Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek dla www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

NIedozwolona instrukcja NTVDM CPU?

26 Maj 2011 19:16 3787 11
  • Poziom 9  
    NIedozwolona instrukcja NTVDM CPU?Widział ktoś takie coś? przerobiłem kompa ComboFixem a wcześniej scandisc zrobiłem i nic może w złą strone szukam?
  • Spec od komputerów
    Po co uzywasz combofix skoro nie wiesz jak dziala ten program i kiedy nalezy go uzyc?

    Zrob skan przy pomocy mbam oraz cureit, daj w zalaczniku logi z OTL oraz log z combofix skoro juz go uzyles.
  • Poziom 9  
    Problem w tym ze nie wiem z czym mam do czynienia a ten program nie raz mi pomógł nawet gdy teoretycznie nie powinien...

    Nie wiem czy taki log komuś coś mówi ale prosze:

    Cytat:
    Malwarebytes' Anti-Malware 1.30
    Wersja bazy definicji: 1306
    Windows 5.1.2600 Dodatek Service Pack 3

    2011-05-26 19:56:00
    mbam-log-2011-05-26 (19-56-00).txt

    Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|)
    Przeskanowane obiekty: 167109
    Upłynęło: 29 minute(s), 37 second(s)

    Zainfekowane procesy w pamięci: 0
    Zainfekowane moduły pamięci: 0
    Zainfekowane klucze rejestru: 0
    Zainfekowane wartości rejestru: 0
    Zainfekowane pliki rejestru: 0
    Zainfekowane foldery: 0
    Zainfekowane pliki: 0

    Zainfekowane procesy w pamięci:
    (Nie wykryto groźnych plików)

    Zainfekowane moduły pamięci:
    (Nie wykryto groźnych plików)

    Zainfekowane klucze rejestru:
    (Nie wykryto groźnych plików)

    Zainfekowane wartości rejestru:
    (Nie wykryto groźnych plików)

    Zainfekowane pliki rejestru:
    (Nie wykryto groźnych plików)

    Zainfekowane foldery:
    (Nie wykryto groźnych plików)

    Zainfekowane pliki:
    (Nie wykryto groźnych plików)


    następny dam jak sie zrobi...
  • Spec od komputerów
    Daj tylko logi z OTL oraz combofix, reszta jest zbedna.
  • Poziom 9  
    Cytat:
    OTL logfile created on: 2011-05-26 20:56:41 - Run 1
    OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\grze13\Moje dokumenty\Pobieranie
    Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

    2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,69% Memory free
    3,85 Gb Paging File | 3,12 Gb Available in Paging File | 80,98% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 200,00 Gb Total Space | 184,79 Gb Free Space | 92,40% Space Free | Partition Type: NTFS
    Drive D: | 365,75 Gb Total Space | 194,62 Gb Free Space | 53,21% Space Free | Partition Type: NTFS
    Drive E: | 365,75 Gb Total Space | 54,18 Gb Free Space | 14,81% Space Free | Partition Type: NTFS

    Computer Name: F1B1DC7A8CA3433 | User Name: grze13 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011-05-26 20:55:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\grze13\Moje dokumenty\Pobieranie\OTL.exe
    PRC - [2011-05-05 14:44:38 | 013,345,376 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
    PRC - [2011-03-18 20:04:29 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2011-02-12 17:04:25 | 000,534,728 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files\Ad Muncher\AdMunch.exe
    PRC - [2008-04-14 18:51:36 | 000,421,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntvdm.exe
    PRC - [2008-04-14 18:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2006-03-03 22:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


    ========== Modules (SafeList) ==========

    MOD - [2011-05-26 20:55:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\grze13\Moje dokumenty\Pobieranie\OTL.exe
    MOD - [2011-02-12 17:04:25 | 000,072,192 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files\Ad Muncher\AM32-32300.dll
    MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- -- (HidServ)
    SRV - [2008-07-29 22:10:04 | 000,046,104 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
    SRV - [2008-07-25 12:16:40 | 000,034,312 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
    SRV - [2006-03-03 22:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [File_System | Unknown | Running] -- -- (DwProt)
    DRV - [2008-04-14 00:09:52 | 000,005,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
    DRV - [2008-04-13 20:02:38 | 000,066,048 | ---- | M] () [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
    DRV - [2006-08-04 10:29:24 | 000,043,904 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
    DRV - [2006-08-03 00:07:52 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2006-07-27 03:49:10 | 000,083,712 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2006-03-17 20:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
    DRV - [2006-02-07 13:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
    DRV - [2004-10-20 08:54:44 | 000,308,096 | R--- | M] (Animation Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvcap138.sys -- (LVCap138)
    DRV - [2004-10-20 08:54:42 | 000,014,464 | R--- | M] (Animation Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvtuner.sys -- (lvtuner)
    DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
    DRV - [2002-07-17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..extensions.enabledItems: en-US(malpa)dictionaries.addons.mozilla.org:5.0.1
    FF - prefs.js..extensions.enabledItems: {3ED591BC-7CC7-495B-A526-B2431356EDC1}:2.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: jqs(malpa)sun.com:1.0
    FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
    FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

    FF - HKLM\software\mozilla\Firefox\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files\Ad Muncher\FirefoxExtension_2.0 [2011-02-12 17:04:25 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-04-28 20:15:50 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-28 20:15:49 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-04-29 19:05:02 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
    FF - HKLM\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files\Ad Muncher\FirefoxExtension_2.0 [2011-02-12 17:04:25 | 000,000,000 | ---D | M]

    [2011-02-13 18:36:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Extensions
    [2011-02-13 18:36:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
    [2011-04-28 20:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\extensions
    [2011-02-18 21:50:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011-04-01 19:11:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2011-04-28 20:12:21 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\extensions\en-US@dictionaries.addons.mozilla.org
    [2011-02-13 21:54:49 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\extensions\vshare@toolbar
    [2011-03-06 09:57:32 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\searchplugins\askcom.xml
    [2011-02-13 21:54:55 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\searchplugins\web-search.xml
    [2011-04-30 11:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011-04-24 23:55:35 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2011-02-12 18:57:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    [2011-04-30 11:13:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
    File not found (No name found) --
    [2011-02-12 17:04:25 | 000,000,000 | ---D | M] (Ad Muncher Browser Extensions) -- C:\PROGRAM FILES\AD MUNCHER\FIREFOXEXTENSION_2.0
    [2011-04-30 11:13:44 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2011-03-18 20:04:29 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
    [2011-04-30 11:13:44 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010-12-09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
    [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
    [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
    [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
    [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
    [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
    [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

    O1 HOSTS File: ([2011-05-26 18:07:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
    O4 - HKLM..\Run: [Ad Muncher] C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
    O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe (JMicron Technology Corp.)
    O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
    O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\grze13\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\grze13\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2011-02-09 22:29:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011-05-26 20:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grze13\DoctorWeb
    [2011-05-26 19:25:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grze13\Dane aplikacji\Malwarebytes
    [2011-05-26 19:25:13 | 000,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011-05-26 19:25:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
    [2011-05-26 19:25:11 | 000,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011-05-26 19:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011-05-26 19:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
    [2011-05-26 18:04:47 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2011-05-26 18:03:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2011-05-26 18:03:14 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2011-05-26 18:03:14 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2011-05-26 18:03:14 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2011-05-26 17:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2011-05-26 17:53:35 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2011-05-22 19:06:54 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2011-05-22 02:09:32 | 000,000,000 | ---D | C] -- C:\Config.Msi
    [2011-05-21 20:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grze13\Pulpit\Hans_Solo-8-PL-2011-LbP
    [2011-05-19 09:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grze13\Pulpit\hh
    [2011-05-16 20:21:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
    [2011-04-30 22:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Vu Games
    [2011-04-30 22:42:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grze13\Dane aplikacji\InstallShield
    [2011-04-30 16:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grze13\Ustawienia lokalne\Dane aplikacji\Temp
    [2011-04-30 11:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2011-04-30 11:13:53 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011-04-30 11:13:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011-04-30 11:13:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011-04-30 11:13:53 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2011-04-29 19:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\FreeRapid-0.85u1
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011-05-26 20:57:50 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{892F1F8D-537B-48B0-974E-394AD09CC842}.job
    [2011-05-26 20:57:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011-05-26 20:02:20 | 000,123,904 | ---- | M] () -- C:\Documents and Settings\grze13\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011-05-26 19:25:13 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
    [2011-05-26 18:30:30 | 000,036,489 | ---- | M] () -- C:\Documents and Settings\grze13\Pulpit\Bez nazwy 2 kopia.jpg
    [2011-05-26 18:10:06 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2011-05-26 18:10:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011-05-26 18:07:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2011-05-26 18:04:50 | 000,000,327 | RHS- | M] () -- C:\boot.ini
    [2011-05-25 23:35:11 | 000,000,211 | ---- | M] () -- C:\Boot.bak
    [2011-05-23 18:33:47 | 000,002,669 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Burning ROM 10.lnk
    [2011-05-22 19:06:54 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2011-05-22 14:15:02 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
    [2011-05-22 02:08:20 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2011-05-22 02:08:13 | 000,490,628 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
    [2011-05-22 02:08:13 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011-05-22 02:08:13 | 000,083,880 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
    [2011-05-22 02:08:13 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2011-05-19 09:23:42 | 000,002,711 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Vision 10.lnk
    [2011-05-17 11:12:03 | 000,000,354 | ---- | M] () -- C:\Documents and Settings\grze13\Pulpit\Play Bloons Tower Defense 4 - NinjaKiwi.url
    [2011-05-16 10:17:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011-05-15 21:02:26 | 000,157,303 | ---- | M] () -- C:\Documents and Settings\grze13\Pulpit\SL271853.jpg
    [2011-05-13 21:41:24 | 003,415,448 | ---- | M] () -- C:\Documents and Settings\grze13\Pulpit\138 grafika.JPG
    [2011-05-04 19:13:46 | 001,321,881 | ---- | M] () -- C:\Documents and Settings\grze13\Pulpit\SL271852.JPG
    [2011-05-04 12:36:36 | 005,295,742 | ---- | M] () -- C:\Documents and Settings\grze13\Pulpit\firma_jara_my_feat_bas_tajpan_www.przeklej.pl.mp3
    [2011-04-30 23:16:37 | 000,000,713 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Zeus Pan Olimpu - Złota Edycja.lnk
    [2011-04-30 13:53:09 | 000,002,715 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart 10.lnk
    [2011-04-30 13:01:49 | 000,000,711 | ---- | M] () -- C:\Documents and Settings\grze13\Pulpit\Skrót do frd.lnk
    [2011-04-30 11:13:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2011-04-30 11:13:43 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011-04-30 11:13:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011-04-30 11:13:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011-04-30 11:13:43 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2011-04-28 20:43:46 | 000,000,489 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FarmHelper.lnk
    [2011-04-28 20:15:51 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
    [2011-04-28 20:11:37 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011-05-26 19:25:13 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
    [2011-05-26 18:30:29 | 000,036,489 | ---- | C] () -- C:\Documents and Settings\grze13\Pulpit\Bez nazwy 2 kopia.jpg
    [2011-05-26 18:04:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
    [2011-05-26 18:04:47 | 000,262,400 | RHS- | C] () -- C:\cmldr
    [2011-05-26 18:03:14 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2011-05-26 18:03:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2011-05-26 18:03:14 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2011-05-26 18:03:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2011-05-26 18:03:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2011-05-17 11:11:52 | 000,000,354 | ---- | C] () -- C:\Documents and Settings\grze13\Pulpit\Play Bloons Tower Defense 4 - NinjaKiwi.url
    [2011-05-15 21:02:24 | 000,157,303 | ---- | C] () -- C:\Documents and Settings\grze13\Pulpit\SL271853.jpg
    [2011-05-15 20:57:11 | 001,321,881 | ---- | C] () -- C:\Documents and Settings\grze13\Pulpit\SL271852.JPG
    [2011-05-13 21:41:23 | 003,415,448 | ---- | C] () -- C:\Documents and Settings\grze13\Pulpit\138 grafika.JPG
    [2011-05-04 12:36:36 | 005,295,742 | ---- | C] () -- C:\Documents and Settings\grze13\Pulpit\firma_jara_my_feat_bas_tajpan_www.przeklej.pl.mp3
    [2011-04-30 23:16:37 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Zeus Pan Olimpu - Złota Edycja.lnk
    [2011-04-28 20:15:51 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
    [2011-04-25 17:23:33 | 000,000,736 | ---- | C] () -- C:\WINDOWS\DigimaxMaster.INI
    [2011-04-25 17:22:20 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\vidccleaner.exe
    [2011-04-25 17:19:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\unL270_.dll
    [2011-04-24 23:57:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
    [2011-03-04 00:28:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
    [2011-02-17 18:53:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2011-02-16 20:21:40 | 000,009,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdralw2k.sys
    [2011-02-16 20:21:40 | 000,009,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
    [2011-02-12 14:43:20 | 000,119,741 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
    [2011-02-12 14:43:17 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
    [2011-02-10 21:48:56 | 000,123,904 | ---- | C] () -- C:\Documents and Settings\grze13\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011-02-09 23:32:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2011-02-09 23:27:58 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\MSTEE.sys
    [2011-02-09 23:27:45 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2011-02-09 23:27:43 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2011-02-09 23:27:43 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2011-02-09 23:27:42 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
    [2011-02-09 23:27:42 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2011-02-09 23:25:51 | 000,133,246 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
    [2011-02-09 23:21:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2011-02-09 23:18:04 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011-02-09 22:40:17 | 000,019,697 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
    [2011-02-09 22:40:06 | 000,019,368 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2011-02-09 22:40:04 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
    [2011-02-09 22:39:58 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
    [2011-02-09 22:34:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2011-02-09 22:27:36 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\bitsprx2.dll
    [2011-02-09 22:26:18 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2008-07-29 06:49:58 | 000,586,240 | ---- | C] () -- C:\WINDOWS\System32\icardres.dll.mui
    [2008-05-08 16:01:44 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\msfeedssync.exe
    [2008-04-14 19:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
    [2008-04-14 01:26:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\tunmp.sys
    [2008-04-13 20:26:50 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023.sys
    [2008-04-13 20:02:38 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\udfs.sys
    [2006-12-31 03:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2006-05-06 02:10:39 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
    [2001-10-26 14:15:16 | 000,490,628 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
    [2001-10-26 14:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
    [2001-10-26 14:15:16 | 000,083,880 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
    [2001-10-26 14:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
    [2001-08-23 11:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2001-08-23 11:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2001-08-17 19:50:58 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\smclib.sys
    [2001-08-17 19:30:24 | 000,432,492 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2001-08-17 19:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2001-08-17 19:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2001-08-17 19:30:22 | 000,067,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2001-08-17 19:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2001-07-21 20:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2001-07-21 20:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2001-07-21 20:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2001-07-07 04:00:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

    ========== LOP Check ==========

    [2011-02-12 17:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad Muncher
    [2011-02-10 00:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
    [2011-02-17 17:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
    [2011-02-21 12:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Zylom
    [2011-04-28 20:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grze13\Dane aplikacji\Gadu-Gadu 10
    [2011-02-13 18:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grze13\Dane aplikacji\Thunderbird
    [2011-02-12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grze13\Dane aplikacji\VitySoft
    [2011-05-26 20:57:50 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{892F1F8D-537B-48B0-974E-394AD09CC842}.job

    ========== Purity Check ==========



    < End of report >
  • Spec od komputerów
    Miales dac w ZALACZNIKU OBA logi z OTL oraz combofix, a co i jak dales sam widzisz. Musisz sie bardziej wysilic.
  • Poziom 9  
    Cytat:
    OTL Extras logfile created on: 2011-05-26 20:56:41 - Run 1
    OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\grze13\Moje dokumenty\Pobieranie
    Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

    2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,69% Memory free
    3,85 Gb Paging File | 3,12 Gb Available in Paging File | 80,98% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 200,00 Gb Total Space | 184,79 Gb Free Space | 92,40% Space Free | Partition Type: NTFS
    Drive D: | 365,75 Gb Total Space | 194,62 Gb Free Space | 53,21% Space Free | Partition Type: NTFS
    Drive E: | 365,75 Gb Total Space | 54,18 Gb Free Space | 14,81% Space Free | Partition Type: NTFS

    Computer Name: F1B1DC7A8CA3433 | User Name: grze13 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = htmlfile] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
    "C:\FarmHelper\FVBot.exe" = C:\FarmHelper\FVBot.exe:*:Enabled:FVBot -- ()
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
    "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
    "C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
    "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
    "C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
    "C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0C171CF9-E6CB-427F-B1E8-55637C603586}_is1" = FarmHelper
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
    "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
    "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
    "{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
    "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
    "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
    "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
    "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JRAID
    "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
    "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
    "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
    "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
    "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
    "{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{6FF4B5E9-F1E8-4622-B97C-A1E5344F56AF}" = Zeus Pan Olimpu - Złota Edycja
    "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
    "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
    "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
    "{7ABE1621-5354-4136-A0EA-0BD9CD900B6B}" = Samsung USB Driver
    "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
    "{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
    "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
    "{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
    "{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
    "{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
    "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
    "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
    "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
    "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
    "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
    "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
    "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
    "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
    "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
    "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
    "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
    "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
    "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
    "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
    "{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.4 - Polish
    "{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
    "{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
    "{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
    "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
    "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
    "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
    "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
    "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
    "{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
    "{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
    "{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
    "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
    "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
    "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
    "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
    "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
    "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
    "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
    "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
    "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
    "Ad Muncher" = Ad Muncher v4.9 Build 32300
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
    "ALLPlayer_is1" = ALLPlayer V4.X
    "ATI Display Driver" = ATI Display Driver
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "Gadu-Gadu 10" = Gadu-Gadu 10
    "HP Imaging Device Functions" = HP Imaging Device Functions 7.0
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
    "HPExtendedCapabilities" = HP Customer Participation Program 7.0
    "HPOCR" = OCR Software by I.R.I.S 7.0
    "ie8" = Windows Internet Explorer 8
    "IrfanView" = IrfanView (remove only)
    "K!TV" = K!TV
    "KLiteCodecPack_is1" = K-Lite Codec Pack 3.6.5 Full
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox 4.0 (x86 pl)" = Mozilla Firefox 4.0 (x86 pl)
    "Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
    "NapiProjekt_is1" = NapiProjekt 1.0.6.9
    "PDF Password Remover v3.1_is1" = PDF Password Remover v3.1
    "RealAlt_is1" = Real Alternative 1.51
    "SopCast" = SopCast 3.3.2
    "Winamp" = Winamp
    "WinRAR archiver" = WinRAR 4.00 (32-bitowy)

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Winamp Detect" = Detektor Winampa

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 2011-03-13 17:15:35 | Computer Name = F1B1DC7A8CA3433 | Source = Application Error | ID = 1000
    Description = Aplikacja powodująca błąd winamp.exe, wersja 5.6.0.3091, moduł powodujący
    błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000101b3.

    Error - 2011-03-14 16:24:02 | Computer Name = F1B1DC7A8CA3433 | Source = Application Hang | ID = 1002
    Description = Aplikacja zawieszająca iexplore.exe, wersja 8.0.6001.18702, moduł
    zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

    Error - 2011-03-18 17:59:10 | Computer Name = F1B1DC7A8CA3433 | Source = Application Hang | ID = 1002
    Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5145, moduł
    zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

    [ System Events ]
    Error - 2011-05-22 04:35:48 | Computer Name = F1B1DC7A8CA3433 | Source = Dhcp | ID = 1000
    Description = Komputer utracił połączenie dla swojego adresu IP 10.1.1.3 na karcie
    sieciowej
    o adresie sieciowym 0018F308B129.

    Error - 2011-05-22 04:36:08 | Computer Name = F1B1DC7A8CA3433 | Source = W32Time | ID = 39452706
    Description = Usługa czas wykryła, że trzeba zmienić czas systemowy o -2591996 s.
    Usługa czasu nie zmieni czasu systemowego o więcej niż -54000 s. Sprawdź, czy czas
    i strefa czasowa są poprawne i czy źródło czasu time.windows.com (ntp.m|0x1|10.1.1.3:123->207.46.232.182:123)
    działa poprawnie.


    < End of report >
  • Poziom 27  
    Hmmmmm. Wiesz, że dałeś to samo? Wysilić to nie znaczy zacytować.
  • Poziom 9  
    to są 2 różne po pierwszej linijce już widać ;p pierwszy raz tu jestem nie znam dobrze etykiety... ale czuje że muszę głębiej pokopać, tylko czas marnujemy
  • Poziom 27  
    A no przepraszam, moje niedopatrzenie.
  • Spec od komputerów
    Odinstaluj:
    Google Toolbar for Internet Explorer
    Adobe Reader 9.4.4 - Polish -> Zmien na najnowsza wersje X.

    Nic ciekawego nie widac w tych logach.

    Wykonaj skrypt w OTL:

    :OTL
    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
    [2011-02-13 21:54:49 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\extensions\vshare@toolbar
    [2011-03-06 09:57:32 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\searchplugins\askcom.xml
    [2011-02-13 21:54:55 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\grze13\Dane aplikacji\Mozilla\Firefox\Profiles\o0vhm4i3.default\searchplugins\web-search.xml
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0