This site uses cookies for content and advertising personalization, and to analyze traffic. Learn more about cookies in our privacy policy.
I Agree

OTL.Txt

Windows XP - spowolnienie komputera i internetu

Witam serdecznie. Od pewnego czasu mój laptop bardzo wolno pracuje, często strony w internecie otwierają się w nieskończoność, czasem się zawieszają. Systematycznie skanuje i czyszcze system (Malwarebytes Anti-Malware, CCleaner, odkurzacz, Wise Registry Cleaner)


??OTL logfile created on: 14-02-25 20:13:35 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Moje dokumenty\Downloads

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yy-MM-dd



1021,98 Mb Total Physical Memory | 478,61 Mb Available Physical Memory | 46,83% Memory free

2,40 Gb Paging File | 2,01 Gb Available in Paging File | 83,56% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]



%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 53,71 Gb Total Space | 19,30 Gb Free Space | 35,93% Space Free | Partition Type: NTFS

Drive D: | 58,07 Gb Total Space | 11,46 Gb Free Space | 19,73% Space Free | Partition Type: NTFS

Drive F: | 33,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS



Computer Name: USER-44FC016575 | User Name: user | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days



[color=#E56717]========== Processes (SafeList) ==========[/color]



PRC - [2014-02-24 23:16:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\Downloads\OTL.exe

PRC - [2013-12-18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2013-10-29 19:41:33 | 000,514,048 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe

PRC - [2013-10-29 19:41:05 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe

PRC - [2013-08-27 15:57:34 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2013-08-14 14:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012-07-09 01:32:36 | 005,834,240 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\aero2-bdi_ustawienia_top-netinfo\top_netinfo.exe

PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe

PRC - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe





[color=#E56717]========== Modules (No Company Name) ==========[/color]



MOD - [2013-12-18 19:43:08 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL

MOD - [2013-10-29 19:41:33 | 000,514,048 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe

MOD - [2013-10-29 19:41:15 | 000,190,464 | ---- | M] () -- C:\Program Files\PLAY ONLINE\XFramePlugin.dll

MOD - [2013-10-29 19:41:15 | 000,159,232 | ---- | M] () -- C:\Program Files\PLAY ONLINE\XCodec.dll

MOD - [2013-10-29 19:41:15 | 000,106,496 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Win7Support.dll

MOD - [2013-10-29 19:41:14 | 000,808,960 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SMSUIPlugin.dll

MOD - [2013-10-29 19:41:14 | 000,384,512 | ---- | M] () -- C:\Program Files\PLAY ONLINE\USSDUIPlugin.dll

MOD - [2013-10-29 19:41:14 | 000,310,272 | ---- | M] () -- C:\Program Files\PLAY ONLINE\StatusBarMgrPlugin.dll

MOD - [2013-10-29 19:41:14 | 000,240,128 | ---- | M] () -- C:\Program Files\PLAY ONLINE\ToolBarMgrPlugin.dll

MOD - [2013-10-29 19:41:14 | 000,217,600 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SmsSrvPlugin.dll

MOD - [2013-10-29 19:41:14 | 000,156,672 | ---- | M] () -- C:\Program Files\PLAY ONLINE\STKSrvPlugin.dll

MOD - [2013-10-29 19:41:14 | 000,142,336 | ---- | M] () -- C:\Program Files\PLAY ONLINE\USSDSrvPlugin.dll

MOD - [2013-10-29 19:41:14 | 000,135,168 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Trace.dll

MOD - [2013-10-29 19:41:13 | 001,148,416 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtNetwork4.dll

MOD - [2013-10-29 19:41:13 | 000,670,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SmsAppPlugin.dll

MOD - [2013-10-29 19:41:13 | 000,261,632 | ---- | M] () -- C:\Program Files\PLAY ONLINE\sdk.dll

MOD - [2013-10-29 19:41:12 | 009,515,520 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtGui4.dll

MOD - [2013-10-29 19:41:12 | 000,370,176 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qtiff4.dll

MOD - [2013-10-29 19:41:10 | 002,415,104 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtCore4.dll

MOD - [2013-10-29 19:41:10 | 000,381,952 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Proxy.dll

MOD - [2013-10-29 19:41:10 | 000,350,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qmng4.dll

MOD - [2013-10-29 19:41:10 | 000,192,000 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qjpeg4.dll

MOD - [2013-10-29 19:41:10 | 000,082,944 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qgif4.dll

MOD - [2013-10-29 19:41:10 | 000,081,920 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qico4.dll

MOD - [2013-10-29 19:41:09 | 000,545,280 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PluginContainer.dll

MOD - [2013-10-29 19:41:09 | 000,483,328 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetInfoUIExPlugin.dll

MOD - [2013-10-29 19:41:09 | 000,333,312 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetConnectPlugin.dll

MOD - [2013-10-29 19:41:09 | 000,278,528 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetInfoSrvPlugin.dll

MOD - [2013-10-29 19:41:09 | 000,235,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetSrvPlugin.dll

MOD - [2013-10-29 19:41:09 | 000,158,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetConnectSrvPlugin.dll

MOD - [2013-10-29 19:41:09 | 000,133,120 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSDialup.dll

MOD - [2013-10-29 19:41:09 | 000,131,072 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSNDIS.dll

MOD - [2013-10-29 19:41:09 | 000,101,376 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSAdapt.dll

MOD - [2013-10-29 19:41:09 | 000,093,184 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NotifyServicePlugin.dll

MOD - [2013-10-29 19:41:09 | 000,065,536 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSPowerMgr.dll

MOD - [2013-10-29 19:41:09 | 000,062,976 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSCall.dll

MOD - [2013-10-29 19:41:08 | 001,101,824 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NDISAPI.dll

MOD - [2013-10-29 19:41:08 | 000,334,848 | ---- | M] () -- C:\Program Files\PLAY ONLINE\MainpagePlugin.dll

MOD - [2013-10-29 19:41:08 | 000,269,824 | ---- | M] () -- C:\Program Files\PLAY ONLINE\LiveUpdateInterface.dll

MOD - [2013-10-29 19:41:08 | 000,249,344 | ---- | M] () -- C:\Program Files\PLAY ONLINE\MenuMgrPlugin.dll

MOD - [2013-10-29 19:41:08 | 000,180,224 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NDISPlugin.dll

MOD - [2013-10-29 19:41:08 | 000,118,272 | ---- | M] () -- C:\Program Files\PLAY ONLINE\LayoutPlugin.dll

MOD - [2013-10-29 19:41:08 | 000,043,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\libgcc_s_dw2-1.dll

MOD - [2013-10-29 19:41:08 | 000,011,362 | ---- | M] () -- C:\Program Files\PLAY ONLINE\mingwm10.dll

MOD - [2013-10-29 19:41:07 | 000,495,104 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceMgrUIPlugin.dll

MOD - [2013-10-29 19:41:07 | 000,428,032 | ---- | M] () -- C:\Program Files\PLAY ONLINE\core.dll

MOD - [2013-10-29 19:41:07 | 000,427,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DialupUIPlugin.dll

MOD - [2013-10-29 19:41:07 | 000,338,432 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceAppPlugin.dll

MOD - [2013-10-29 19:41:07 | 000,301,056 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceSrvPlugin.dll

MOD - [2013-10-29 19:41:07 | 000,218,112 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Common.dll

MOD - [2013-10-29 19:41:07 | 000,211,968 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DialUpPlugin.dll

MOD - [2013-10-29 19:41:07 | 000,157,184 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DataServicePlugin.dll

MOD - [2013-10-29 19:41:06 | 001,077,248 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookPlugin.dll

MOD - [2013-10-29 19:41:06 | 000,739,328 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookUIPlugin.dll

MOD - [2013-10-29 19:41:06 | 000,550,400 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallAppPlugin.dll

MOD - [2013-10-29 19:41:06 | 000,547,840 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallLogSrvPlugin.dll

MOD - [2013-10-29 19:41:06 | 000,264,704 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookSrvPlugin.dll

MOD - [2013-10-29 19:41:06 | 000,238,080 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AtCodec.dll

MOD - [2013-10-29 19:41:06 | 000,176,128 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallSrvPlugin.dll

MOD - [2013-10-29 19:41:06 | 000,123,392 | ---- | M] () -- C:\Program Files\PLAY ONLINE\ATR2SMgr.dll

MOD - [2013-10-29 19:41:05 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe

MOD - [2013-10-15 13:44:12 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll

MOD - [2013-10-15 13:44:12 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtXml4.dll

MOD - [2013-10-15 13:44:12 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll

MOD - [2013-10-15 13:44:09 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtCore4.dll

MOD - [2013-10-15 13:44:08 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\mingwm10.dll

MOD - [2013-10-15 13:44:07 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll

MOD - [2013-08-14 14:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

MOD - [2012-07-09 01:32:36 | 005,834,240 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\aero2-bdi_ustawienia_top-netinfo\top_netinfo.exe

MOD - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe

MOD - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe





[color=#E56717]========== Services (SafeList) ==========[/color]



SRV - File not found [Auto | Stopped] -- C:\Program Files\FindRight\updateFindRight.exe -- (Update FindRight)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2014-02-22 23:33:18 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013-12-18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2013-10-29 19:41:05 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)

SRV - [2013-08-27 15:57:34 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2013-08-14 14:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)

SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012-07-17 14:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)

SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)

SRV - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)

SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)

SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)

SRV - [2009-01-21 14:08:06 | 001,095,560 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)

SRV - [2009-01-07 13:40:56 | 000,348,752 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)

SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)





[color=#E56717]========== Driver Services (SafeList) ==========[/color]



DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2013-10-29 19:41:16 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV - [2013-10-29 19:41:16 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)

DRV - [2013-10-29 19:41:16 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV - [2013-10-29 19:41:16 | 000,067,584 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)

DRV - [2013-10-29 19:41:16 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)

DRV - [2013-10-29 19:41:16 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)

DRV - [2013-10-29 19:41:15 | 000,199,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)

DRV - [2013-04-04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2013-02-21 22:02:33 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2013-02-17 09:10:32 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2011-06-02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)

DRV - [2010-09-11 19:33:47 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)

DRV - [2010-09-11 19:33:46 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2009-11-16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)

DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)

DRV - [2009-11-12 14:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009-03-19 09:40:10 | 000,009,216 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)

DRV - [2009-03-06 16:45:06 | 000,130,424 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)

DRV - [2009-02-10 17:23:02 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ISODrive.sys -- (ISODrive)

DRV - [2008-11-17 15:23:16 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)

DRV - [2008-04-13 18:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - [2007-11-29 10:39:52 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2007-11-29 10:39:42 | 000,016,896 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2007-11-29 10:39:42 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2007-11-29 10:39:40 | 000,019,328 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2007-09-17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2007-06-18 15:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2007-05-04 14:14:52 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32)

DRV - [2006-08-29 13:12:28 | 000,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2006-08-29 13:11:08 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)

DRV - [2006-08-29 13:10:56 | 000,728,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2006-07-27 13:44:42 | 000,581,632 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)

DRV - [2006-07-05 13:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01a.sys -- (sfdrv01a)

DRV - [2006-06-14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)

DRV - [2005-12-22 17:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2005-11-16 20:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2005-11-01 18:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2004-08-03 21:32:24 | 000,010,880 | ---- | M] (Aureal, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\admjoy.sys -- (admjoy)

DRV - [2002-01-12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk)

DRV - [2001-08-17 20:49:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb)





[color=#E56717]========== Standard Registry (SafeList) ==========[/color]





[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: " URL " = http://www.google.com/search?q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & sourceid=ie7



IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}

IE - HKCU\..\SearchScopes\${searchCLSID}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: " URL " = http://www.google.com/search?q={searchTerms}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IE8SRC

IE - HKCU\..\SearchScopes\{2D1F0AD8-41FA-4778-8303-DFC930DFE114}: " URL " = http://www.idg.pl?q={searchTerms}

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: " URL " = http://www.bing.com/search?FORM=UP62DF & PC=UP62 & q={searchTerms} & src=IE-SearchBox

IE - HKCU\..\SearchScopes\{7E980EF8-2B55-4B97-BE52-E7AF943BDF80}: " URL " = http://www.google.pl/search?q={searchTerms} & rls=com.microsoft:{language} & ie={inputEncoding} & oe={outputEncoding} & startIndex={startIndex?} & startPage={startPage} & rlz=1I7PRFA_pl

IE - HKCU\..\SearchScopes\{B4574688-64A0-42C5-A086-F9D853635EEE}: " URL " = http://www.idg.pl?q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0





[color=#E56717]========== FireFox ==========[/color]



FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: File not found



FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-09-07 10:36:36 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-02-16 09:02:42 | 000,000,000 | ---D | M]



[2013-08-10 21:51:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions

[2011-12-26 14:12:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com

[2013-04-23 21:07:26 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com

[2013-09-17 22:30:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\extensions

[2013-06-26 18:40:28 | 000,228,503 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\extensions\ftd@ftd.com.xpi

[2013-08-08 13:07:04 | 000,249,988 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi

[2013-08-13 21:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions



[color=#E56717]========== Chrome ==========[/color]



CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms} & {google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient} & gs_ri={google:suggestRid} & xssi=t & q={searchTerms} & {google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - plugin: Error reading preferences file

CHR - Extension: Dokumenty Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Dysk Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Szukaj w Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: RealDownloader = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_1\

CHR - Extension: Google Wallet = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: Gmail = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\



O1 HOSTS File: ([2014-01-06 23:16:43 | 000,000,029 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {53504356-3700-A76A-76A7-7A786E7484D7} - No CLSID value found.

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe ()

O4 - Startup: C:\Documents and Settings\user\Menu Start\Programy\Autostart\top_netinfo.lnk = C:\Documents and Settings\user\Moje dokumenty\aero2-bdi_ustawienia_top-netinfo\top_netinfo.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRealMode = 0

O8 - Extra context menu item: Pobierz plik wideo w FDM - C:\Program Files\Free Download Manager\dlfvideo.htm ()

O8 - Extra context menu item: Pobierz w FDM - C:\Program Files\Free Download Manager\dllink.htm ()

O8 - Extra context menu item: Pobierz wszystkie pliki w FDM - C:\Program Files\Free Download Manager\dlall.htm ()

O8 - Extra context menu item: Pobierz zaznaczone pliki w FDM - C:\Program Files\Free Download Manager\dlselected.htm ()

O15 - HKCU\..Trusted Domains: chomikuj.pl ([]http in Zaufane witryny)

O15 - HKCU\..Trusted Domains: doakcji.pl ([www] http in Zaufane witryny)

O15 - HKCU\..Trusted Domains: doakcji.pl ([www] https in Zaufane witryny)

O15 - HKCU\..Trusted Domains: mks.com.pl ([]http in Zaufane witryny)

O15 - HKCU\..Trusted Domains: mks.com.pl ([]https in Zaufane witryny)

O15 - HKCU\..Trusted Domains: mks.com.pl ([www] https in Zaufane witryny)

O15 - HKCU\..Trusted Domains: pps.tv ([]http in Zaufane witryny)

O15 - HKCU\..Trusted Domains: ppstream.com ([]http in Zaufane witryny)

O15 - HKCU\..Trusted Domains: webscache.com ([]http in Zaufane witryny)

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342591411656 (MUWebControl Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34C28612-2A04-4BFA-B77E-286F4E805AC5}: NameServer = 193.41.112.14 193.41.112.18

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bie|ca strona gBówna) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-01-26 12:14:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2013-09-14 06:50:49 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2012-12-16 15:16:05 | 000,000,000 | ---D | M] - D:\Automapy -- [ NTFS ]

O32 - AutoRun File - [2013-09-14 19:19:56 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2011-03-15 08:27:22 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]

O32 - AutoRun File - [2008-10-11 10:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- " %1 " %*

O35 - HKLM\..exefile [open] -- " %1 " %*

O35 - HKCU\..exefile [open] -- " %1 " %*

O37 - HKLM\...com [@ = comfile] -- " %1 " %*

O37 - HKLM\...exe [@ = exefile] -- " %1 " %*

O37 - HKCU\...exe [@ = exefile] -- " %1 " %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)



[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]



[2014-02-25 20:09:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent

[2014-02-23 17:32:00 | 000,000,000 | ---D | C] -- C:\Program Files\FindRight

[2014-02-22 16:46:29 | 000,000,000 | ---D | C] -- C:\FRST

[2014-02-22 07:50:43 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\GG dysk

[2014-02-22 07:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\GG

[2014-02-22 07:48:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG

[2014-02-21 16:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES

[2014-02-21 16:16:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Start\Programy\Medal of Honor

[2014-02-21 16:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Honor_pol

[2014-02-21 15:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Help

[2014-02-21 15:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Help

[2014-02-21 15:30:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Medal of Honor Breakthrough

[2014-02-20 19:07:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\ESET

[2014-02-20 16:52:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\WiseUpdate

[2014-02-18 16:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Nowy folder

[2014-02-16 09:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESET

[2014-02-16 09:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2014-02-16 09:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET

[2014-02-13 10:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Start\Programy\HiJackThis

[2014-02-03 22:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Start\Programy\Call of Duty

[2014-02-03 22:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Lavasoft

[2014-02-03 22:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\GetRightToGo

[2014-02-03 22:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\FlashgetSetup

[2014-02-03 22:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\EurekaLog

[2014-02-03 22:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Start\Programy\Internet Download Manager

[2014-02-03 22:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager

[2014-02-03 22:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\IDM

[2014-02-03 22:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager

[2014-02-03 19:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Call of Duty

[2014-02-03 15:31:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Conceiva

[2014-02-03 15:30:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Conceiva

[2014-02-03 15:30:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DownloadStudio

[2014-02-03 09:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\JDownloader 0.9

[2014-02-03 08:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network

[2012-02-17 21:27:22 | 002,447,264 | ---- | C] (DownVision ) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\setup.exe

[2011-10-06 08:54:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\user\Dane aplikacji\pcouffin.sys

[5 C:\WINDOWS\System32\*.tmp files - & gt; C:\WINDOWS\System32\*.tmp - & gt; ]

[1 C:\WINDOWS\*.tmp files - & gt; C:\WINDOWS\*.tmp - & gt; ]



[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]



[2014-02-25 20:11:07 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2014-02-25 20:11:06 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1085031214-448539723-725345543-1004.job

[2014-02-25 20:10:46 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat

[2014-02-25 19:51:58 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\user\Menu Start\Programy\Autostart\top_netinfo.lnk

[2014-02-24 22:28:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2014-02-24 22:18:51 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{186F4F36-81FC-4821-9E1C-8270FB993C2F}.job

[2014-02-24 21:59:53 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2014-02-23 22:13:33 | 000,038,921 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\4476681783.jpeg

[2014-02-23 18:09:46 | 002,296,910 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\AutoRuns.arn

[2014-02-23 08:02:54 | 000,000,339 | -HS- | M] () -- C:\boot.ini

[2014-02-22 23:33:15 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2014-02-22 23:33:15 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2014-02-21 16:53:22 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Medal of Honor Allied Assault(tm) Breakthrough.lnk

[2014-02-21 16:25:27 | 000,001,408 | ---- | M] () -- C:\WINDOWS\eReg.dat

[2014-02-21 08:09:55 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Skrót do chomikbox.lnk

[2014-02-20 17:16:39 | 013,107,200 | ---- | M] () -- C:\Documents and Settings\user\ntuser.bak

[2014-02-19 11:47:24 | 000,013,888 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ISO1.nri

[2014-02-17 20:01:01 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2014-02-16 13:54:49 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1085031214-448539723-725345543-1004.job

[2014-02-15 15:22:13 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1085031214-448539723-725345543-1004.job

[2014-02-15 15:22:10 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1085031214-448539723-725345543-1004.job

[2014-02-14 09:47:18 | 000,566,006 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2014-02-14 09:47:18 | 000,503,182 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2014-02-14 09:47:18 | 000,111,418 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2014-02-14 09:47:18 | 000,089,088 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2014-02-13 07:37:49 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2014-02-13 07:37:47 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2014-02-12 10:40:48 | 000,179,712 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2014-02-06 04:38:34 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll

[2014-02-06 00:08:32 | 006,021,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2014-02-06 00:08:32 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll

[2014-02-06 00:08:32 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll

[2014-02-06 00:08:32 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll

[2014-02-06 00:08:32 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll

[2014-02-06 00:08:32 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll

[2014-02-06 00:08:32 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll

[2014-02-06 00:08:32 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll

[2014-02-06 00:08:32 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll

[2014-02-06 00:08:32 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll

[2014-02-06 00:08:32 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll

[2014-02-06 00:08:31 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll

[2014-02-06 00:08:31 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll

[2014-02-06 00:08:31 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl

[2014-02-06 00:08:31 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl

[2014-02-06 00:08:31 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll

[2014-02-06 00:08:31 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll

[2014-02-06 00:08:31 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll

[2014-02-06 00:08:31 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll

[2014-02-06 00:08:31 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll

[2014-02-06 00:08:31 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll

[2014-02-06 00:08:31 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll

[2014-02-06 00:08:31 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll

[2014-02-06 00:08:31 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll

[2014-02-06 00:08:31 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll

[2014-02-06 00:08:31 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll

[2014-02-06 00:08:31 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll

[2014-02-06 00:08:31 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll

[2014-02-06 00:08:31 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll

[2014-02-05 23:29:26 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe

[2014-02-05 23:29:26 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe

[2014-02-05 23:29:19 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec

[2014-02-03 22:49:33 | 000,000,745 | ---- | M] () -- C:\WINDOWS\COD.INI

[2014-02-03 16:02:21 | 000,000,204 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat

[5 C:\WINDOWS\System32\*.tmp files - & gt; C:\WINDOWS\System32\*.tmp - & gt; ]

[1 C:\WINDOWS\*.tmp files - & gt; C:\WINDOWS\*.tmp - & gt; ]



[color=#E56717]========== Files Created - No Company Name ==========[/color]



[2014-02-23 22:13:31 | 000,038,921 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\4476681783.jpeg

[2014-02-23 18:05:03 | 002,296,910 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\AutoRuns.arn

[2014-02-22 07:49:30 | 000,001,137 | ---- | C] () -- C:\Documents and Settings\user\Menu Start\Programy\GG.lnk

[2014-02-21 16:53:22 | 000,001,573 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Medal of Honor Allied Assault(tm) Breakthrough.lnk

[2014-02-21 08:09:55 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Skrót do chomikbox.lnk

[2014-02-19 11:47:23 | 000,013,888 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ISO1.nri

[2014-02-03 22:49:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\COD.INI

[2014-02-02 11:37:25 | 013,107,200 | ---- | C] () -- C:\Documents and Settings\user\ntuser.bak

[2014-01-28 19:42:36 | 034,372,096 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ESET NOD32 Antivirus4.msi

[2014-01-20 12:13:51 | 000,004,156 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\uxxadbmu.rlu

[2014-01-17 17:13:24 | 000,618,984 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2014-01-17 15:56:14 | 000,000,025 | ---- | C] () -- C:\WINDOWS\PlayerLiteM.INI

[2014-01-03 19:44:16 | 000,002,408 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin

[2013-11-27 08:21:50 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll

[2013-09-16 11:05:21 | 000,000,024 | -HS- | C] () -- C:\Documents and Settings\user\Dane aplikacji\Win4665 Config DB.dlx

[2013-09-16 11:05:21 | 000,000,024 | -HS- | C] () -- C:\Documents and Settings\user\Dane aplikacji\System3192SettingsDB.dat

[2013-09-15 07:29:01 | 000,000,005 | ---- | C] () -- C:\Documents and Settings\user\Dane aplikacji\mbam.context.scan

[2013-09-14 15:46:49 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\llftool.4.30.agreement

[2013-06-28 11:14:05 | 000,000,030 | ---- | C] () -- C:\WINDOWS\sysstr32.ini

[2013-06-25 21:59:07 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll

[2013-06-25 21:59:07 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll

[2013-05-19 18:16:43 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI

[2013-03-23 19:32:33 | 000,169,070 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat

[2013-01-28 20:47:52 | 000,122,880 | ---- | C] () -- C:\WINDOWS\UnGins.exe

[2012-11-21 11:53:55 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2012-10-28 22:02:03 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2012-10-02 18:06:43 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

[2012-09-22 10:33:36 | 000,000,503 | ---- | C] () -- C:\WINDOWS\SIERRA.INI

[2012-01-01 09:58:16 | 000,002,415 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\promo.exe

[2011-12-29 07:44:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\{2D836B1E-81F7-4701-9B9D-F037826B7047}

[2011-10-06 09:15:31 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\user\Dane aplikacji\MPUI.ini

[2011-10-06 08:54:19 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\user\Dane aplikacji\ezpinst.exe

[2011-10-06 08:54:19 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\user\Dane aplikacji\pcouffin.cat

[2011-10-06 08:54:19 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\user\Dane aplikacji\pcouffin.inf

[2010-12-03 10:55:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\user\wmic

[2010-01-28 23:48:52 | 000,179,712 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini



[color=#E56717]========== ZeroAccess Check ==========[/color]



[2013-09-14 15:21:53 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini



[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]



[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

" " = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 18:20:47 | 001,499,136 | ---- | M] (Microsoft Corporation)

" ThreadingModel " = Apartment



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

" " = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)

" ThreadingModel " = Free



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

" " = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 18:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation)

" ThreadingModel " = Both



[color=#E56717]========== Alternate Data Streams ==========[/color]



@Alternate Data Stream - 88 bytes - & gt; C:\WINDOWS\System32\msacm32.drv:SummaryInformation

@Alternate Data Stream - 140 bytes - & gt; C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DE406C3E

@Alternate Data Stream - 128 bytes - & gt; C:\Documents and Settings\All Users\Dane aplikacji\TEMP:890CC2F3

@Alternate Data Stream - 112 bytes - & gt; C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2



& lt; End of report & gt;


Download file - link to post