Proszę o sprawdzenie Logów z OTL

[pprzem19]

http://www.wklej.eu/index.php?id=19a3228e80

[mateo8898]

Uruchom OTL w oknie Custom Scans/Fixes wklej:

:OTL
MOD - [2010-02-09 12:52:46 | 000,085,504 | RHS- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\cvasds0.dll
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll File not found
O4 - HKU\S-1-5-21-1757981266-1979792683-682003330-1004..\Run: [cdoosoft] D:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\herss.exe ()
O32 - AutoRun File - [2010-02-09 13:12:12 | 000,000,051 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:12 | 000,000,051 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:12 | 000,000,051 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:12 | 000,000,051 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:14 | 000,000,051 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:14 | 000,000,051 | RHS- | M] () - H:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:14 | 000,000,051 | RHS- | M] () - I:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:14 | 000,000,051 | RHS- | M] () - J:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\Shell\AutoRun\command - "" = 2o1ajagt.exe
O33 - MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\Shell\open\Command - "" = 2o1ajagt.exe
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\AutoRun\command - "" = L:\sywyrl0q.exe -- File not found
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\open\Command - "" = L:\sywyrl0q.exe -- File not found
O33 - MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\Shell\AutoRun\command - "" = L:\f.bat -- File not found
O33 - MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\Shell\open\Command - "" = L:\f.bat -- File not found
O33 - MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\Shell\AutoRun\command - "" = L:\ws.exe -- File not found
O33 - MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\Shell\open\Command - "" = L:\ws.exe -- File not found

:Files
D:\FOUND.000
D:\ws.exe
C:\ws.exe
E:\ws.exe
F:\ws.exe
G:\ws.exe
H:\ws.exe
I:\ws.exe
J:\ws.exe
D:\bveijo.exe
C:\bveijo.exe
E:\bveijo.exe
F:\bveijo.exe
G:\bveijo.exe
H:\bveijo.exe
I:\bveijo.exe
J:\bveijo.exe
C:\9d6tpg.exe
D:\9d6tpg.exe
E:\9d6tpg.exe
F:\9d6tpg.exe
G:\9d6tpg.exe
H:\9d6tpg.exe
I:\9d6tpg.exe
J:\9d6tpg.exe
C:\1hqup.exe
D:\1hqup.exe
E:\1hqup.exe
F:\1hqup.exe
G:\1hqup.exe
H:\1hqup.exe
I:\1hqup.exe
J:\1hqup.exe
C:\mvmdh.exe
D:\mvmdh.exe
E:\mvmdh.exe
F:\mvmdh.exe
G:\mvmdh.exe
H:\mvmdh.exe
I:\mvmdh.exe
J:\mvmdh.exe
C:\0fpdq2dw.exe
D:\0fpdq2dw.exe
E:\0fpdq2dw.exe
F:\0fpdq2dw.exe
G:\0fpdq2dw.exe
H:\0fpdq2dw.exe
I:\0fpdq2dw.exe
J:\0fpdq2dw.exe
C:\df.exe
D:\df.exe
E:\df.exe
F:\df.exe
G:\df.exe
H:\df.exe
I:\df.exe
J:\df.exe
C:\c2e.exe
D:\c2e.exe
E:\c2e.exe
F:\c2e.exe
G:\c2e.exe
H:\c2e.exe
I:\c2e.exe
J:\c2e.exe
C:\qkm.exe
D:\qkm.exe
E:\qkm.exe
F:\qkm.exe
G:\qkm.exe
H:\qkm.exe
I:\qkm.exe
J:\qkm.exe
C:\9fo3ar0j.exe
D:\9fo3ar0j.exe
E:\9fo3ar0j.exe
F:\9fo3ar0j.exe
G:\9fo3ar0j.exe
H:\9fo3ar0j.exe
I:\9fo3ar0j.exe
J:\9fo3ar0j.exe
C:\sywyrl0q.exe
D:\sywyrl0q.exe
E:\sywyrl0q.exe
F:\sywyrl0q.exe
G:\sywyrl0q.exe
H:\sywyrl0q.exe
I:\sywyrl0q.exe
J:\sywyrl0q.exe
C:\9xf8.exe
D:\9xf8.exe
E:\9xf8.exe
F:\9xf8.exe
G:\9xf8.exe
H:\9xf8.exe
I:\9xf8.exe
J:\9xf8.exe
C:\f.bat
D:\f.bat
E:\f.bat
F:\f.bat
G:\f.bat
H:\f.bat
I:\f.bat
J:\f.bat

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"RemoteControl"=-
"SoundMan"=-
"WinampAgent"=-

:Commands
[emptytemp]

Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL

Wylecz pamięci przenośne Flash Disinfector lub sformatuj

[pprzem19]

Nie mogę wejść na strone www.wklej.eu wiec wklejam tutaj:

LOG z usuwania:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1757981266-1979792683-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft deleted successfully.
D:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\herss.exe moved successfully.
C:\autorun.inf moved successfully.
D:\autorun.inf moved successfully.
E:\autorun.inf moved successfully.
F:\autorun.inf moved successfully.
G:\autorun.inf moved successfully.
H:\autorun.inf moved successfully.
I:\autorun.inf moved successfully.
J:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
File 2o1ajagt.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
File 2o1ajagt.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
File L:\sywyrl0q.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
File L:\sywyrl0q.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
File L:\f.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
File L:\f.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
File L:\ws.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
File L:\ws.exe not found.
========== FILES ==========
D:\FOUND.000 folder moved successfully.
D:\ws.exe moved successfully.
C:\ws.exe moved successfully.
E:\ws.exe moved successfully.
F:\ws.exe moved successfully.
G:\ws.exe moved successfully.
H:\ws.exe moved successfully.
I:\ws.exe moved successfully.
J:\ws.exe moved successfully.
D:\bveijo.exe moved successfully.
C:\bveijo.exe moved successfully.
E:\bveijo.exe moved successfully.
F:\bveijo.exe moved successfully.
G:\bveijo.exe moved successfully.
H:\bveijo.exe moved successfully.
I:\bveijo.exe moved successfully.
J:\bveijo.exe moved successfully.
C:\9d6tpg.exe moved successfully.
D:\9d6tpg.exe moved successfully.
E:\9d6tpg.exe moved successfully.
F:\9d6tpg.exe moved successfully.
G:\9d6tpg.exe moved successfully.
H:\9d6tpg.exe moved successfully.
I:\9d6tpg.exe moved successfully.
J:\9d6tpg.exe moved successfully.
C:\1hqup.exe moved successfully.
File\Folder D:\1hqup.exe not found.
E:\1hqup.exe moved successfully.
F:\1hqup.exe moved successfully.
G:\1hqup.exe moved successfully.
H:\1hqup.exe moved successfully.
I:\1hqup.exe moved successfully.
J:\1hqup.exe moved successfully.
C:\mvmdh.exe moved successfully.
D:\mvmdh.exe moved successfully.
E:\mvmdh.exe moved successfully.
F:\mvmdh.exe moved successfully.
G:\mvmdh.exe moved successfully.
H:\mvmdh.exe moved successfully.
I:\mvmdh.exe moved successfully.
J:\mvmdh.exe moved successfully.
C:\0fpdq2dw.exe moved successfully.
D:\0fpdq2dw.exe moved successfully.
E:\0fpdq2dw.exe moved successfully.
F:\0fpdq2dw.exe moved successfully.
G:\0fpdq2dw.exe moved successfully.
H:\0fpdq2dw.exe moved successfully.
I:\0fpdq2dw.exe moved successfully.
J:\0fpdq2dw.exe moved successfully.
C:\df.exe moved successfully.
D:\df.exe moved successfully.
E:\df.exe moved successfully.
F:\df.exe moved successfully.
G:\df.exe moved successfully.
H:\df.exe moved successfully.
I:\df.exe moved successfully.
J:\df.exe moved successfully.
C:\c2e.exe moved successfully.
D:\c2e.exe moved successfully.
E:\c2e.exe moved successfully.
F:\c2e.exe moved successfully.
G:\c2e.exe moved successfully.
H:\c2e.exe moved successfully.
I:\c2e.exe moved successfully.
J:\c2e.exe moved successfully.
C:\qkm.exe moved successfully.
D:\qkm.exe moved successfully.
E:\qkm.exe moved successfully.
F:\qkm.exe moved successfully.
G:\qkm.exe moved successfully.
H:\qkm.exe moved successfully.
I:\qkm.exe moved successfully.
J:\qkm.exe moved successfully.
C:\9fo3ar0j.exe moved successfully.
D:\9fo3ar0j.exe moved successfully.
E:\9fo3ar0j.exe moved successfully.
F:\9fo3ar0j.exe moved successfully.
G:\9fo3ar0j.exe moved successfully.
H:\9fo3ar0j.exe moved successfully.
I:\9fo3ar0j.exe moved successfully.
J:\9fo3ar0j.exe moved successfully.
C:\sywyrl0q.exe moved successfully.
D:\sywyrl0q.exe moved successfully.
E:\sywyrl0q.exe moved successfully.
F:\sywyrl0q.exe moved successfully.
G:\sywyrl0q.exe moved successfully.
H:\sywyrl0q.exe moved successfully.
I:\sywyrl0q.exe moved successfully.
J:\sywyrl0q.exe moved successfully.
C:\9xf8.exe moved successfully.
D:\9xf8.exe moved successfully.
E:\9xf8.exe moved successfully.
F:\9xf8.exe moved successfully.
G:\9xf8.exe moved successfully.
H:\9xf8.exe moved successfully.
I:\9xf8.exe moved successfully.
J:\9xf8.exe moved successfully.
C:\f.bat moved successfully.
D:\f.bat moved successfully.
E:\f.bat moved successfully.
F:\f.bat moved successfully.
G:\f.bat moved successfully.
H:\f.bat moved successfully.
I:\f.bat moved successfully.
J:\f.bat moved successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\RemoteControl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SoundMan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
Temp folder emptied: 0 bytes
Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: NetworkService
Temp folder emptied: 0 bytes
Temporary Internet Files folder emptied: 402 bytes

User: LocalService
Temp folder emptied: 0 bytes
Temporary Internet Files folder emptied: 33170 bytes

User: Przemek
Temp folder emptied: 13909470 bytes
Temporary Internet Files folder emptied: 124498 bytes
FireFox cache emptied: 30074040 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2129157 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 315462 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 44,00 mb


OTL by OldTimer - Version 3.1.28.0 log created on 02092010_183136

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...



NOWY LOG Z OTL

OTL logfile created on: 2010-02-09 18:34:02 - Run 3
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

767,00 Mb Total Physical Memory | 526,00 Mb Available Physical Memory | 69,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): D:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 18,62 Gb Total Space | 10,67 Gb Free Space | 57,32% Space Free | Partition Type: FAT32
Drive D: | 18,60 Gb Total Space | 13,55 Gb Free Space | 72,85% Space Free | Partition Type: FAT32
Drive E: | 18,62 Gb Total Space | 17,16 Gb Free Space | 92,13% Space Free | Partition Type: FAT32
Drive F: | 18,62 Gb Total Space | 18,61 Gb Free Space | 99,91% Space Free | Partition Type: FAT32
Drive G: | 18,63 Gb Total Space | 0,41 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive H: | 18,44 Gb Total Space | 2,84 Gb Free Space | 15,43% Space Free | Partition Type: FAT32
Drive I: | 18,44 Gb Total Space | 5,71 Gb Free Space | 30,99% Space Free | Partition Type: FAT32
Drive J: | 18,99 Gb Total Space | 7,10 Gb Free Space | 37,37% Space Free | Partition Type: FAT32

Computer Name: 294E10E81B86438
Current User Name: Przemek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
PRC - [2009-12-22 18:49:58 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2006-03-02 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006-03-02 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2005-12-14 15:22:02 | 005,856,256 | ---- | M] () -- D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe
PRC - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005-12-02 14:28:54 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2005-10-11 18:57:16 | 004,780,118 | ---- | M] (Ahead Software AG) -- D:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
PRC - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) -- D:\WINDOWS\system32\ati2evxx.exe
PRC - [2001-09-12 19:20:02 | 000,196,608 | ---- | M] (HP) -- D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


========== Modules (SafeList) ==========

MOD - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
MOD - [2006-08-25 16:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- D:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)


========== Driver Services (SafeList) ==========

DRV - [2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006-06-01 23:11:08 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006-03-02 12:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006-03-02 12:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-12-02 15:05:54 | 000,083,968 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2005-12-02 15:04:36 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2005-12-02 15:03:28 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2005-12-02 15:01:32 | 000,021,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-10-20 12:05:00 | 000,282,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rtl8185.sys -- (rtl8185)
DRV - [2005-08-03 16:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-07-01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-10-02 09:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2006-12-28 09:53:54 | 000,000,000 | ---D | M]

[2010-01-15 11:21:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Extensions
[2006-12-28 09:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\esbemnus.default\extensions
[2006-12-28 09:53:54 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-03-02 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk = D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-01-03 20:53:02 | 000,000,133 | ---- | M] () - C:\Autoexec.bat -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-02-09 18:31:36 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-02-09 12:17:52 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Przemek\Recent
[2010-02-09 11:34:00 | 000,036,176 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2010-02-09 11:34:00 | 000,016,352 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2010-02-09 11:33:59 | 000,021,840 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys
[2010-02-09 11:33:58 | 000,085,760 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon.sys
[2010-02-09 11:33:58 | 000,083,968 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys
[2010-02-09 11:33:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MFC71.dll
[2010-02-09 11:33:54 | 000,499,712 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCP71.dll
[2010-02-09 11:33:54 | 000,348,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCR71.dll
[2010-02-09 11:33:54 | 000,090,112 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\AVASTSS.scr
[2010-02-09 11:33:53 | 000,000,000 | ---D | C] -- D:\Program Files\Alwil Software
[2010-02-02 15:31:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\GTA Vice City User Files
[2010-02-02 15:24:15 | 000,000,000 | ---D | C] -- D:\Program Files\GTA Vice City
[2010-02-01 19:07:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Nowy folder
[2010-01-21 13:04:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbprint.sys
[2010-01-21 13:04:33 | 000,031,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbccgp.sys
[2010-01-20 13:04:41 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2010-01-16 13:54:59 | 000,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbstor.sys
[2010-01-15 21:05:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\cache
[2010-01-15 21:02:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-15 21:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\OpenFM
[2010-01-15 21:02:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Gadu-Gadu 10
[2010-01-15 19:17:01 | 000,000,000 | ---D | C] -- D:\Program Files\TopCD
[2010-01-15 14:28:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\AdCache
[2010-01-15 14:28:10 | 000,000,000 | ---D | C] -- D:\Program Files\FlashGet
[2010-01-15 11:39:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
[2010-01-15 11:30:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\My Games
[2010-01-15 11:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Macromedia
[2010-01-15 10:46:26 | 000,021,035 | ---- | C] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:11 | 000,282,240 | ---- | C] (Realtek Semiconductor Corporation ) -- D:\WINDOWS\System32\drivers\rtl8185.sys
[2010-01-15 10:46:11 | 000,013,532 | ---- | C] (Windows (R) 2000 DDK provider) -- D:\WINDOWS\System32\drivers\SjyPkt.sys
[2010-01-15 10:46:09 | 000,000,000 | ---D | C] -- D:\Program Files\Nonbrand
[2006-12-28 09:51:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:51:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

========== Files - Modified Within 30 Days ==========

[2010-02-09 18:32:40 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-02-09 18:32:38 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-02-09 18:31:56 | 003,407,872 | -H-- | M] () -- D:\Documents and Settings\Przemek\NTUSER.DAT
[2010-02-09 18:31:52 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\Przemek\ntuser.ini
[2010-02-09 18:28:52 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010-02-09 17:22:32 | 000,091,136 | RHS- | M] () -- D:\9qqigqwf.exe
[2010-02-09 15:43:58 | 004,270,352 | -H-- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-09 13:17:44 | 000,013,824 | ---- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-09 12:52:26 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-09 12:01:38 | 000,000,133 | ---- | M] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:02 | 000,001,623 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:34:00 | 000,002,645 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-02-08 18:47:10 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-02-07 16:23:34 | 000,001,065 | ---- | M] () -- D:\WINDOWS\winamp.ini
[2010-02-06 18:48:22 | 000,000,030 | ---- | M] () -- D:\WINDOWS\TextSpy.ini
[2010-02-01 19:01:18 | 000,000,567 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 17:04:34 | 003,926,801 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:06:08 | 000,027,708 | ---- | M] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:44 | 000,001,462 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-19 15:16:04 | 000,000,498 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:10 | 000,001,703 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk

========== Files Created - No Company Name ==========

[2010-02-09 17:22:57 | 000,091,136 | RHS- | C] () -- D:\9qqigqwf.exe
[2010-02-09 12:01:36 | 000,000,133 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:00 | 000,001,623 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:33:54 | 000,478,208 | ---- | C] () -- D:\WINDOWS\System32\aswBoot.exe
[2010-02-09 11:33:54 | 000,380,928 | ---- | C] () -- D:\WINDOWS\System32\actskin4.ocx
[2010-02-01 19:01:17 | 000,000,567 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 16:56:22 | 003,926,801 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:05:34 | 000,027,708 | ---- | C] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:42 | 000,001,462 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-15 10:46:09 | 000,001,703 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
[2006-12-28 14:02:13 | 000,001,065 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2006-12-28 14:02:12 | 000,088,064 | ---- | C] () -- D:\WINDOWS\System32\AudioExCtl.dll
[2006-12-28 13:44:59 | 000,765,952 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2006-12-28 13:44:59 | 000,180,224 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2006-12-28 13:22:55 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2006-12-28 13:22:54 | 000,013,824 | ---- | C] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-12-28 12:46:22 | 000,000,030 | ---- | C] () -- D:\WINDOWS\TextSpy.ini
[2006-12-28 12:29:02 | 000,000,164 | ---- | C] () -- D:\WINDOWS\avrack.ini
[2006-12-28 12:28:58 | 000,156,672 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2006-12-28 09:28:49 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2006-12-28 09:26:40 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2006-06-01 23:10:25 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2006-06-01 23:06:32 | 000,012,288 | ---- | C] () -- D:\WINDOWS\System32\DivXWMPExtType.dll
< End of report >

[pprzem19]

jeszcze mam 2 podejrzanie pliki na dyskach tzn 9qqigqwf.exe oraz Ic.exe

[mateo8898]

Uruchom OTL w oknie Custom Scans/Fixes wklej:

:OTL

:Files
C:\9qqigqwf.exe
D:\9qqigqwf.exe
E:\9qqigqwf.exe
F:\9qqigqwf.exe
G:\9qqigqwf.exe
H:\9qqigqwf.exe
I:\9qqigqwf.exe
J:\9qqigqwf.exe
C:\Ic.exe
D:\Ic.exe
E:\Ic.exe
F:\Ic.exe
G:\Ic.exe
H:\Ic.exe
I:\Ic.exe
J:\Ic.exe

Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL

[pprzem19]

LOG Z USUWANIA

========== OTL ==========
========== FILES ==========
C:\9qqigqwf.exe moved successfully.
D:\9qqigqwf.exe moved successfully.
E:\9qqigqwf.exe moved successfully.
F:\9qqigqwf.exe moved successfully.
G:\9qqigqwf.exe moved successfully.
H:\9qqigqwf.exe moved successfully.
I:\9qqigqwf.exe moved successfully.
J:\9qqigqwf.exe moved successfully.
File\Folder C:\Ic.exe not found.
File\Folder D:\Ic.exe not found.
File\Folder E:\Ic.exe not found.
File\Folder F:\Ic.exe not found.
File\Folder G:\Ic.exe not found.
File\Folder H:\Ic.exe not found.
File\Folder I:\Ic.exe not found.
File\Folder J:\Ic.exe not found.

OTL by OldTimer - Version 3.1.28.0 log created on 02092010_203605


NOWY LOG Z OTL

OTL logfile created on: 2010-02-09 20:37:38 - Run 4
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

767,00 Mb Total Physical Memory | 492,00 Mb Available Physical Memory | 64,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): D:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 18,62 Gb Total Space | 10,67 Gb Free Space | 57,32% Space Free | Partition Type: FAT32
Drive D: | 18,60 Gb Total Space | 13,54 Gb Free Space | 72,76% Space Free | Partition Type: FAT32
Drive E: | 18,62 Gb Total Space | 17,16 Gb Free Space | 92,13% Space Free | Partition Type: FAT32
Drive F: | 18,62 Gb Total Space | 18,60 Gb Free Space | 99,91% Space Free | Partition Type: FAT32
Drive G: | 18,63 Gb Total Space | 0,41 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive H: | 18,44 Gb Total Space | 2,84 Gb Free Space | 15,43% Space Free | Partition Type: FAT32
Drive I: | 18,44 Gb Total Space | 5,71 Gb Free Space | 30,99% Space Free | Partition Type: FAT32
Drive J: | 18,99 Gb Total Space | 7,10 Gb Free Space | 37,37% Space Free | Partition Type: FAT32

Computer Name: 294E10E81B86438
Current User Name: Przemek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
PRC - [2009-12-22 18:49:58 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2006-03-02 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006-03-02 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2005-12-14 15:22:02 | 005,856,256 | ---- | M] () -- D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe
PRC - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005-12-02 14:28:54 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) -- D:\WINDOWS\system32\ati2evxx.exe
PRC - [2001-09-12 19:20:02 | 000,196,608 | ---- | M] (HP) -- D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


========== Modules (SafeList) ==========

MOD - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
MOD - [2006-08-25 16:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- D:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)


========== Driver Services (SafeList) ==========

DRV - [2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006-06-01 23:11:08 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006-03-02 12:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006-03-02 12:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-12-02 15:05:54 | 000,083,968 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2005-12-02 15:04:36 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2005-12-02 15:03:28 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2005-12-02 15:01:32 | 000,021,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-10-20 12:05:00 | 000,282,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rtl8185.sys -- (rtl8185)
DRV - [2005-08-03 16:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-07-01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-10-02 09:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2006-12-28 09:53:54 | 000,000,000 | ---D | M]

[2010-01-15 11:21:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Extensions
[2006-12-28 09:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\esbemnus.default\extensions
[2006-12-28 09:53:54 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-03-02 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk = D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-01-03 20:53:02 | 000,000,133 | ---- | M] () - C:\Autoexec.bat -- [ FAT32 ]
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\AutoRun\command - "" = L:\9fo3ar0j.exe -- File not found
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\open\Command - "" = L:\9fo3ar0j.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-02-09 18:52:29 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Przemek\Recent
[2010-02-09 18:31:36 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-02-09 11:34:00 | 000,036,176 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2010-02-09 11:34:00 | 000,016,352 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2010-02-09 11:33:59 | 000,021,840 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys
[2010-02-09 11:33:58 | 000,085,760 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon.sys
[2010-02-09 11:33:58 | 000,083,968 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys
[2010-02-09 11:33:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MFC71.dll
[2010-02-09 11:33:54 | 000,499,712 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCP71.dll
[2010-02-09 11:33:54 | 000,348,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCR71.dll
[2010-02-09 11:33:54 | 000,090,112 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\AVASTSS.scr
[2010-02-09 11:33:53 | 000,000,000 | ---D | C] -- D:\Program Files\Alwil Software
[2010-02-02 15:31:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\GTA Vice City User Files
[2010-02-02 15:24:15 | 000,000,000 | ---D | C] -- D:\Program Files\GTA Vice City
[2010-02-01 19:07:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Nowy folder
[2010-01-21 13:04:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbprint.sys
[2010-01-21 13:04:33 | 000,031,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbccgp.sys
[2010-01-20 13:04:41 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2010-01-16 13:54:59 | 000,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbstor.sys
[2010-01-15 21:05:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\cache
[2010-01-15 21:02:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-15 21:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\OpenFM
[2010-01-15 21:02:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Gadu-Gadu 10
[2010-01-15 19:17:01 | 000,000,000 | ---D | C] -- D:\Program Files\TopCD
[2010-01-15 14:28:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\AdCache
[2010-01-15 14:28:10 | 000,000,000 | ---D | C] -- D:\Program Files\FlashGet
[2010-01-15 11:39:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
[2010-01-15 11:30:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\My Games
[2010-01-15 11:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Macromedia
[2010-01-15 10:46:26 | 000,021,035 | ---- | C] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:11 | 000,282,240 | ---- | C] (Realtek Semiconductor Corporation ) -- D:\WINDOWS\System32\drivers\rtl8185.sys
[2010-01-15 10:46:11 | 000,013,532 | ---- | C] (Windows (R) 2000 DDK provider) -- D:\WINDOWS\System32\drivers\SjyPkt.sys
[2010-01-15 10:46:09 | 000,000,000 | ---D | C] -- D:\Program Files\Nonbrand
[2006-12-28 09:51:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:51:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

========== Files - Modified Within 30 Days ==========

[2010-02-09 20:34:58 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-02-09 20:34:56 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-02-09 19:16:44 | 003,407,872 | -H-- | M] () -- D:\Documents and Settings\Przemek\NTUSER.DAT
[2010-02-09 19:16:44 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\Przemek\ntuser.ini
[2010-02-09 18:58:14 | 004,798,580 | -H-- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-09 18:28:52 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010-02-09 13:17:44 | 000,013,824 | ---- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-09 12:52:26 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-09 12:01:38 | 000,000,133 | ---- | M] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:02 | 000,001,623 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:34:00 | 000,002,645 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-02-08 18:47:10 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-02-07 16:23:34 | 000,001,065 | ---- | M] () -- D:\WINDOWS\winamp.ini
[2010-02-06 18:48:22 | 000,000,030 | ---- | M] () -- D:\WINDOWS\TextSpy.ini
[2010-02-01 19:01:18 | 000,000,567 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 17:04:34 | 003,926,801 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:06:08 | 000,027,708 | ---- | M] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:44 | 000,001,462 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-19 15:16:04 | 000,000,498 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:10 | 000,001,703 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk

========== Files Created - No Company Name ==========

[2010-02-09 12:01:36 | 000,000,133 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:00 | 000,001,623 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:33:54 | 000,478,208 | ---- | C] () -- D:\WINDOWS\System32\aswBoot.exe
[2010-02-09 11:33:54 | 000,380,928 | ---- | C] () -- D:\WINDOWS\System32\actskin4.ocx
[2010-02-01 19:01:17 | 000,000,567 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 16:56:22 | 003,926,801 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:05:34 | 000,027,708 | ---- | C] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:42 | 000,001,462 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-15 10:46:09 | 000,001,703 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
[2006-12-28 14:02:13 | 000,001,065 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2006-12-28 14:02:12 | 000,088,064 | ---- | C] () -- D:\WINDOWS\System32\AudioExCtl.dll
[2006-12-28 13:44:59 | 000,765,952 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2006-12-28 13:44:59 | 000,180,224 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2006-12-28 13:22:55 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2006-12-28 13:22:54 | 000,013,824 | ---- | C] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-12-28 12:46:22 | 000,000,030 | ---- | C] () -- D:\WINDOWS\TextSpy.ini
[2006-12-28 12:29:02 | 000,000,164 | ---- | C] () -- D:\WINDOWS\avrack.ini
[2006-12-28 12:28:58 | 000,156,672 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2006-12-28 09:28:49 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2006-12-28 09:26:40 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2006-06-01 23:10:25 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2006-06-01 23:06:32 | 000,012,288 | ---- | C] () -- D:\WINDOWS\System32\DivXWMPExtType.dll
< End of report >

[mateo8898]

Uruchom OTL w oknie Custom Scans/Fixes wklej:

:OTL
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\AutoRun\command - "" = L:\9fo3ar0j.exe -- File not found
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\open\Command - "" = L:\9fo3ar0j.exe -- File not found

Klikasz Run Fix. Następnie:

W OTL kliknij CleanUp

Przeczyść dysk oraz rejestr CCleaner

Wyłącz i włącz przywracanie systemu na wszystkich dyskach [url=http://support.microsoft.com/kb/310405/pll/]Instrukcja[/url]

Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport

[pprzem19]

log z Malwarebytes' Anti-Malware

http://www.wklej.eu/index.php?id=09b8030646

[mateo8898]

Ok, opróżnij jeszcze kwarantannę Malwarebytes.