monitor

izarobert · Listopad 16, 2009

pomocy!!!!!!!!!!!!!!!

jezeli chodzi o kompy to jestem zielona-pomozcie,

otoz mam probelm z monitorem po okolo 10 min po starcie monitor zawiesza mi sie. wygladajak zwylke ta sama tapeta i ikonki tylko zadnej z tych ikon nie moge otworzyc natomiast pasek start dziala bez zarzutu. sprawdzalam juz kilkoma antywirusami czy moze nie mam jakiegos wirusa ale nic nie bylo. nie wiem co robic???????????

xandi · Listopad 16, 2009

Może config sprzętu byś podał, co?

izarobert · Listopad 16, 2009

Może config sprzętu byś podał, co?

jak juz wczesniej pisalam jestem zielona

mam ASUSA F5Rseries cpu: celeron M530 display: 15.4" WXGA HD:80GB memory:512MB

jak cos jeszcze trzeba to napisze

Sevard · Listopad 16, 2009

Czyli to jest notebook tak?

Jakimi antywirusami sprawdzałaś system?

izarobert · Listopad 16, 2009

MOZE TO BYC TROJAN KTOREGO SYSTEM ANTYWIRUSOWY NIE ZNALAZL??

TAK TO NETBOOK

SPRAWDZALAM NODem32, avastem i nortonem

Zostawiłem tylko to, co jest istotne. Nie cytuj poprzedzającego posta. I nie krzycz. - Sevard

Sevard · Listopad 16, 2009

Wklej log z RSIT-a, to się zobaczy co tam w systemie działa.

izarobert · Listopad 16, 2009

dla mnie to naprawde czarna magia

prosze pomoz

napisz mi prosze jak to sie robi bo ja naprawde nie znam sie na kompach

to jest wynik ze skanowania z OTL

OTL logfile created on: 2009-11-16 22:03:37 - Run 1

OTL by OldTimer - Version 3.1.5.0 Folder = C:\Documents and Settings\Iza\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

383,17 Mb Total Physical Memory | 85,51 Mb Available Physical Memory | 22,32% Memory free

1,61 Gb Paging File | 1,19 Gb Available in Paging File | 74,40% Paging File free

Paging file location(s): C:\pagefile.sys 1300 1300 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 44,77 Gb Total Space | 28,16 Gb Free Space | 62,90% Space Free | Partition Type: NTFS

Drive D: | 29,76 Gb Total Space | 5,69 Gb Free Space | 19,12% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: ASUS

Current User Name: Iza

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-11-16 22:03:33 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Iza\Pulpit\OTL.exe

PRC - [2009-08-31 16:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe

PRC - [2009-07-19 20:19:54 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2009-07-19 20:19:54 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe

PRC - [2009-07-19 18:49:18 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2009-07-14 08:15:16 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe

PRC - [2009-06-26 14:56:32 | 25,604,904 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe

PRC - [2009-06-26 14:56:32 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe

PRC - [2009-03-08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe

PRC - [2008-04-14 17:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007-06-28 10:31:38 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe

PRC - [2007-06-20 11:49:10 | 00,451,872 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

PRC - [2007-03-11 21:26:24 | 00,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

PRC - [2007-03-11 20:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

PRC - [2007-02-01 22:55:08 | 00,446,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

PRC - [2006-10-30 03:49:54 | 16,269,312 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe

PRC - [2006-10-26 23:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

PRC - [2006-10-14 01:37:40 | 00,110,592 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe

PRC - [2006-08-10 06:08:04 | 02,379,776 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe

PRC - [2006-06-08 19:33:02 | 00,053,248 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe

PRC - [2006-05-25 04:02:04 | 00,786,521 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

PRC - [2006-05-16 10:42:52 | 01,777,664 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

PRC - [2006-04-07 16:36:46 | 00,290,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

PRC - [2006-01-27 17:17:50 | 00,221,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe

PRC - [2006-01-23 20:47:32 | 00,073,728 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

PRC - [2005-10-17 16:09:34 | 00,987,136 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe

========== Modules (SafeList) ==========

MOD - [2009-11-16 22:03:33 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Iza\Pulpit\OTL.exe

MOD - [2008-04-14 17:20:31 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll

MOD - [2008-04-14 16:59:08 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

MOD - [2004-08-04 12:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll

MOD - [2004-08-04 12:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll

========== Win32 Services (SafeList) ==========

SRV - [2009-07-19 20:19:54 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2009-07-19 18:49:12 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)

SRV - [2009-04-02 11:47:04 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)

SRV - [2008-04-14 17:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)

SRV - [2007-06-28 10:31:38 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)

SRV - [2007-06-04 22:14:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)

SRV - [2007-06-04 22:14:50 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)

SRV - [2007-06-01 09:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2007-04-13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)

SRV - [2007-02-01 22:55:08 | 00,446,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)

SRV - [2006-12-01 10:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)

SRV - [2006-10-26 23:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)

SRV - [2006-10-26 18:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2005-04-03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - [2009-07-18 20:23:28 | 00,020,747 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP)

DRV - [2009-04-28 20:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)

DRV - [2008-04-13 16:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)

DRV - [2008-04-13 16:36:05 | 00,144,384 | ---- | M] (Windows ? Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2007-08-28 04:58:00 | 00,005,760 | ---- | M] () -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)

DRV - [2007-02-01 23:03:24 | 01,975,296 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2006-11-02 17:32:30 | 04,394,496 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)

DRV - [2006-10-12 15:28:42 | 00,604,928 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2006-08-29 15:10:34 | 00,107,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)

DRV - [2006-08-14 03:40:24 | 00,027,776 | R--- | M] (Attansic Technology corporation.) -- C:\WINDOWS\system32\drivers\atl02_xp.sys -- (AtcL002)

DRV - [2006-08-08 22:15:14 | 01,116,544 | ---- | M] () -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)

DRV - [2006-08-08 22:15:14 | 00,007,808 | ---- | M] () -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)

DRV - [2006-06-09 23:07:28 | 00,027,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RTSTOR.sys -- (RTSTOR)

DRV - [2006-05-25 03:40:58 | 00,193,088 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)

DRV - [2006-05-18 20:46:16 | 00,110,976 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)

DRV - [2006-05-09 10:21:54 | 00,040,192 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)

DRV - [2006-05-09 09:33:54 | 00,062,848 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)

DRV - [2006-04-19 12:57:44 | 00,047,488 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)

DRV - [2006-03-21 07:04:24 | 00,889,472 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)

DRV - [2006-03-16 09:45:12 | 00,037,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)

DRV - [2006-03-15 09:52:40 | 00,052,864 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd)

DRV - [2006-01-18 14:05:18 | 00,017,536 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\drivers\NtpaSp50.sys -- (NTPASp50)

DRV - [2005-08-01 15:45:08 | 00,064,896 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)

DRV - [2005-07-11 17:58:56 | 00,003,712 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)

DRV - [2005-01-06 12:42:42 | 00,018,612 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)

DRV - [2004-08-04 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)

DRV - [2004-08-04 12:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)

DRV - [2004-05-28 02:13:04 | 00,016,269 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\ATK0100\ASNDIS5.sys -- (ASNDIS5)

DRV - [2002-04-03 12:09:16 | 00,049,457 | R--- | M] (FTDI Ltd.) -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)

DRV - [2002-04-03 12:09:14 | 00,018,102 | R--- | M] (FTDI Ltd.) -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)

DRV - [2001-08-17 20:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-19 20:19:55 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{20978f0f-2978-4992-ae97-7d373c44e04e}: C:\Program Files\Common Files\Techland\Translator\MozillaTranslator\ [2009-11-13 17:53:56 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-11-16 21:17:36 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-11-16 21:17:24 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{20978f0f-2978-4992-ae97-7d373c44e04e}: C:\Program Files\Common Files\Techland\Translator\MozillaTranslator\ [2009-11-13 17:53:56 | 00,000,000 | ---D | M]

[2009-11-16 21:17:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iza\Dane aplikacji\Mozilla\Extensions

[2009-11-16 21:17:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iza\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009-07-19 20:16:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iza\Dane aplikacji\Mozilla\Firefox\extensions

[2009-07-19 20:16:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iza\Dane aplikacji\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

[2009-11-16 21:17:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Iza\Dane aplikacji\Mozilla\Firefox\Profiles\9bwfyuq2.default\extensions

[2009-11-16 21:17:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2009-11-16 21:17:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009-11-03 03:41:11 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll

[2009-11-03 03:41:11 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll

[2009-11-03 03:41:11 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

[2009-11-03 01:54:10 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2009-11-03 01:54:10 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2009-11-03 01:54:10 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml

[2009-11-03 01:54:10 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2009-11-03 01:54:10 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2009-11-03 01:54:10 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2009-11-03 01:54:10 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll ()

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)

O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Iza\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)

O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll (Techland)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)

O3 - HKCU\..\Toolbar\ShellBrowser: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll (Techland)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)

O4 - HKLM..\Run: [Alcmtr] C:\windows\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()

O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [RTHDCPL] C:\windows\RTHDCPL.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()

O4 - HKLM..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd File not found

O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)

O4 - HKCU..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)

O4 - HKCU..\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

O4 - Startup: C:\Documents and Settings\Iza\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll (Techland)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O27 - HKLM IFEO\msimn.exe: Debugger - C:\Program Files\Common Files\Techland\Translator\ExpressLauncher.exe (Techland)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{3f03ef5e-87f3-11de-9811-001d60b81305}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe -- File not found

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

O35 - comfile [open] -- "%1" %* File not found

O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009-11-16 22:03:22 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Iza\Pulpit\OTL.exe

[2009-11-16 21:40:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Google

[2009-11-16 21:36:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP

[2009-11-16 21:35:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft

[2009-11-16 21:32:30 | 29,868,536 | ---- | C] (Kaspersky Lab) -- C:\Program Files\kav7.0.1.325pl.exe

[2009-11-16 21:17:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Iza\Ustawienia lokalne\Dane aplikacji\Mozilla

[2009-11-16 21:17:02 | 08,792,984 | ---- | C] (Mozilla) -- C:\Documents and Settings\Iza\Pulpit\Firefox Setup 3.5.5.exe

[2009-11-15 09:49:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Iza\Moje dokumenty\lismor

[2009-11-14 22:05:21 | 00,000,000 | ---D | C] -- C:\windows\System32\Adobe

[2009-11-13 17:46:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Techland

[2009-11-10 18:38:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Iza\Ustawienia lokalne\Dane aplikacji\Adobe

[2009-11-06 23:12:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2009-10-28 22:02:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Iza\Moje dokumenty\Nowy folder

[2009-10-18 14:42:36 | 00,000,000 | ---D | C] -- C:\Program Files\Techland

[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009-11-16 22:03:33 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Iza\Pulpit\OTL.exe

[2009-11-16 21:35:33 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT

[2009-11-16 21:35:30 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat

[2009-11-16 21:35:26 | 40,185,4464 | -HS- | M] () -- C:\hiberfil.sys

[2009-11-16 21:34:46 | 03,670,016 | -H-- | M] () -- C:\Documents and Settings\Iza\NTUSER.DAT

[2009-11-16 21:32:42 | 29,868,536 | ---- | M] (Kaspersky Lab) -- C:\Program Files\kav7.0.1.325pl.exe

[2009-11-16 21:17:40 | 00,000,000 | ---- | M] () -- C:\windows\nsreg.dat

[2009-11-16 21:17:26 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk

[2009-11-16 21:17:03 | 08,792,984 | ---- | M] (Mozilla) -- C:\Documents and Settings\Iza\Pulpit\Firefox Setup 3.5.5.exe

[2009-11-16 19:54:09 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Iza\ntuser.ini

[2009-11-16 19:52:45 | 00,002,596 | ---- | M] () -- C:\windows\System32\CONFIG.NT

[2009-11-15 15:37:51 | 00,000,090 | ---- | M] () -- C:\Documents and Settings\Iza\Dane aplikacji\XTDocSettings_et.ini

[2009-11-13 17:54:05 | 00,001,941 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Słownik Podręczny.lnk

[2009-11-13 17:54:05 | 00,001,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\English Translator XT.lnk

[2009-11-12 19:02:44 | 00,000,098 | ---- | M] () -- C:\windows\WirelessFTP.INI

[2009-11-12 08:29:42 | 00,359,416 | ---- | M] () -- C:\windows\System32\perfh015.dat

[2009-11-12 08:29:42 | 00,314,842 | ---- | M] () -- C:\windows\System32\perfh009.dat

[2009-11-12 08:29:42 | 00,051,166 | ---- | M] () -- C:\windows\System32\perfc015.dat

[2009-11-12 08:29:42 | 00,041,170 | ---- | M] () -- C:\windows\System32\perfc009.dat

[2009-11-12 08:29:41 | 00,772,498 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI

[2009-11-11 08:30:27 | 00,269,392 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2009-11-09 20:36:13 | 00,015,872 | ---- | M] () -- C:\Documents and Settings\Iza\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-11-09 19:47:33 | 00,000,069 | ---- | M] () -- C:\windows\NeroDigital.ini

[2009-11-07 15:56:57 | 00,000,000 | ---- | M] () -- C:\testwma.raw

[2009-11-05 17:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\MRT.exe

[2009-11-04 03:00:35 | 00,001,374 | ---- | M] () -- C:\windows\imsins.BAK

[2009-11-03 18:45:02 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Iza\Moje dokumenty\sprzeglo.jpg

[2009-11-03 18:44:59 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Iza\Moje dokumenty\sprzglo2.jpg

[2009-11-03 18:44:27 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Iza\sprzeglo.jpg

[2009-11-03 18:44:17 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Iza\sprzglo2.jpg

[2009-11-03 18:44:17 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Iza\Moje dokumenty\fots.jpg

[2009-11-03 18:41:12 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Iza\fots.jpg

[2009-10-28 23:03:35 | 00,149,458 | ---- | M] () -- C:\windows\HPHins15.dat

[2009-10-28 22:29:20 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk

[2009-10-22 09:18:25 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.dll

[2009-10-22 09:18:25 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\mshtml.dll

[2009-10-18 21:35:12 | 02,557,018 | -H-- | M] () -- C:\Documents and Settings\Iza\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2009-10-18 14:52:32 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2009-10-18 13:36:36 | 00,000,090 | ---- | M] () -- C:\Documents and Settings\Iza\Dane aplikacji\XTDocSettings.ini

[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009-11-16 21:17:40 | 00,000,000 | ---- | C] () -- C:\windows\nsreg.dat

[2009-11-16 21:17:26 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk

[2009-11-13 17:59:11 | 00,000,090 | ---- | C] () -- C:\Documents and Settings\Iza\Dane aplikacji\XTDocSettings_et.ini

[2009-11-13 17:48:15 | 00,001,941 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Słownik Podręczny.lnk

[2009-11-13 17:48:15 | 00,001,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\English Translator XT.lnk

[2009-11-09 20:39:11 | 04,145,364 | ---- | C] () -- C:\Documents and Settings\Iza\Moje dokumenty\BOYS'B~1.MP3

[2009-11-03 18:45:02 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Iza\Moje dokumenty\sprzeglo.jpg

[2009-11-03 18:44:59 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Iza\Moje dokumenty\sprzglo2.jpg

[2009-11-03 18:44:27 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Iza\sprzeglo.jpg

[2009-11-03 18:44:17 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Iza\sprzglo2.jpg

[2009-11-03 18:44:17 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Iza\Moje dokumenty\fots.jpg

[2009-11-03 18:41:12 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Iza\fots.jpg

[2009-10-28 22:29:20 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk

[2009-10-28 22:23:42 | 00,149,458 | ---- | C] () -- C:\windows\HPHins15.dat

[2009-10-28 22:23:41 | 00,002,828 | ---- | C] () -- C:\windows\hphmdl15.dat

[2009-10-18 13:36:36 | 00,000,090 | ---- | C] () -- C:\Documents and Settings\Iza\Dane aplikacji\XTDocSettings.ini

[2009-10-04 18:35:47 | 00,000,069 | ---- | C] () -- C:\windows\NeroDigital.ini

[2009-09-03 20:18:29 | 00,070,024 | ---- | C] () -- C:\Documents and Settings\Iza\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2009-08-16 14:19:01 | 00,000,092 | R--- | C] () -- C:\windows\System32\ftdiun2k.ini

[2009-07-21 16:31:26 | 00,000,098 | ---- | C] () -- C:\windows\WirelessFTP.INI

[2009-07-21 13:29:15 | 00,000,976 | ---- | C] () -- C:\windows\EnglishTranslator.INI

[2009-07-19 20:12:21 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\Iza\Dane aplikacji\Smiley.ico

[2009-07-19 18:58:29 | 00,000,050 | ---- | C] () -- C:\windows\Winamp.ini

[2009-07-19 18:58:27 | 00,000,041 | ---- | C] () -- C:\windows\winampa.ini

[2009-07-19 09:15:09 | 00,168,448 | ---- | C] () -- C:\windows\System32\unrar.dll

[2009-07-19 08:59:56 | 00,015,872 | ---- | C] () -- C:\Documents and Settings\Iza\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-07-18 21:08:07 | 00,000,024 | ---- | C] () -- C:\windows\ATKPF.ini

[2009-07-18 21:06:09 | 00,000,061 | ---- | C] () -- C:\windows\smscfg.ini

[2009-07-18 20:30:15 | 00,000,000 | ---- | C] () -- C:\windows\tosOBEX.INI

[2009-07-18 20:13:21 | 00,014,848 | ---- | C] () -- C:\windows\System32\drivers\SynSam.sys

[2009-07-18 20:13:21 | 00,007,808 | ---- | C] () -- C:\windows\System32\drivers\SynScan.sys

[2009-07-18 20:13:11 | 00,498,688 | ---- | C] () -- C:\windows\System32\drivers\SynPin.sys

[2009-07-18 20:13:10 | 01,116,544 | ---- | C] () -- C:\windows\System32\drivers\SynMini.sys

[2009-07-18 20:13:10 | 00,028,800 | ---- | C] () -- C:\windows\System32\drivers\SynCamd.sys

[2009-07-18 20:11:47 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Iza\Dane aplikacji\desktop.ini

[2009-07-18 20:11:46 | 02,557,018 | -H-- | C] () -- C:\Documents and Settings\Iza\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2009-07-18 20:10:23 | 00,005,760 | ---- | C] () -- C:\windows\System32\drivers\ATKACPI.sys

[2005-09-02 13:44:08 | 00,110,592 | ---- | C] () -- C:\windows\System32\TosBtAcc.dll

[2005-07-22 20:30:20 | 00,065,536 | ---- | C] () -- C:\windows\System32\TosCommAPI.dll

[2004-11-24 06:38:18 | 00,007,424 | R--- | C] () -- C:\windows\System32\drivers\MMIOPORT.SYS

[2004-11-24 06:38:18 | 00,002,538 | ---- | C] () -- C:\windows\System32\OEMINFO.INI

[2004-11-24 06:37:52 | 00,000,582 | ---- | C] () -- C:\windows\win.ini

[2004-11-24 06:37:49 | 00,000,227 | ---- | C] () -- C:\windows\system.ini

[2004-07-20 16:04:02 | 00,094,208 | ---- | C] () -- C:\windows\System32\TosBtHcrpAPI.dll

[2004-01-15 13:43:28 | 00,114,688 | ---- | C] () -- C:\windows\System32\TBTMonUI.dll

< End of report >

dalam to na wklej.ogr i czekam na odpowiedz

Nie cytuj poprzedzającego posta. - Sevard

SwisteK · Listopad 16, 2009

Po wyłączeniu Gadu-Gadu też tak się dzieje?

Sevard · Listopad 16, 2009

Nie trzeba się niecierpliwić, ja mam też inne rzeczy na głowie.

Instrukcję użycia RSIT-a masz w pierwszym linku z mojej sygnaturki, ale skoro jest log z OTL-a, od biedy może być log z HijackThis. W tym logu powyżej nie widać nic, co mogłoby być przyczyną.

Tak swoją drogą jakiego obecnie masz antywirusa?

No i sprawdź co zajmuje tyle czasu procesora za pomocą menedżera zadań.

izarobert · Listopad 17, 2009

Nie trzeba się niecierpliwić, ja mam też inne rzeczy na głowie.
Instrukcję użycia RSIT-a masz w pierwszym linku z mojej sygnaturki, ale skoro jest log z OTL-a, od biedy może być log z HijackThis. W tym logu powyżej nie widać nic, co mogłoby być przyczyną.
Tak swoją drogą jakiego obecnie masz antywirusa?
No i sprawdź co zajmuje tyle czasu procesora za pomocą menedżera zadań.

wiesz co znalazlam probelem

siagnelam antytrojana i on mi znalazl trojana

a antywirusa mam NODa

dzieki za pomoc

Nie trzeba się niecierpliwić, ja mam też inne rzeczy na głowie.
Instrukcję użycia RSIT-a masz w pierwszym linku z mojej sygnaturki, ale skoro jest log z OTL-a, od biedy może być log z HijackThis. W tym logu powyżej nie widać nic, co mogłoby być przyczyną.
Tak swoją drogą jakiego obecnie masz antywirusa?
No i sprawdź co zajmuje tyle czasu procesora za pomocą menedżera zadań.
wiesz co znalazlam probelem
siagnelam antytrojana i on mi znalazl trojana
a antywirusa mam NODa
dzieki za pomoc

a to z RSIT

Logfile of random's system information tool 1.06 (written by random/random)

Run by Iza at 2009-11-17 18:55:50

Microsoft Windows XP Home Edition Dodatek Service Pack 3

System drive C: has 29 GB (63%) free of 46 GB

Total RAM: 383 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:55:58, on 2009-11-17

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\windows\System32\smss.exe

C:\windows\system32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\Ati2evxx.exe

C:\windows\system32\svchost.exe

C:\windows\System32\svchost.exe

C:\windows\system32\Ati2evxx.exe

C:\windows\Explorer.EXE

C:\windows\system32\spoolsv.exe

C:\windows\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\windows\system32\svchost.exe

C:\WINDOWS\ATK0100\HControl.exe

C:\windows\RTHDCPL.EXE

C:\Program Files\ASUS\ATK Media\DMEDIA.EXE

C:\Program Files\Wireless Console 2\wcourier.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Anti Trojan Elite\TJEnder.exe

C:\windows\system32\ctfmon.exe

C:\Program Files\Nowe Gadu-Gadu\gg.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\ATK0100\ATKOSD.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\windows\system32\NOTEPAD.EXE

C:\Documents and Settings\Iza\Pulpit\RSIT.exe

C:\Documents and Settings\Iza\Pulpit\Iza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Iza\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll

O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll

O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE

O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO

O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe

O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--

End of file - 9598 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]

UrlHelper Class - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll [2009-05-04 398776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-07-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-24 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-07 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-24 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-19 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-19 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]

IEPluginBHO Class - C:\Documents and Settings\Iza\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-14 42088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - BearShare MediaBar - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll [2009-05-04 529848]

{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-24 256112]

{0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - &Tłumaczenie - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll [2008-03-27 406760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]

"RTHDCPL"=C:\windows\RTHDCPL.EXE [2006-10-30 16269312]

"Alcmtr"=C:\windows\ALCMTR.EXE [2005-05-03 69632]

"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-06-08 53248]

"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]

"Zshutdown"=c:\sysprep\patch\sysprep.cmd []

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-19 136600]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

"Anti Trojan Elite"=C:\Program Files\Anti Trojan Elite\TJEnder.exe [2009-06-14 4076544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

"Nowe Gadu-Gadu"=C:\Program Files\Nowe Gadu-Gadu\gg.exe [2009-08-31 11391592]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-19 39408]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-06-26 25604904]

"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-10-23 289072]

"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]

C:\windows\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]

C:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart

Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Iza\Menu Start\Programy\Autostart

Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\windows\system32\Ati2evxx.dll [2007-02-01 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

"C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu"

"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:?Torrent"

"C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\Polish\setup.exe"="C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\Polish\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f03ef5e-87f3-11de-9811-001d60b81305}]

shell\AutoRun\command - G:\InstallTomTomHOME.exe

======List of files/folders created in the last 1 months======

2009-11-17 18:54:35 ----D---- C:\rsit

2009-11-17 18:40:59 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Google

2009-11-17 18:39:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP

2009-11-17 18:38:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft

2009-11-16 23:05:38 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

2009-11-16 22:19:13 ----D---- C:\Program Files\Anti Trojan Elite

2009-11-16 21:32:30 ----A---- C:\Program Files\kav7.0.1.325pl.exe

2009-11-14 22:05:21 ----D---- C:\windows\system32\Adobe

2009-11-13 17:59:11 ----A---- C:\Documents and Settings\Iza\Dane aplikacji\XTDocSettings_et.ini

2009-11-13 17:46:07 ----D---- C:\Program Files\Common Files\Techland

2009-11-11 03:00:17 ----HDC---- C:\windows\$NtUninstallKB969947$

2009-11-06 23:12:13 ----D---- C:\Program Files\Common Files\Adobe

2009-10-18 14:42:36 ----D---- C:\Program Files\Techland

2009-10-18 13:36:36 ----A---- C:\Documents and Settings\Iza\Dane aplikacji\XTDocSettings.ini

======List of files/folders modified in the last 1 months======

2009-11-17 18:41:16 ----D---- C:\Documents and Settings\Iza\Dane aplikacji\Skype

2009-11-17 18:40:28 ----D---- C:\Documents and Settings\Iza\Dane aplikacji\uTorrent

2009-11-17 18:40:13 ----D---- C:\Documents and Settings\Iza\Dane aplikacji\skypePM

2009-11-17 18:39:08 ----SHD---- C:\windows\Installer

2009-11-17 18:38:54 ----D---- C:\windows\Temp

2009-11-17 18:38:51 ----HD---- C:\windows\inf

2009-11-17 18:38:29 ----D---- C:\Program Files

2009-11-17 18:37:43 ----A---- C:\windows\SchedLgU.Txt

2009-11-17 18:37:14 ----D---- C:\windows\system32

2009-11-16 23:42:20 ----D---- C:\windows\Prefetch

2009-11-16 23:05:52 ----D---- C:\Program Files\Mozilla Firefox

2009-11-16 21:17:53 ----D---- C:\Documents and Settings\Iza\Dane aplikacji\Mozilla

2009-11-16 21:17:40 ----D---- C:\WINDOWS

2009-11-16 21:12:36 ----SD---- C:\windows\Downloaded Program Files

2009-11-16 21:12:32 ----D---- C:\windows\system32\CatRoot2

2009-11-16 20:58:12 ----D---- C:\Program Files\WinRAR

2009-11-16 20:53:36 ----D---- C:\windows\system32\Macromed

2009-11-16 20:53:36 ----D---- C:\Documents and Settings\Iza\Dane aplikacji\Macromedia

2009-11-16 20:53:36 ----D---- C:\Documents and Settings\Iza\Dane aplikacji\Adobe

2009-11-16 19:52:46 ----D---- C:\windows\system32\drivers

2009-11-16 18:58:43 ----SD---- C:\windows\Tasks

2009-11-16 18:54:03 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

2009-11-15 18:01:28 ----D---- C:\Program Files\Common Files\Symantec Shared

2009-11-15 12:42:23 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Symantec

2009-11-14 15:00:03 ----D---- C:\Program Files\ScanTool.net_win

2009-11-13 17:46:07 ----D---- C:\Program Files\Common Files

2009-11-12 19:02:44 ----A---- C:\windows\WirelessFTP.INI

2009-11-12 08:29:41 ----A---- C:\windows\system32\PerfStringBackup.INI

2009-11-11 03:00:20 ----RSHD---- C:\windows\system32\dllcache

2009-11-10 19:37:56 ----HD---- C:\windows\$hf_mig$

2009-11-09 19:47:33 ----A---- C:\windows\NeroDigital.ini

2009-11-05 17:36:21 ----A---- C:\windows\system32\MRT.exe

2009-11-04 03:00:35 ----A---- C:\windows\imsins.BAK

2009-10-28 22:29:37 ----D---- C:\windows\WinSxS

2009-10-28 22:27:42 ----DC---- C:\windows\system32\DRVSTORE

2009-10-22 18:11:23 ----D---- C:\windows\Help

2009-10-22 09:18:25 ----A---- C:\windows\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Sterownik procesora Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\windows\system32\DRIVERS\AegisP.sys [2009-07-18 20747]

R2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []

R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []

R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; C:\windows\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]

R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2007-02-01 1975296]

R3 BCM43XX;Sterownik karty sieciowej ASUS 802.11; C:\windows\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]

R3 CmBatt;Sterownik adaptera prądu zmiennego Microsoft; C:\windows\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]

R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 HidUsb;Sterownik Microsoft klasy HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2006-11-02 4394496]

R3 MODEMCSA;Urządzenie filtru strumieniowego usługi Unimodem; C:\windows\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

R3 mouhid;Sterownik myszy HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-26 12160]

R3 MTsensor;ATK0100 ACPI UTILITY; C:\windows\system32\DRIVERS\ATKACPI.sys [2007-08-28 5760]

R3 RTSTOR;USB Mass Stroage Device; C:\windows\system32\drivers\RTSTOR.SYS [2006-06-09 27520]

R3 smserial;smserial; C:\windows\system32\DRIVERS\smserial.sys [2006-03-21 889472]

R3 SynMini;USB2.0 1.3M WebCam; C:\windows\System32\Drivers\SynMini.sys [2006-08-08 1116544]

R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\windows\System32\Drivers\SynScan.sys [2006-08-08 7808]

R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2006-05-25 193088]

R3 tosporte;Bluetooth Port Driver from Toshiba; C:\windows\system32\DRIVERS\tosporte.sys [2006-04-19 47488]

R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Koncentrator z obsługą USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\windows\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

S3 CCDECODE;Dekoder napisów; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2002-04-03 18102]

S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2002-04-03 49457]

S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 NTPASp50;NTPASp50 NDIS Protocol Driver; C:\windows\System32\Drivers\NTPASp50.sys [2006-01-18 17536]

S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2004-08-04 5888]

S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []

S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\windows\system32\drivers\Toshidpt.sys [2005-07-11 3712]

S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\windows\System32\Drivers\tosrfbd.sys [2006-05-18 110976]

S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\windows\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]

S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\windows\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]

S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]

S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\windows\system32\drivers\TosRfSnd.sys [2006-03-15 52864]

S3 Tosrfusb;Bluetooth USB Controller; C:\windows\System32\Drivers\tosrfusb.sys [2006-05-09 40192]

S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Klasa PRINTER USB Microsoft; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbstor;Sterownik magazynu masowego USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []

S4 sr;Sterownik filtru Przywracania systemu; C:\windows\system32\DRIVERS\sr.sys [2008-04-14 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2007-02-01 446464]

R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2008-04-14 14336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-19 152984]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]

R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2008-04-14 14336]

S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-19 182768]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]

S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Sevard · Listopad 17, 2009

Otwórz notatnik, wklej do niego to co poniżej

Windows Registry Editor Version 5.00


[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f03ef5e-87f3-11de-9811-001d60b81305}]

zapisz to jako fix.reg i uruchom.

Wszystkie pamięci przenośne wyczyść za pomocą programu Flash Disinfector.

Poza tym czysto.

izarobert · Listopad 17, 2009

Otwórz notatnik, wklej do niego to co poniżej
Windows Registry Editor Version 5.00


[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f03ef5e-87f3-11de-9811-001d60b81305}]
zapisz to jako fix.reg i uruchom.
Wszystkie pamięci przenośne wyczyść za pomocą programu Flash Disinfector.
Poza tym czysto.

to jest wynik z combofix

ComboFix 09-11-18.04 - Iza 2009-11-17 20:41.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.383.133 [GMT 0:00]

Uruchomiony z: c:\documents and settings\Iza\Pulpit\ComboFix.exe

FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\AutoRun.inf

.

((((((((((((((((((((((((( Pliki utworzone od 2009-10-17 do 2009-11-17 )))))))))))))))))))))))))))))))

.

2009-11-17 19:22 . 2009-11-17 19:22 -------- d-----w- c:\documents and settings\Iza\Dane aplikacji\TrojanHunter

2009-11-17 18:57 . 2009-11-17 19:23 -------- d-----w- c:\program files\TrojanHunter 5.2

2009-11-17 18:54 . 2009-11-17 18:54 -------- d-----w- C:\rsit

2009-11-17 18:39 . 2009-11-17 18:39 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\HP

2009-11-16 23:05 . 2009-11-16 23:12 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP

2009-11-16 22:19 . 2009-11-16 22:22 -------- d-----w- c:\program files\Anti Trojan Elite

2009-11-16 21:32 . 2009-11-16 21:32 29868536 ----a-w- c:\program files\kav7.0.1.325pl.exe

2009-11-16 21:17 . 2009-11-16 21:17 0 ----a-w- c:\windows\nsreg.dat

2009-11-16 21:17 . 2009-11-16 21:17 -------- d-----w- c:\documents and settings\Iza\Ustawienia lokalne\Dane aplikacji\Mozilla

2009-11-14 22:05 . 2009-11-16 20:53 -------- d-----w- c:\windows\system32\Adobe

2009-11-13 17:46 . 2009-11-13 17:46 -------- d-----w- c:\program files\Common Files\Techland

2009-11-10 18:38 . 2009-11-16 20:53 -------- d-----w- c:\documents and settings\Iza\Ustawienia lokalne\Dane aplikacji\Adobe

2009-11-06 23:12 . 2009-11-06 23:13 -------- d-----w- c:\program files\Common Files\Adobe

2009-10-28 22:23 . 2009-10-28 23:03 149458 ----a-w- c:\windows\HPHins15.dat

2009-10-28 22:23 . 2007-08-28 06:45 2828 ------w- c:\windows\hphmdl15.dat

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-11-17 20:28 . 2009-07-19 19:20 -------- d-----w- c:\documents and settings\Iza\Dane aplikacji\Skype

2009-11-17 18:40 . 2009-07-19 20:16 -------- d-----w- c:\documents and settings\Iza\Dane aplikacji\uTorrent

2009-11-17 18:40 . 2009-07-19 19:37 -------- d-----w- c:\documents and settings\Iza\Dane aplikacji\skypePM

2009-11-16 18:54 . 2009-07-19 19:40 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM

2009-11-15 18:01 . 2009-07-18 20:55 -------- d-----w- c:\program files\Common Files\Symantec Shared

2009-11-15 12:42 . 2009-07-18 20:55 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Symantec

2009-11-14 15:00 . 2009-08-16 14:20 -------- d-----w- c:\program files\ScanTool.net_win

2009-11-12 08:29 . 2004-11-24 06:37 51166 ----a-w- c:\windows\system32\perfc015.dat

2009-11-12 08:29 . 2004-11-24 06:37 359416 ----a-w- c:\windows\system32\perfh015.dat

2009-10-18 14:42 . 2009-10-18 14:42 -------- d-----w- c:\program files\Techland

2009-10-04 16:45 . 2009-07-18 20:43 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-10-04 15:14 . 2009-07-19 20:16 -------- d-----w- c:\program files\uTorrent

2009-09-28 09:14 . 2009-07-19 18:38 -------- d-----w- c:\program files\Nowe Gadu-Gadu

2009-09-25 07:33 . 2009-09-25 07:33 -------- d-----w- c:\program files\MSXML 4.0

2009-09-24 21:27 . 2009-07-19 18:48 -------- d-----w- c:\program files\Google

2009-09-24 21:02 . 2009-09-24 21:02 -------- d-----w- c:\program files\Alwil Software

2009-09-11 14:19 . 2004-11-24 06:37 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 21:05 . 2004-11-24 06:37 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-03 20:18 . 2009-09-03 20:18 70024 ----a-w- c:\documents and settings\Iza\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-08-29 07:58 . 2004-11-24 06:37 916480 ----a-w- c:\windows\system32\wininet.dll

2009-08-26 08:02 . 2004-11-24 06:38 247326 ----a-w- c:\windows\system32\strmdll.dll

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

2009-04-02 11:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]

2009-05-04 10:56 398776 ----a-w- c:\program files\BearShare Applications\BearShare\BearShareIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-08-31 11391592]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-19 39408]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-06-26 25604904]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-23 289072]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-06-20 451872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]

"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]

"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-19 136600]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"Anti Trojan Elite"="c:\program files\Anti Trojan Elite\TJEnder.exe" [2009-06-14 4076544]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-10-30 16269312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Iza\Menu Start\Programy\Autostart\

Tworzenie wycink˘w ekranu i uruchamianie programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2006-5-24 49152]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=

"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMON.sys [2009-11-16 9216]

R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [2009-07-18 1116544]

R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [2009-07-18 7808]

S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-07-19 234888]

S3 NTPASp50;NTPASp50 NDIS Protocol Driver;c:\windows\system32\drivers\NtpaSp50.sys [2009-09-17 17536]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - MBR

*NewlyCreated* - PROCEXP113

*Deregistered* - mbr

*Deregistered* - PROCEXP113

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

"c:\program files\Common Files\LightScribe\LSRunOnce.exe"

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://search.bearshare.com/

uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: {{B46B0919-62BA-4D99-A5C4-916B57A6805C} - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - c:\program files\Common Files\Techland\Translator\InternetTranslator.dll

FF - ProfilePath - c:\documents and settings\Iza\Dane aplikacji\Mozilla\Firefox\Profiles\9bwfyuq2.default\

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

.

- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-Zshutdown - c:\sysprep\patch\sysprep.cmd

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-11-17 20:48

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(820)

c:\windows\system32\Ati2evxx.dll

.

Czas ukończenia: 2009-11-17 20:50

ComboFix-quarantined-files.txt 2009-11-17 20:50

Przed: 30 105 915 392 bajtów wolnych

Po: 30 603 640 832 bajtów wolnych

- - End Of File - - 1ECBD2252D789E5B1B9A7AB3572E84FE

strasznie ci dziekuje za pomoc

jeszce nie wiem co to jest ta konsola odzyskiwania ale to mniejsza z tym

Sevard · Listopad 17, 2009

No dobra, to tylko parę słów na koniec. Nie używaj Combofix-a jeśli ktoś Cię wyraźnie o to nie poprosi. Ten program w pewnych sytuacjach może rozwalić system. Loga nawet nie sprawdzam, bo nie ma sensu, nie zawiera on nic więcej niż logi z RSIT-a i OTL-a.

Zaloguj się

Zarchiwizowany

monitor

Polecane posty

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Kto przegląda 0 użytkowników