UKASH - Komputer zablokowany

[Wiko]

Witam!

Mam ten sam problem co spora ilość użytkowników. Starałem się przeczytać wszelkie możliwe informacje na temat usuwania tego wirusa WEELSOF. Przyznaję się, że użyłem ComboFixa - oczywiście bezskutecznie. Właściwie proszę mi wybaczyć błędy ale jestem po 50- tce ( chodzi o wiek a nie procenty) i nie zabardzo radzę sobie jeszcze z komputerem. Logi z tego ComboFixa wcześniej usunąłem. Starałem się pousuwać wszystkie zbędne programy. Jeżeli popełniłem jakieś błędy to proszę o wybaczenie i o pomoc

Chciałem dodać, że mój system to XP Home

Jeszcze trochę poGMERałem i podłączam następny plik.

Pozdrawiam

OTL.Txt

Extras.Txt

Gmer.txt.txt

Edytowane 25 Lipca 2012 przez Wiko

[picasso]

1. Uruchom OTL i w sekcji Własne opcje skanowania / skrypt wklej:

 

:OTL
O4 - HKLM..\Run: [WWanAPI] C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\1308\WWanAPI.exe ()
 
:Files
C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\1308
C:\Documents and Settings\wiktorek\Dane aplikacji\hellomoto
C:\Program Files\mozilla firefox\searchplugins\v9.xml
 
:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=-
"Start Page"="about:blank"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"="about:blank"
 
:Commands
[emptytemp]

 

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

 

Klik w Wykonaj skrypt. System zostanie zrestartowany (i odblokowany), otworzy się log z wynikami usuwania.

 

2. Od razu przez Panel sterowania odinstaluj archaiczny program Spybot - Search & Destroy 1.4.

 

3. Zrób nowy log OTL z opcji Skanuj (już bez Extras). Dołącz log z usuwania OTL z punktu 1.

 

 

 

.

 

[Wiko]

Program Spybot - Search & Destroy 1.4 odinstalowałem

Niestety mo mogę dodać plików z logami.

1. log z usuwania - komunikat, że nie mam uprawnień do wysyłania tego typu plików - skopiowałem i wkleiłem poniżej:

 

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WWanAPI deleted successfully.

C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\1308\WWanAPI.exe moved successfully.

========== FILES ==========

C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\1308 folder moved successfully.

C:\Documents and Settings\wiktorek\Dane aplikacji\hellomoto folder moved successfully.

C:\Program Files\mozilla firefox\searchplugins\v9.xml moved successfully.

========== REGISTRY ==========

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully!

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 942922 bytes

->FireFox cache emptied: 67600961 bytes

->Flash cache emptied: 670 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: wiktorek

->Temp folder emptied: 815140 bytes

->Temporary Internet Files folder emptied: 33237 bytes

->FireFox cache emptied: 106502777 bytes

->Flash cache emptied: 1324 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 2238838 bytes

%systemroot%\System32 .tmp files removed: 2596 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 32768 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 170,00 mb

 

 

OTL by OldTimer - Version 3.2.54.1 log created on 07262012_075325

 

Files\Folders moved on Reboot...

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

 

 

2. log OTL z ponownego skanowania - nie widać go w opcji "dodaj pliki" w miejscu zapisania - skopiowałem i wkleiłem

 

OTL logfile created on: 2012-07-26 08:12:54 - Run 2

OTL by OldTimer - Version 3.2.54.1 Folder = C:\Documents and Settings\wiktorek\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 74,16% Memory free

3,85 Gb Paging File | 3,36 Gb Available in Paging File | 87,38% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 19,53 Gb Total Space | 9,48 Gb Free Space | 48,52% Space Free | Partition Type: NTFS

Drive D: | 53,71 Gb Total Space | 46,14 Gb Free Space | 85,89% Space Free | Partition Type: NTFS

Drive E: | 75,79 Gb Total Space | 14,55 Gb Free Space | 19,19% Space Free | Partition Type: NTFS

 

Computer Name: WIKO | User Name: wiktorek | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012-07-25 18:01:36 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\wiktorek\Pulpit\OTL.exe

PRC - [2012-07-19 12:35:57 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2012-07-04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe

PRC - [2012-06-13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe

PRC - [2012-06-13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe

PRC - [2012-05-27 17:58:11 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- D:\Programy\u Torrent\uTorrent.exe

PRC - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2012-04-05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe

PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

PRC - [2012-03-19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe

PRC - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe

PRC - [2012-02-14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe

PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC7302\Monitor.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012-07-19 12:35:53 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2012-05-15 12:18:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll

MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL

MOD - [2005-10-07 15:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2012-07-19 12:35:55 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012-07-04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2012-05-27 12:12:54 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012-05-27 11:29:16 | 000,016,376 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)

DRV - [2012-04-19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)

DRV - [2012-04-18 19:08:05 | 000,123,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)

DRV - [2012-03-19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2012-02-22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2012-01-31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)

DRV - [2011-12-23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2011-12-23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)

DRV - [2011-12-23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)

DRV - [2011-12-23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)

DRV - [2007-11-08 10:29:52 | 000,458,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)

DRV - [2007-09-19 15:44:46 | 000,101,504 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2007-09-19 11:16:32 | 004,617,728 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2004-06-10 01:42:38 | 000,015,429 | R--- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

 

 

 

 

 

 

IE - HKU\S-1-5-21-790525478-1614895754-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-790525478-1614895754-682003330-1004\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}

IE - HKU\S-1-5-21-790525478-1614895754-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC

IE - HKU\S-1-5-21-790525478-1614895754-682003330-1004\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.co...q={searchTerms}

IE - HKU\S-1-5-21-790525478-1614895754-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Google "

FF - prefs.js..browser.search.order.1: "Google "

FF - prefs.js..browser.search.selectedEngine: "Google "

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-07-17 08:30:47 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012-07-03 09:49:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-19 12:35:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

 

[2012-05-27 10:47:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\wiktorek\Dane aplikacji\Mozilla\Extensions

[2012-05-27 11:20:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\wiktorek\Dane aplikacji\Mozilla\Firefox\Profiles\ym49uiux.defaultextensions

[2012-05-28 11:28:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\wiktorek\Dane aplikacji\Mozilla\Firefox\Profiles\ym49uiux.default\extensions

[2012-05-27 09:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012-07-19 12:35:57 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012-06-12 20:27:35 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2012-06-12 20:27:35 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2012-06-12 20:27:35 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2012-06-12 20:27:35 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2012-06-12 20:27:35 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2012-06-12 20:27:35 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

 

O1 HOSTS File: ([2012-07-25 16:33:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()

O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)

O4 - HKU\S-1-5-21-790525478-1614895754-682003330-1004..\Run: [uTorrent] D:\Programy\u Torrent\uTorrent.exe (BitTorrent, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-790525478-1614895754-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-790525478-1614895754-682003330-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0440224D-07CB-47BD-A130-989EE83F5392}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012-05-27 08:49:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012-07-26 08:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Pulpit\OTL

[2012-07-26 07:53:25 | 000,000,000 | ---D | C] -- C:\_OTL

[2012-07-25 18:07:39 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\wiktorek\Pulpit\OTL.exe

[2012-07-25 17:40:00 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012-07-25 16:34:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2012-07-25 16:26:57 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012-07-25 16:26:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo

[2012-07-25 16:26:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt

[2012-07-24 09:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Moje dokumenty\Hard Reset

[2012-07-24 09:17:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Flying Wild Hog

[2012-07-17 17:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Moje dokumenty\DeepBlackReloaded

[2012-07-17 17:54:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll

[2012-07-17 17:54:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll

[2012-07-17 17:54:08 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll

[2012-07-17 17:54:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll

[2012-07-17 17:54:07 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll

[2012-07-17 17:54:06 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll

[2012-07-17 17:54:05 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll

[2012-07-17 17:54:04 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll

[2012-07-17 17:54:02 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll

[2012-07-17 17:54:02 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll

[2012-07-17 17:54:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll

[2012-07-17 17:54:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll

[2012-07-17 17:53:59 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll

[2012-07-17 17:53:58 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll

[2012-07-17 17:53:57 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll

[2012-07-17 17:53:53 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll

[2012-07-17 17:53:52 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll

[2012-07-17 17:53:51 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll

[2012-07-17 17:53:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll

[2012-07-17 17:53:49 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll

[2012-07-17 17:53:47 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll

[2012-07-17 17:53:47 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll

[2012-07-17 17:53:46 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll

[2012-07-17 17:53:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll

[2012-07-17 17:53:44 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll

[2012-07-17 17:53:44 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll

[2012-07-17 17:53:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll

[2012-07-17 17:53:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll

[2012-07-17 17:53:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll

[2012-07-17 17:53:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll

[2012-07-17 17:53:40 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll

[2012-07-17 17:53:37 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll

[2012-07-17 17:53:37 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll

[2012-07-17 08:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG

[2012-07-16 17:26:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll

[2012-07-16 17:26:18 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll

[2012-07-16 17:26:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll

[2012-07-16 12:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\My Games

[2012-07-16 12:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Menu Start\Programy\Ubisoft

[2012-07-16 12:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft

[2012-07-15 17:34:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\wiktorek\Dane aplikacji\SecuROM

[2012-07-15 16:51:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Moje dokumenty\My Games

[2012-07-15 16:36:04 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll

[2012-07-15 16:36:04 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll

[2012-07-15 16:36:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll

[2012-07-15 16:36:01 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll

[2012-07-15 16:35:59 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll

[2012-07-15 16:35:59 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll

[2012-07-15 16:35:57 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll

[2012-07-15 16:35:56 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll

[2012-07-15 16:35:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll

[2012-07-15 16:35:54 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll

[2012-07-15 16:35:52 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll

[2012-07-15 16:35:52 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll

[2012-07-15 16:35:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll

[2012-07-15 16:35:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll

[2012-07-15 16:35:46 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll

[2012-07-15 16:35:46 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll

[2012-07-15 16:35:42 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll

[2012-07-11 21:56:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2012-07-10 10:24:58 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll

[2012-07-01 14:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Pulpit\Ślub Ani i Rafała

[2012-06-28 16:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\dxhr

[2012-06-28 16:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\28050

 

========== Files - Modified Within 30 Days ==========

 

[2012-07-26 08:00:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-07-26 07:59:47 | 102,174,216 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm

[2012-07-26 07:49:47 | 000,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-07-25 19:02:54 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\wiktorek\Pulpit\6drg1dsr.exe

[2012-07-25 18:01:36 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\wiktorek\Pulpit\OTL.exe

[2012-07-25 17:56:15 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-07-25 16:50:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012-07-25 16:33:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2012-07-25 14:44:08 | 000,554,468 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2012-07-25 14:44:08 | 000,492,750 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012-07-25 14:44:08 | 000,104,156 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2012-07-25 14:44:08 | 000,083,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012-07-24 09:17:32 | 000,000,536 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hard Reset.lnk

[2012-07-17 17:47:38 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-07-16 12:14:42 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\wiktorek\Pulpit\Skrót do FarCry2.lnk

[2012-07-12 18:47:09 | 000,165,402 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm

[2012-07-10 10:24:58 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll

[2012-07-04 10:01:22 | 000,023,713 | ---- | M] () -- C:\Documents and Settings\wiktorek\Pulpit\Trzaskać.odt

 

========== Files Created - No Company Name ==========

 

[2012-07-26 07:49:47 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-07-25 19:04:29 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\wiktorek\Pulpit\6drg1dsr.exe

[2012-07-24 09:17:32 | 000,000,536 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hard Reset.lnk

[2012-07-16 12:14:42 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\wiktorek\Pulpit\Skrót do FarCry2.lnk

[2012-06-18 15:42:08 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2012-06-06 13:53:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012-05-29 09:17:38 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat

[2012-05-29 09:17:38 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat

[2012-05-29 09:17:38 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat

[2012-05-29 09:17:38 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat

[2012-05-29 09:17:38 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat

[2012-05-29 09:17:38 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat

[2012-05-29 09:17:38 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat

[2012-05-29 09:17:38 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat

[2012-05-29 09:17:38 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat

[2012-05-29 09:17:38 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat

[2012-05-29 09:17:38 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat

[2012-05-29 09:17:38 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat

[2012-05-29 09:17:38 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat

[2012-05-29 09:17:38 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat

[2012-05-29 09:17:38 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat

[2012-05-29 09:17:38 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat

[2012-05-29 09:17:38 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat

[2012-05-29 09:17:38 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat

[2012-05-29 09:17:38 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini

[2012-05-27 14:39:17 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012-05-27 14:39:17 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012-05-27 14:39:17 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012-05-27 14:37:37 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2012-05-27 11:52:41 | 000,000,323 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini

[2012-05-27 11:52:38 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.INI

[2012-05-27 10:39:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-05-27 10:33:09 | 000,135,168 | R--- | C] () -- C:\WINDOWS\UNDPX2A.exe

[2012-05-27 10:33:09 | 000,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys

[2012-05-27 10:33:08 | 000,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys

[2012-05-27 10:32:50 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2012-05-27 10:13:56 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2012-05-27 09:50:00 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\wiktorek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-05-27 08:52:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012-05-27 08:44:38 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

 

========== LOP Check ==========

 

[2012-07-25 16:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ArcaVirMicroScan

[2012-05-27 09:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012

[2012-05-27 09:16:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files

[2012-05-30 09:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2012-05-29 09:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON

[2012-07-01 13:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla

[2012-07-26 08:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData

[2012-05-27 12:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM

[2012-05-29 09:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL

[2012-05-27 09:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wiktorek\Dane aplikacji\AVG2012

[2012-07-25 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wiktorek\Dane aplikacji\DAEMON Tools Lite

[2012-05-29 10:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wiktorek\Dane aplikacji\EPSON

[2012-07-12 16:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wiktorek\Dane aplikacji\ipla

[2012-06-08 15:21:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wiktorek\Dane aplikacji\OpenOffice.org

[2012-05-27 15:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wiktorek\Dane aplikacji\Oracle

[2012-07-26 08:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wiktorek\Dane aplikacji\uTorrent

 

========== Purity Check ==========

 

 

 

< End of report >

[picasso]

Wszystko zrobione i kończymy sprawę:

 

1. W OTL uruchom Sprzątanie, które skasuje z dysku OTL wraz z kwarantanną. Przez SHIFT+DEL skasuj te foldery:

 

C:\WINDOWS\erdnt

C:\Documents and Settings\Administrator\Dane aplikacji\ArcaVirMicroScan

 

2. Wyczyść foldery Przywracania systemu: KLIK.

 

3. Na wszelki wypadek zrób jeszcze skanowanie w Malwarebytes Anti-Malware. Przedstaw jeśli coś wykryje.

 

4. Podstawowe aktualizacje: KLIK. A konkretnie chodzi o te pozycje z Twojej listy zainstalowanych:

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{31BFEC6C-1F27-45B5-839C-BCBAE327993A}" = OpenOffice.org 3.0
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

 

 

.

[Wiko]

Dziękuję za pomoc

1 sprzątanie zrobione i foldery usunięte

2 foldery przywracania systemu wyczyszczone

3 skan zrobiony nic nie wykrył

4 Java uaktualniona

5. Open Office - komunikat, że nie udało się sprawdzić aktualizacji

6. Adobe Reader - komunikat, że brak aktualizacji

7 Adobe Flash Player - uaktualniony

Jeszcze raz dziękuję za pomoc

[picasso]

5. Open Office - komunikat, że nie udało się sprawdzić aktualizacji

 

To ich nie sprawdzaj. Po prostu pobierz najnowszy instalator i nadpisz wersję bieżącą.

 

 

6. Adobe Reader - komunikat, że brak aktualizacji

 

Podałam jaką wersję masz w systemie, porównaj jaka jest najnowsza w tamtym temacie podana. Tak, brak komunikatu o dostępności aktualizacji, bo dziewiątka nie zawiadamia wcale o dziesiątce, to jest kwestia zbyt dużego przeskoku między edycjami i są zwroty tylko na temat starej gałęzi 9. Należy całkowicie odinstalować bieżący Adobe Reader i nałożyć najnowszą wersję X.

 

 

.

[Wiko]

O ja głupi

Już pobieram i instaluję

Dziękuję