:16 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\1wm1iee.exe
[2011-09-24 17:20:53 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\6ww6ii6.exe
[2011-09-24 10:22:20 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\3ccxooj.exe
[2011-09-24 10:22:18 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ddee6qq6.exe
[2011-09-23 17:51:34 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\llhxxtjjfvv.exe
[2011-09-23 17:51:34 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\lhxxtjjf.exe
[2011-09-23 17:51:31 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\gxiiee9v0b.exe
[2011-09-23 17:51:31 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ghxyte9v.exe
[2011-09-23 17:38:22 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\xyooekk3.exe
[2011-09-23 17:38:22 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\cidezv3w.exe
[2011-09-23 17:38:19 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\8ccyupf.exe
[2011-09-23 17:38:19 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\28iyupf.exe
[2011-09-23 16:57:05 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\yefvvrrxd8.exe
[2011-09-23 16:57:00 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\rsndeklb.exe
[2011-09-23 16:17:12 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\o1k9g1cy.exe
[2011-09-23 16:17:07 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\g6ss6ee6.exe
[2011-09-22 21:38:34 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\wccxoojaav.exe
[2011-09-22 21:38:33 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\1soojaa.exe
[2011-09-22 21:38:28 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\yyuufb0s.exe
[2011-09-22 21:38:28 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\i9ezfb0si.exe
[2011-09-21 14:29:26 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\yzuk16bx.exe
[2011-09-21 14:29:26 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\yt5jfalb.exe
[2011-09-21 14:29:25 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\5d81uk1.exe
[2011-09-20 20:18:35 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\no70plgg6s.exe
[2011-09-20 20:18:35 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\i1eaavmmhy.exe
[2011-09-20 20:18:33 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\eu0w3m3ooja.exe
[2011-09-20 20:18:32 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\k6ww6ii6.exe
[2011-09-19 19:19:58 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\xnjo8avm.exe
[2011-09-19 19:19:56 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ytzal5h8do.exe
[2011-09-18 20:49:42 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\sLT.exf
[2011-09-18 20:39:01 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\q1mns81e.exe
[2011-09-18 20:39:01 | 000,042,496 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\81mn6zp.exe
[2011-09-18 20:38:58 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\snokqlhi17.exe
[2011-09-18 20:38:58 | 000,050,176 | RHS- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\iypvb9syj6.exe
[2011-09-18 20:38:37 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\EfgJhIr6K1fh
O4 - HKU\S-1-5-21-1220945662-1035525444-725345543-500..\Run: [Ztvqvp] C:\Documents and Settings\Administrator\Dane aplikacji\Ztvqvp.exe (Thorsten Blauhut http://www.desksave.de)
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\0hdojju.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\0lhcc6o.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\1soojaa.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\1wm1iee.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\28iyupf.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\2pkkqhx.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\3ccxooj.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\3ye70fb.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\5a70bxs.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\5d81uk1.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\6c4tj2v.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\6ww6ii6.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\70vrmm6.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\81mn6zp.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\8ccyupf.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\9ozfgg6.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\a3r0xtezzaa.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\a6mmc9y1.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\a70bxss6e.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\bb0nsyju.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\c6tu70vr.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\cidezv3w.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ddee6qq6.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\dy1uqqlccx.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\eu0w3m3ooja.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\fvvrhhdt.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\g6ss6ee6.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\g9c1duupggb.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ghxyte9v.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\gxiiee9v0b.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\h0iouzk6.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\i1eaavmmhy.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\i9ezfb0si.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ijffbmciy7.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\io70plgg7.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\iypvb9syj6.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\jfa6mmc9.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\k6lw5n0tpk.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\k6ww6ii6.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\kggb3yytkk.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\lbwh21670br.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\lhxxtjjf.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\llhxxtjjfvv.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\lrw5n0tp.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\no70plgg6s.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\o1k9g1cy.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\p0vrmm6oj.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\pggbss5t0.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\q1mns81e.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\q70rniy6k.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\rsndeklb.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\s1okkfwwri.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\snokqlhi17.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\tjjfvvg3.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\wccxoojaav.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\xnjo8avm.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\xyooekk3.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\y1uqqlcc.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\yefvvrrxd8.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\youaaq9m.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\yt5jfalb.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ytzal5h8do.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\yyuufb0s.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\yzuk16bx.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\z26gg6sn.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\zppglhxs.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\zqq0rcnydo.exe ()
IE - HKU\S-1-5-21-1220945662-1035525444-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57152
FF - prefs.js..network.proxy.http_port: 57152

:Commands
[emptyflash]
[emptytemp]
[Reboot]

Kliknij w Wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.

Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.

Pokaż nowy log OTL.txt oraz raport z usuwania.

F.

xQQ · 12 Października 2011

Nie mam żadnej ochrony, nawet zapory windows od pół roku bo mam słabego kompa na antywirusy itp. Ale czas zainwestować z tego co widzę.

Skrypt:

http://wklej.to/siFFW

Zaraz dodam logi.

edit:

logi:

Tym razem EXTRAS nie wyrzuciło, nie wiem czemu.

OTL logfile created on: 2011-10-12 14:54:34 - Run 2

OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\Pulpit

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,50 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 85,72% Memory free

5,36 Gb Paging File | 5,19 Gb Available in Paging File | 96,78% Paging File free

Paging file location(s): G:\pagefile.sys 4000 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 8,79 Gb Total Space | 1,83 Gb Free Space | 20,83% Space Free | Partition Type: NTFS

Drive E: | 8,25 Gb Total Space | 0,11 Gb Free Space | 1,31% Space Free | Partition Type: NTFS

Drive G: | 57,48 Gb Total Space | 21,57 Gb Free Space | 37,52% Space Free | Partition Type: NTFS

Computer Name: A-9A28CE673C424 | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-10-08 11:19:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

PRC - [2011-08-02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2007-11-26 09:22:48 | 000,385,024 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe

PRC - [2007-07-13 22:42:04 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005-08-09 14:26:48 | 000,100,352 | ---- | M] (Vetch Utilities) -- G:\SysInfoMyWork\SysInfoMyWork.exe

PRC - [2005-02-15 16:10:16 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

========== Modules (No Company Name) ==========

MOD - [2011-06-06 12:55:36 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL

MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll

MOD - [2007-09-20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wuauserv)

SRV - File not found [Auto | Stopped] -- -- (wscsvc)

SRV - File not found [Auto | Stopped] -- -- (seclogon)

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [Auto | Stopped] -- -- (ERSvc)

SRV - File not found [On_Demand | Stopped] -- -- (CiSvc)

SRV - [2011-03-15 15:18:00 | 001,570,056 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- G:\perfect\zainstalwoa\PDAgent.exe -- (PDAgent)

SRV - [2011-03-15 15:17:46 | 001,475,848 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- G:\perfect\zainstalwoa\PDEngine.exe -- (PDEngine)

SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2007-11-26 09:22:48 | 000,385,024 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

========== Driver Services (SafeList) ==========

DRV - [2011-08-25 19:49:25 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2011-08-06 20:19:26 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2011-06-15 10:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)

DRV - [2010-08-11 09:10:06 | 000,135,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)

DRV - [2009-08-22 20:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32)

DRV - [2007-08-20 13:35:12 | 001,656,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt)

DRV - [2007-07-28 01:15:52 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)

DRV - [2007-06-13 10:08:46 | 001,174,528 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi)

DRV - [2006-11-08 21:19:18 | 000,004,544 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusbf.sys -- (hidusbf)

DRV - [2006-08-07 19:30:52 | 000,162,176 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)

DRV - [2005-12-08 12:54:52 | 000,114,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2005-12-08 12:54:44 | 000,142,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2005-07-07 10:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)

DRV - [2002-01-12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-1220945662-1035525444-725345543-500\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-21-1220945662-1035525444-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1220945662-1035525444-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.pl"

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-10-02 22:11:16 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010-09-15 15:28:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions

[2011-10-11 19:57:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nq4s8lnj.default\extensions

[2011-09-14 17:40:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nq4s8lnj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011-10-11 19:57:34 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nq4s8lnj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2011-08-18 22:46:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011-08-18 22:46:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\NQ4S8LNJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2011-08-18 22:46:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011-10-02 22:11:15 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011-10-02 22:11:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2011-10-02 22:11:09 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2011-10-02 22:11:09 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2011-10-02 22:11:09 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2011-10-02 22:11:09 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2011-10-02 22:11:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

Hosts file not found

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe ()

O4 - HKLM..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKU\S-1-5-21-1220945662-1035525444-725345543-500..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKLM..\RunOnce: [WDM_SFSYNTH0] C:\WINDOWS\System32\streamci.dll (Microsoft Corporation)

O4 - HKLM..\RunOnce: [WDM_SFSYNTH1] C:\WINDOWS\System32\streamci.dll (Microsoft Corporation)

O4 - HKLM..\RunOnce: [WDM_SFSYNTH2] C:\WINDOWS\System32\streamci.dll (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\SysInfoMyWork.lnk = G:\SysInfoMyWork\SysInfoMyWork.exe (Vetch Utilities)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideRunAsVerb = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.49 212.76.34.50

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F314F389-BFD9-4CD7-A2C9-ACB255F28091}: DhcpNameServer = 212.76.34.49 212.76.34.50

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-09-15 15:19:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk /r \??\I:)

O34 - HKLM BootExecute: (PDBoot.exe)

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-10-12 14:49:32 | 000,000,000 | ---D | C] -- C:\_OTL

[2011-10-11 21:36:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent

[2011-10-09 20:34:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rovio

[2011-10-08 14:00:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Rovio

[2011-10-08 11:19:40 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

[2011-10-05 19:17:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2011-10-05 18:58:56 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011-10-05 15:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TmForever

[2011-10-05 15:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\TmForever

[2011-10-05 15:44:25 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll

[2011-10-05 15:44:25 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll

[2011-10-05 15:44:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll

[2011-10-05 15:44:22 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll

[2011-10-05 15:44:22 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll

[2011-10-05 15:44:22 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll

[2011-10-05 15:44:21 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll

[2011-10-05 15:44:21 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll

[2011-10-05 15:44:20 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll

[2011-10-05 15:44:20 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll

[2011-10-05 15:44:20 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll

[2011-10-05 15:44:19 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll

[2011-10-05 15:44:16 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll

[2011-10-05 15:44:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TmNationsForever

[2011-09-28 21:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu

[2011-09-26 09:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google

[2011-09-26 09:56:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\NVIDIA Corporation

[2011-09-25 20:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts

[2011-09-25 19:46:30 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe

[2011-09-25 17:17:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Toontrack

[2011-09-24 20:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2011-09-23 18:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe Mini Bridge CS5

[2011-09-23 18:09:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2011-09-23 17:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe

[2011-09-23 17:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player

[2011-09-23 17:43:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe

[2011-09-23 17:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR

[2011-09-18 20:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Nowy folder

[2011-09-18 20:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Studio One

[2011-09-18 20:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PreSonus

[2011-09-18 20:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\PreSonus

[2011-09-18 20:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Propellerhead Software

[2011-09-18 17:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org2

[2011-09-18 17:35:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 2.4

[2011-09-18 17:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 2.4

[2011-09-14 17:40:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\dwhelper

[2011-09-13 18:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Temp

[2011-09-13 18:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe

[2011-01-17 20:15:58 | 000,106,496 | ---- | C] (Windows 7 Lab) -- C:\Documents and Settings\Administrator\Dane aplikacji\install.52127.exe

[2002-04-10 19:41:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll

[7 C:\Documents and Settings\Administrator\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Administrator\Dane aplikacji\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-10-12 14:50:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011-10-12 14:49:36 | 000,417,674 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2011-10-12 14:49:36 | 000,362,506 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011-10-12 14:49:36 | 000,060,024 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2011-10-12 14:49:36 | 000,046,932 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011-10-12 14:28:45 | 000,453,071 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\6.exe

[2011-10-11 17:55:10 | 000,453,071 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\5.exe

[2011-10-10 19:53:35 | 000,448,171 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\4.exe

[2011-10-10 18:33:23 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011-10-09 20:34:14 | 000,001,531 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Angry Birds Rio.lnk

[2011-10-09 11:15:58 | 000,448,171 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\3.exe

[2011-10-08 11:19:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

[2011-10-08 11:17:13 | 000,130,084 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\bez tytułu.jpg

[2011-10-07 21:41:42 | 000,001,076 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm

[2011-10-07 21:41:42 | 000,001,076 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm

[2011-10-07 18:33:11 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe PNG Format CS5 Prefs

[2011-10-06 21:35:11 | 000,084,366 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\bez tytułu.PNG

[2011-10-05 18:59:02 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2011-10-05 15:44:10 | 000,000,532 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TmNationsForever.lnk

[2011-10-02 16:27:09 | 001,438,239 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\playlist.fpl

[2011-10-02 15:12:09 | 001,275,369 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\layout.png

[2011-10-02 12:03:21 | 001,279,299 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\FreeSample_AmazingTextures_079.JPG

[2011-10-01 11:13:06 | 004,237,173 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe

[2011-10-01 11:08:25 | 000,018,329 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\system32

[2011-09-27 19:05:46 | 000,019,336 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\amoll.gpx

[2011-09-25 21:13:21 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\lubie to.PNG

[2011-09-25 20:16:06 | 000,000,287 | ---- | M] () -- C:\WINDOWS\EReg072.dat

[2011-09-25 14:59:14 | 000,823,257 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Nosniki_transmisji.odp

[2011-09-25 14:58:58 | 002,654,384 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Podstawowe zagadnienia dotyczące sieci komputerowych.odp

[2011-09-23 17:50:45 | 003,413,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011-09-18 20:03:47 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Studio One.lnk

[2011-09-17 09:20:31 | 000,529,265 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\epsxe170.zip

[2011-09-16 16:40:56 | 000,000,071 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\moj eq.feq

[7 C:\Documents and Settings\Administrator\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Administrator\Dane aplikacji\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-10-12 14:28:45 | 000,453,071 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\6.exe

[2011-10-11 17:55:10 | 000,453,071 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\5.exe

[2011-10-10 18:34:14 | 000,448,171 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\4.exe

[2011-10-09 20:34:14 | 000,001,531 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Angry Birds Rio.lnk

[2011-10-09 20:23:44 | 000,000,358 | ---- | C] () -- C:\WINDOWS\System32\config.lua

[2011-10-09 11:15:58 | 000,448,171 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\3.exe

[2011-10-08 11:17:13 | 000,130,084 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\bez tytułu.jpg

[2011-10-06 21:35:11 | 000,084,366 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\bez tytułu.PNG

[2011-10-05 18:59:01 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2011-10-05 18:58:56 | 000,262,400 | RHS- | C] () -- C:\cmldr

[2011-10-05 15:44:10 | 000,000,532 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TmNationsForever.lnk

[2011-10-02 15:12:01 | 001,275,369 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\layout.png

[2011-10-02 12:03:21 | 001,279,299 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\FreeSample_AmazingTextures_079.JPG

[2011-09-27 21:32:12 | 000,018,329 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\system32

[2011-09-25 21:13:21 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\lubie to.PNG

[2011-09-25 19:52:11 | 000,000,287 | ---- | C] () -- C:\WINDOWS\EReg072.dat

[2011-09-25 15:32:55 | 000,019,336 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\amoll.gpx

[2011-09-25 14:59:14 | 000,823,257 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Nosniki_transmisji.odp

[2011-09-25 14:58:56 | 002,654,384 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Podstawowe zagadnienia dotyczące sieci komputerowych.odp

[2011-09-24 20:52:20 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe PNG Format CS5 Prefs

[2011-09-23 17:45:44 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Photoshop CS5.lnk

[2011-09-23 17:44:58 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Bridge CS5.lnk

[2011-09-23 17:44:37 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Device Central CS5.lnk

[2011-09-23 17:43:04 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Extension Manager CS5.lnk

[2011-09-23 17:42:57 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe ExtendScript Toolkit CS5.lnk

[2011-09-23 17:42:25 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Help.lnk

[2011-09-18 20:03:47 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Studio One.lnk

[2011-09-18 20:03:47 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Studio One.lnk

[2011-09-17 09:20:30 | 000,529,265 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\epsxe170.zip

[2011-09-10 15:22:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011-09-10 15:22:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011-09-10 15:22:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011-09-10 15:22:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011-09-10 15:22:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011-09-03 15:20:47 | 000,000,303 | ---- | C] () -- C:\WINDOWS\doom3.ini

[2011-08-30 14:33:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc

[2011-08-16 00:12:26 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2011-08-10 00:05:29 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2011-08-10 00:05:29 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2011-08-10 00:05:29 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2011-08-10 00:05:29 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2011-08-10 00:05:29 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2011-08-10 00:05:29 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2011-08-10 00:05:29 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2011-08-10 00:05:29 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe

[2011-08-10 00:04:23 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2011-08-10 00:04:00 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Nvidia Omega Drivers v2.169.21 Uninstall.exe

[2011-08-07 17:42:01 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll

[2011-08-06 20:54:47 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[2011-08-06 20:36:10 | 000,137,216 | ---- | C] () -- C:\WINDOWS\System32\OemSpi.dll

[2011-08-06 20:36:10 | 000,008,219 | ---- | C] () -- C:\WINDOWS\sfsyn.ini

[2011-08-06 20:25:27 | 000,022,764 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini

[2011-08-06 20:25:27 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini

[2011-01-06 09:12:22 | 001,232,128 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\AngryBirds.exe

[2010-09-15 15:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010-09-15 15:25:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010-09-15 15:25:01 | 000,033,576 | ---- | C] () -- C:\WINDOWS\System32\BCGPOleAcc.dll

[2010-09-15 15:17:54 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010-09-15 15:11:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010-09-15 15:10:08 | 003,413,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2007-12-14 13:06:06 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll

[2005-05-03 13:38:42 | 000,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll

[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2003-10-02 12:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll

[2001-10-26 18:15:16 | 000,417,674 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat

[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat

[2001-10-26 18:15:16 | 000,060,024 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat

[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat

[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2001-08-17 23:30:24 | 000,362,506 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2001-08-17 23:30:22 | 000,046,932 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

========== LOP Check ==========

[2011-08-06 20:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\.wtw

[2011-08-27 16:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Atari

[2011-08-19 00:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BESTplayer

[2011-09-24 20:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010-09-15 15:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite

[2011-09-10 12:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ESET

[2011-08-09 23:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\foobar2000

[2011-09-10 16:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gsmartcontrol

[2011-08-09 11:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Guitar Pro 6

[2011-09-04 20:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\iZotope

[2011-08-07 18:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Lexicon PCM Native

[2011-08-07 18:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PACE Anti-Piracy

[2011-09-18 20:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PreSonus

[2011-10-09 22:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Rovio

[2011-09-23 18:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2011-08-07 18:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Steinberg

[2011-08-09 15:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TeamViewer

[2011-10-09 22:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent

[2011-08-25 19:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Big Fish Games

[2010-09-15 15:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2011-08-06 21:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\eboostr

[2011-08-09 20:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FlashFXP

[2011-08-09 11:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guitar Pro 6

[2011-08-25 20:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios

[2011-08-31 20:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound

[2011-08-07 18:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PACE Anti-Piracy

[2011-09-18 20:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PreSonus

[2011-09-24 18:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe

[2011-08-07 18:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Steinberg

[2011-09-09 14:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2011-10-05 17:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TmForever

[2011-08-07 18:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VST3 Presets

[2011-08-07 18:53:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{BE48917A-8173-4C25-A322-B40C9D2FDD69}

========== Purity Check ==========

< End of report >

filutka78 · 12 Października 2011

Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

:OTL
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
[2011-10-12 14:28:45 | 000,453,071 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\6.exe
[2011-10-11 17:55:10 | 000,453,071 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\5.exe
[2011-10-10 18:34:14 | 000,448,171 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\4.exe
[2011-10-09 11:15:58 | 000,448,171 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\3.exe

:Commands
[emptytemp]
[resethosts]
[Reboot]

Kliknij w Wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.

Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.

Pokaż nowy log OTL.txt oraz raport z usuwania.

Skoro nie masz żadnego Antivirusa, to teraz przynajmniej przeskanuj komputer przy pomocy >>>Dr.Webcureit

Link zapasowy (już ze zmienioną nazwą), jeśli oficjalna strona będzie zablokowana przez infekcje >

>http://www.zshare.net/download/9476904816558a75/

Napisz, co wykrył.

Ten skaner jest nieinstalacyjny, więc po skanowaniu można go usunąć tak jak każdy zwykły plik.

EDIT:

Windows XP Professional Edition Dodatek Service Pack 2

1,50 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 85,72% Memory free

Drive C: | 8,79 Gb Total Space | 1,83 Gb Free Space | 20,83% Space Free

Masz dziurawy System. Pamięć RAM masz jeszcze dość dużo wolnej, ale masz mało wolnego miejsca na dysku - po zainstalowaniu Service Pack 3 chyba komputer stałby się "nieużywalny".

>>http://www.dobreprogramy.pl/Windows-XP-PL-Service-Pack,Program,Windows,12243.html

F.

xQQ · 12 Października 2011

To instalować tego service packa 3? Dr. Webem będę skanował dziś w nocy bo to strasznie długo skanuje. Poniżej zamieszczam logi:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Documents and Settings\Administrator\Dane aplikacji\6.exe moved successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\5.exe moved successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\4.exe moved successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\3.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 32493 bytes
->Temporary Internet Files folder emptied: 143580 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 148036622 bytes
->Flash cache emptied: 2864 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: thebkueskeleton

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 174627932 bytes

Total Files Cleaned = 308,00 mb

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.29.1 log created on 10122011_233346

Files\Folders moved on Reboot...
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WCESLog.log moved successfully.

Registry entries deleted on Reboot...

OTL logfile created on: 2011-10-12 23:37:42 - Run 3
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Documents and Settings\Administrator\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,50 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 85,74% Memory free
5,36 Gb Paging File | 5,19 Gb Available in Paging File | 96,80% Paging File free
Paging file location(s): G:\pagefile.sys 4000 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 8,79 Gb Total Space | 1,84 Gb Free Space | 20,89% Space Free | Partition Type: NTFS
Drive E: | 8,25 Gb Total Space | 0,11 Gb Free Space | 1,31% Space Free | Partition Type: NTFS
Drive G: | 57,48 Gb Total Space | 21,56 Gb Free Space | 37,51% Space Free | Partition Type: NTFS

Computer Name: A-9A28CE673C424 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-10-08 11:19:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
PRC - [2011-08-02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2007-11-26 09:22:48 | 000,385,024 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2007-07-13 22:42:04 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-08-09 14:26:48 | 000,100,352 | ---- | M] (Vetch Utilities) -- G:\SysInfoMyWork\SysInfoMyWork.exe
PRC - [2005-02-15 16:10:16 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011-06-06 12:55:36 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] --  -- (wuauserv)
SRV - File not found [Auto | Stopped] --  -- (wscsvc)
SRV - File not found [Auto | Stopped] --  -- (seclogon)
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [Auto | Stopped] --  -- (ERSvc)
SRV - File not found [On_Demand | Stopped] --  -- (CiSvc)
SRV - [2011-03-15 15:18:00 | 001,570,056 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- G:\perfect\zainstalwoa\PDAgent.exe -- (PDAgent)
SRV - [2011-03-15 15:17:46 | 001,475,848 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- G:\perfect\zainstalwoa\PDEngine.exe -- (PDEngine)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2007-11-26 09:22:48 | 000,385,024 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-08-25 19:49:25 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-08-06 20:19:26 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-06-15 10:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010-08-11 09:10:06 | 000,135,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009-08-22 20:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32)
DRV - [2007-08-20 13:35:12 | 001,656,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt)
DRV - [2007-07-28 01:15:52 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2007-06-13 10:08:46 | 001,174,528 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi)
DRV - [2006-11-08 21:19:18 | 000,004,544 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusbf.sys -- (hidusbf)
DRV - [2006-08-07 19:30:52 | 000,162,176 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005-12-08 12:54:52 | 000,114,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005-12-08 12:54:44 | 000,142,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005-07-07 10:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2002-01-12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1220945662-1035525444-725345543-500\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-1220945662-1035525444-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-10-02 22:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010-09-15 15:28:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2011-10-11 19:57:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nq4s8lnj.default\extensions
[2011-09-14 17:40:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nq4s8lnj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011-10-11 19:57:34 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nq4s8lnj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011-08-18 22:46:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-18 22:46:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\NQ4S8LNJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011-08-18 22:46:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-10-02 22:11:15 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-02 22:11:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-10-02 22:11:09 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-10-02 22:11:09 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-10-02 22:11:09 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-10-02 22:11:09 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-10-02 22:11:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-10-12 23:34:08 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe ()
O4 - HKLM..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-1220945662-1035525444-725345543-500..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKLM..\RunOnce: [WDM_SFSYNTH0] C:\WINDOWS\System32\streamci.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [WDM_SFSYNTH1] C:\WINDOWS\System32\streamci.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [WDM_SFSYNTH2] C:\WINDOWS\System32\streamci.dll (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\SysInfoMyWork.lnk = G:\SysInfoMyWork\SysInfoMyWork.exe (Vetch Utilities)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideRunAsVerb = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1220945662-1035525444-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.49 212.76.34.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F314F389-BFD9-4CD7-A2C9-ACB255F28091}: DhcpNameServer = 212.76.34.49 212.76.34.50
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-09-15 15:19:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\I:)
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-10-12 14:49:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-10-11 21:36:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011-10-09 20:34:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rovio
[2011-10-08 14:00:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Rovio
[2011-10-08 11:19:40 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2011-10-05 19:17:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-10-05 18:58:56 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011-10-05 15:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TmForever
[2011-10-05 15:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\TmForever
[2011-10-05 15:44:25 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2011-10-05 15:44:25 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2011-10-05 15:44:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2011-10-05 15:44:22 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2011-10-05 15:44:22 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2011-10-05 15:44:22 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2011-10-05 15:44:21 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2011-10-05 15:44:21 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2011-10-05 15:44:20 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2011-10-05 15:44:20 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2011-10-05 15:44:20 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2011-10-05 15:44:19 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2011-10-05 15:44:16 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2011-10-05 15:44:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TmNationsForever
[2011-09-28 21:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2011-09-26 09:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2011-09-26 09:56:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\NVIDIA Corporation
[2011-09-25 20:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts
[2011-09-25 19:46:30 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2011-09-25 17:17:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Toontrack
[2011-09-24 20:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011-09-23 18:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe Mini Bridge CS5
[2011-09-23 18:09:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-09-23 17:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe
[2011-09-23 17:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2011-09-23 17:43:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe
[2011-09-23 17:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011-09-18 20:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Nowy folder
[2011-09-18 20:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Studio One
[2011-09-18 20:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PreSonus
[2011-09-18 20:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\PreSonus
[2011-09-18 20:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Propellerhead Software
[2011-09-18 17:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org2
[2011-09-18 17:35:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 2.4
[2011-09-18 17:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 2.4
[2011-09-14 17:40:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\dwhelper
[2011-09-13 18:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Temp
[2011-09-13 18:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
[2011-01-17 20:15:58 | 000,106,496 | ---- | C] (Windows 7 Lab) -- C:\Documents and Settings\Administrator\Dane aplikacji\install.52127.exe
[2002-04-10 19:41:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[7 C:\Documents and Settings\Administrator\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Administrator\Dane aplikacji\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-10-12 23:34:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-10-12 23:34:08 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011-10-12 23:34:02 | 000,417,674 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-10-12 23:34:02 | 000,362,506 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-10-12 23:34:02 | 000,060,024 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-10-12 23:34:02 | 000,046,932 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-10-12 22:07:50 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe PNG Format CS5 Prefs
[2011-10-10 18:33:23 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-10-09 20:34:14 | 000,001,531 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Angry Birds Rio.lnk
[2011-10-08 11:19:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2011-10-08 11:17:13 | 000,130,084 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\bez tytułu.jpg
[2011-10-07 21:41:42 | 000,001,076 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011-10-07 21:41:42 | 000,001,076 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011-10-06 21:35:11 | 000,084,366 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\bez tytułu.PNG
[2011-10-05 18:59:02 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011-10-05 15:44:10 | 000,000,532 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TmNationsForever.lnk
[2011-10-02 16:27:09 | 001,438,239 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\playlist.fpl
[2011-10-02 15:12:09 | 001,275,369 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\layout.png
[2011-10-02 12:03:21 | 001,279,299 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\FreeSample_AmazingTextures_079.JPG
[2011-10-01 11:13:06 | 004,237,173 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe
[2011-10-01 11:08:25 | 000,018,329 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\system32
[2011-09-27 19:05:46 | 000,019,336 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\amoll.gpx
[2011-09-25 21:13:21 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\lubie to.PNG
[2011-09-25 20:16:06 | 000,000,287 | ---- | M] () -- C:\WINDOWS\EReg072.dat
[2011-09-25 14:59:14 | 000,823,257 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Nosniki_transmisji.odp
[2011-09-25 14:58:58 | 002,654,384 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Podstawowe zagadnienia dotyczące sieci komputerowych.odp
[2011-09-23 17:50:45 | 003,413,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-09-18 20:03:47 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Studio One.lnk
[2011-09-17 09:20:31 | 000,529,265 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\epsxe170.zip
[2011-09-16 16:40:56 | 000,000,071 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\moj eq.feq
[7 C:\Documents and Settings\Administrator\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Administrator\Dane aplikacji\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-10-09 20:34:14 | 000,001,531 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Angry Birds Rio.lnk
[2011-10-09 20:23:44 | 000,000,358 | ---- | C] () -- C:\WINDOWS\System32\config.lua
[2011-10-08 11:17:13 | 000,130,084 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\bez tytułu.jpg
[2011-10-06 21:35:11 | 000,084,366 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\bez tytułu.PNG
[2011-10-05 18:59:01 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011-10-05 18:58:56 | 000,262,400 | RHS- | C] () -- C:\cmldr
[2011-10-05 15:44:10 | 000,000,532 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TmNationsForever.lnk
[2011-10-02 15:12:01 | 001,275,369 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\layout.png
[2011-10-02 12:03:21 | 001,279,299 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\FreeSample_AmazingTextures_079.JPG
[2011-09-27 21:32:12 | 000,018,329 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\system32
[2011-09-25 21:13:21 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\lubie to.PNG
[2011-09-25 19:52:11 | 000,000,287 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2011-09-25 15:32:55 | 000,019,336 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\amoll.gpx
[2011-09-25 14:59:14 | 000,823,257 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Nosniki_transmisji.odp
[2011-09-25 14:58:56 | 002,654,384 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Podstawowe zagadnienia dotyczące sieci komputerowych.odp
[2011-09-24 20:52:20 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe PNG Format CS5 Prefs
[2011-09-23 17:45:44 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Photoshop CS5.lnk
[2011-09-23 17:44:58 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Bridge CS5.lnk
[2011-09-23 17:44:37 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Device Central CS5.lnk
[2011-09-23 17:43:04 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Extension Manager CS5.lnk
[2011-09-23 17:42:57 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe ExtendScript Toolkit CS5.lnk
[2011-09-23 17:42:25 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Help.lnk
[2011-09-18 20:03:47 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Studio One.lnk
[2011-09-18 20:03:47 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Studio One.lnk
[2011-09-17 09:20:30 | 000,529,265 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\epsxe170.zip
[2011-09-10 15:22:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011-09-10 15:22:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011-09-10 15:22:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-09-10 15:22:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-09-10 15:22:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-09-03 15:20:47 | 000,000,303 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2011-08-30 14:33:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc
[2011-08-16 00:12:26 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-08-10 00:05:29 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011-08-10 00:05:29 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011-08-10 00:05:29 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011-08-10 00:05:29 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011-08-10 00:05:29 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011-08-10 00:05:29 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011-08-10 00:05:29 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011-08-10 00:05:29 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2011-08-10 00:04:23 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2011-08-10 00:04:00 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Nvidia Omega Drivers v2.169.21 Uninstall.exe
[2011-08-07 17:42:01 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2011-08-06 20:54:47 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2011-08-06 20:36:10 | 000,137,216 | ---- | C] () -- C:\WINDOWS\System32\OemSpi.dll
[2011-08-06 20:36:10 | 000,008,219 | ---- | C] () -- C:\WINDOWS\sfsyn.ini
[2011-08-06 20:25:27 | 000,022,764 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2011-08-06 20:25:27 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2011-01-06 09:12:22 | 001,232,128 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\AngryBirds.exe
[2010-09-15 15:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-09-15 15:25:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-09-15 15:25:01 | 000,033,576 | ---- | C] () -- C:\WINDOWS\System32\BCGPOleAcc.dll
[2010-09-15 15:17:54 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-09-15 15:11:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-09-15 15:10:08 | 003,413,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007-12-14 13:06:06 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2005-05-03 13:38:42 | 000,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003-10-02 12:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2001-10-26 18:15:16 | 000,417,674 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,060,024 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:30:24 | 000,362,506 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,046,932 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-08-06 20:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\.wtw
[2011-08-27 16:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Atari
[2011-08-19 00:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BESTplayer
[2011-09-24 20:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-09-15 15:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2011-09-10 12:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ESET
[2011-08-09 23:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\foobar2000
[2011-09-10 16:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gsmartcontrol
[2011-08-09 11:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Guitar Pro 6
[2011-09-04 20:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\iZotope
[2011-08-07 18:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Lexicon PCM Native
[2011-08-07 18:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PACE Anti-Piracy
[2011-09-18 20:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PreSonus
[2011-10-09 22:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Rovio
[2011-09-23 18:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-08-07 18:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Steinberg
[2011-08-09 15:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TeamViewer
[2011-10-09 22:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2011-08-25 19:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Big Fish Games
[2010-09-15 15:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-08-06 21:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\eboostr
[2011-08-09 20:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FlashFXP
[2011-08-09 11:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guitar Pro 6
[2011-08-25 20:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios
[2011-08-31 20:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound
[2011-08-07 18:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PACE Anti-Piracy
[2011-09-18 20:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PreSonus
[2011-09-24 18:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe
[2011-08-07 18:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Steinberg
[2011-09-09 14:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-10-05 17:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TmForever
[2011-08-07 18:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VST3 Presets
[2011-08-07 18:53:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{BE48917A-8173-4C25-A322-B40C9D2FDD69}

[color=#E56717]========== Purity Check ==========[/color]



< End of report >

filutka78 · 12 Października 2011

Usuwanie wykonane prawidłowo, i w nowym logu nie widzę już nic podejrzanego.

Oczywiście skan Dr.Webcureit jest dalej aktualny.

To instalować tego service packa 3?

Moim skromnym zdaniem: tak, powinieneś zainstalować ServicePack 3.

Choć z wyglądu logów domyślam się, że System masz "przerabiany", więc nie wiem, czy Service Pack da się zainstalować na tak mocno "przerobiony" System.

F.

xQQ · 13 Października 2011

Tak, jest mocno okrojony, ale kiedyś instalowałem na nim SP3. Odinstalowałem, bo zauważyłem że wydajność spadła.

Logi z Dr. Weba:

1.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.13;Usunięty.;
2.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.42;Usunięty.;
3.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.13;Usunięty.;
4.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.42;Usunięty.;
5.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.13;Usunięty.;
A6.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.42;Usunięty.;
A7.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.42;Usunięty.;
install.52127.exe;C:\Documents and Settings\Administrator\Dane aplikacji;Trojan.DownLoader1.55197;Niewyleczalny.Przeniesiony.;
OTL.exe;C:\Documents and Settings\Administrator\Pulpit;Trojan.Siggen3.9317;Niewyleczalny.Przeniesiony.;
setup.exe;C:\WINDOWS\Temp\tnfhxp;Trojan.MulDrop2.62901;Usunięty.;
2.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Dane aplikacji;Tool.BtcMine.8;Usunięty.;
8E.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Dane aplikacji;Tool.BtcMine.8;Usunięty.;
Ztvqvp.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.13;Usunięty.;
0hdojju.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
0lhcc6o.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
1soojaa.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
1wm1iee.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
28iyupf.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
2pkkqhx.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
3ccxooj.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
3ye70fb.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
5a70bxs.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
5d81uk1.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
6c4tj2v.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
6ww6ii6.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
70vrmm6.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
81mn6zp.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
8ccyupf.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
9ozfgg6.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
a3r0xtezzaa.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
a6mmc9y1.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
a70bxss6e.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
bb0nsyju.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
c6tu70vr.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
cidezv3w.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
ddee6qq6.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
dy1uqqlccx.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
eu0w3m3ooja.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
fvvrhhdt.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
g6ss6ee6.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
g9c1duupggb.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
ghxyte9v.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
gxiiee9v0b.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
h0iouzk6.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
i1eaavmmhy.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
i9ezfb0si.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
ijffbmciy7.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
io70plgg7.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
iypvb9syj6.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
jfa6mmc9.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
k6lw5n0tpk.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
k6ww6ii6.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
kggb3yytkk.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
lbwh21670br.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
lhxxtjjf.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
llhxxtjjfvv.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
lrw5n0tp.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
no70plgg6s.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
o1k9g1cy.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
p0vrmm6oj.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
pggbss5t0.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
q1mns81e.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
q70rniy6k.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
rsndeklb.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
s1okkfwwri.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
snokqlhi17.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
tjjfvvg3.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
wccxoojaav.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
xnjo8avm.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
xyooekk3.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
y1uqqlcc.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
yefvvrrxd8.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
youaaq9m.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
yt5jfalb.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
ytzal5h8do.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
yyuufb0s.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
yzuk16bx.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
z26gg6sn.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
zppglhxs.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Trojan.Packed.21230;Niewyleczalny.Przeniesiony.;
zqq0rcnydo.exe;C:\_OTL\MovedFiles\10122011_144932\C_Documents and Settings\Administrator\Menu Start\Programy\Autostart;Win32.HLLW.Lime.18;Usunięty.;
3.exe;C:\_OTL\MovedFiles\10122011_233346\C_Documents and Settings\Administrator\Dane aplikacji;Tool.BtcMine.8;Usunięty.;
4.exe;C:\_OTL\MovedFiles\10122011_233346\C_Documents and Settings\Administrator\Dane aplikacji;Tool.BtcMine.8;Usunięty.;
5.exe;C:\_OTL\MovedFiles\10122011_233346\C_Documents and Settings\Administrator\Dane aplikacji;Trojan.BtcMine.12;Niewyleczalny.Przeniesiony.;
6.exe;C:\_OTL\MovedFiles\10122011_233346\C_Documents and Settings\Administrator\Dane aplikacji;Trojan.BtcMine.12;Niewyleczalny.Przeniesiony.;
A0013887.exe;G:\System Volume Information\_restore{9A9030C5-6B32-4B8B-B445-42D26436475A}\RP56;Trojan.Botnetlog.1132;Usunięty.;
A0013983.exe;G:\System Volume Information\_restore{9A9030C5-6B32-4B8B-B445-42D26436475A}\RP57;Trojan.Botnetlog.1132;Usunięty.;

filutka78 · 13 Października 2011

1.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.13;Usunięty.;
2.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.42;Usunięty.;
3.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.13;Usunięty.;
4.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.42;Usunięty.;
5.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.13;Usunięty.;
A6.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.42;Usunięty.;
A7.tmp;C:\Documents and Settings\Administrator\Dane aplikacji;BackDoor.IRC.NgrBot.42;Usunięty.;
install.52127.exe;C:\Documents and Settings\Administrator\Dane aplikacji;Trojan.DownLoader1.55197;Niewyleczalny.Przeniesiony.;
setup.exe;C:\WINDOWS\Temp\tnfhxp;Trojan.MulDrop2.62901;Usunięty.;

A więc jednak coś zostało wykryte, więc warto było użyć tego Dr.Webcureit.

OTL.exe;C:\Documents and Settings\Administrator\Pulpit;Trojan.Siggen3.9317;Niewyleczalny.Przeniesiony.;

To wykrycie to pomyłka, bo OTL jest prawidłowy, tylko Antivirusy często go traktują jako "wirusa".

Reszta wykryć to pliki znajdujące się w Kwarantannie OTL, a więc już wcześniej usunięte.

kiedyś instalowałem na nim SP3. Odinstalowałem, bo zauważyłem że wydajność spadła.

Niestety, coś za coś - SP3 to jakby dodatkowy olbrzymi program, więc to musi mieć wpływ na działamie komputer, zwłaszcz niezbyt mocnego.

W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.

Moja rola w tym temacie się skończyła.

Temat założyłeś w dziale "WINDOWS", więc jeśli masz jakieś pytania do tego właśnie działu, to jeszcze raz je tu przypomnij - może tu ktoś z pomagających w tym dziale jeszcze tu zajrzy i Ci pomoże?

F.

xQQ · 14 Października 2011

Moja rola w tym temacie się skończyła.

Dzięki za poświęcony czas

Pytań już nie mam.

Temat został przeniesiony do archiwum

tasker.exe, tasked.exe - wirus?

Rekomendowane odpowiedzi

xQQ 2

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

xQQ 2

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

filutka78 11

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

xQQ 2

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

filutka78 11

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

xQQ 2

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

filutka78 11

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

xQQ 2

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

filutka78 11

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

xQQ 2

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

Ostatnio przeglądający 0 użytkowników

Tematy

Odpowiedzi

Aktywni użytkownicy

Przeglądaj

Aktywność