torson utworzono 19 lipca 2009 utworzono 19 lipca 2009 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:50:09, on 2009-07-19Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16850)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\Program Files\Sygate\SPF\smc.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\system32\PSIService.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\AGRSMMSG.exeC:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exeC:\WINDOWS\system32\RunDll32.exeC:\Program Files\Lexmark 5200 series\lxbtbmgr.exeC:\Program Files\Ahead\InCD\InCD.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Winamp\winampa.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Photo Toolkit\ivbar\phototoolkitmem.exeC:\Program Files\Lexmark 5200 series\lxbtbmon.exeC:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssbR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: UrlHelper Class - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dllO2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Wlodek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initializeO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exeO4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWndO4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startguiO4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /autoO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1177010963294O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1177017127639O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exeO23 - Service: lxbt_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbtcoms.exeO23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exeO23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exeO23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exeO23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exeO23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exeO23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe--End of file - 8333 bytes
MarekM25 komentarz 19 lipca 2009 komentarz 19 lipca 2009 hjt to mało daj loga z otl lub RSIT powodem sprawdzania są jakieś problemy czy tylko profilaktyka?
torson komentarz 19 lipca 2009 Autor komentarz 19 lipca 2009 wklejam lod z combo ComboFix 09-07-19.01 - Wlodek 2009-07-19 18:01.1.1 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.255.99 [GMT 2:00]Uruchomiony z: c:\documents and settings\Wlodek\Pulpit\ComboFix.exeAV: avast! antivirus 4.8.1335 [VPS 090719-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}FW: Sygate Personal Firewall *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\Installer\59ede.msi.((((((((((((((((((((((((( Pliki utworzone od 2009-06-19 do 2009-07-19 ))))))))))))))))))))))))))))))).2009-07-19 15:28 . 2009-07-19 15:28 49976 ----a-w- C:\cc_20090719_172803k.reg2009-07-19 15:27 . 2009-07-19 15:27 944634 ----a-w- C:\cc_20090719_172653.reg2009-07-19 15:14 . 2009-07-19 15:14 -------- d-----w- c:\program files\CCleaner2009-07-07 23:55 . 2009-07-07 23:55 41808 ----a-w- c:\windows\system32\xfcodec.dll2009-06-26 12:07 . 2009-06-26 12:07 -------- d-----w- c:\documents and settings\Wlodek\Dane aplikacji\GameInvest2009-06-24 15:02 . 2009-06-24 15:02 -------- d-----w- c:\documents and settings\NetworkService\Dane aplikacji\Xfire2009-06-24 14:52 . 2009-07-09 16:15 -------- d-----w- c:\documents and settings\Wlodek\Dane aplikacji\Xfire2009-06-24 14:52 . 2009-07-09 12:04 -------- d-----w- c:\program files\Xfire2009-06-23 09:44 . 2009-06-23 09:44 -------- d-----w- c:\program files\Hospital Hustle.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2060-08-18 17:02 . 2004-08-05 17:12 1496064 -c----w- c:\windows\system32\CC3250MT.DLL2060-08-18 16:40 . 2004-08-05 17:12 909824 -c----w- c:\windows\system32\cp3245mt.dll2060-08-18 16:40 . 2004-08-05 17:12 24064 -c----w- c:\windows\system32\borlndmm.dll2009-07-19 15:31 . 2007-12-05 15:08 169936 ----a-w- c:\documents and settings\Wlodek\Dane aplikacji\Mozilla\Firefox\Profiles\r8l293si.default\FlashGot.exe2009-07-19 15:08 . 2003-10-29 11:16 -------- d-----w- c:\program files\Common Files\Adobe2009-07-19 11:46 . 2009-01-14 12:49 -------- d-----w- c:\documents and settings\Wlodek\Dane aplikacji\Nowe Gadu-Gadu2009-07-18 14:30 . 2009-06-13 15:34 -------- d-----w- c:\program files\Nowe Gadu-Gadu2009-07-15 19:48 . 2009-06-15 16:36 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM2009-07-10 14:47 . 2001-10-30 12:00 79188 ----a-w- c:\windows\system32\perfc015.dat2009-07-10 14:47 . 2001-10-30 12:00 457678 ----a-w- c:\windows\system32\perfh015.dat2009-07-05 10:22 . 2007-06-16 12:11 -------- d-----w- c:\documents and settings\Wlodek\Dane aplikacji\BearShare2009-07-05 09:29 . 2009-03-01 21:12 -------- d-----w- c:\documents and settings\Wlodek\Dane aplikacji\Winamp2009-06-20 10:25 . 2009-04-14 15:59 -------- d-----w- c:\program files\English Translator 32009-06-18 16:19 . 2007-07-19 12:31 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\PlayFirst2009-06-18 16:19 . 2007-07-18 11:58 -------- d-----w- c:\documents and settings\Wlodek\Dane aplikacji\PlayFirst2009-06-18 15:56 . 2008-05-09 17:54 -------- d-----w- c:\documents and settings\Wlodek\Dane aplikacji\BESTplayer2009-06-16 14:40 . 2001-10-30 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll2009-06-16 14:40 . 2001-10-30 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll2009-06-15 16:35 . 2009-06-15 16:35 -------- d-----w- c:\documents and settings\Wlodek\Dane aplikacji\OpenFM2009-06-03 19:11 . 2004-03-26 17:46 1294848 ----a-w- c:\windows\system32\quartz.dll2009-05-28 09:23 . 2009-05-28 09:23 42088 ----a-w- c:\documents and settings\Wlodek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll2009-05-28 08:34 . 2009-05-28 08:34 11264 ----a-w- c:\documents and settings\Wlodek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll2009-05-07 15:34 . 2001-10-30 12:00 347648 ----a-w- c:\windows\system32\localspl.dll2009-04-29 04:47 . 2004-08-23 16:18 827392 ----a-w- c:\windows\system32\wininet.dll2009-04-29 04:47 . 2004-08-04 07:43 78336 ----a-w- c:\windows\system32\ieencode.dll2008-03-02 17:46 . 2008-03-02 17:46 0 -c--a-w- c:\program files\temp012009-04-29 13:09 . 2008-08-28 18:24 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll2008-03-07 12:09 . 2008-03-05 17:50 88 --sh--r- c:\windows\system32\7B712B0690.sys2008-03-07 12:46 . 2008-03-05 17:50 2516 -csha-w- c:\windows\system32\KGyGaAvL.sys.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]2008-04-17 07:44 398776 ----a-w- c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-24 1916928]"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-07-14 10707560][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="NvQTwk" [X]"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-06-21 188416]"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2005-01-24 81920]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]"LXBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll" [2004-03-17 65536]"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-26 98304]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-14 171520]"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2002-07-16 372736]"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2002-09-25 87751][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2007-4-19 614400][HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="c:\\Program Files\\Ares\\Ares.exe"="c:\\Program Files\\Mozilla Firefox\\firefox.exe"="c:\\Program Files\\NAPI-PROJEKT\\napisy.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"26038:TCP"= 26038:TCP:BitComet 26038 TCP"26038:UDP"= 26038:UDP:BitComet 26038 UDP"8461:TCP"= 8461:TCP:GoD High Port"8462:TCP"= 8462:TCP:GoD Low PortR3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2007-07-15 58288]S1 aswSP;avast! Self Protection; [x]S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560].Zawartość folderu 'Zaplanowane zadania'2003-08-22 c:\windows\Tasks\FRU Task 2002-05-31 16:38ewlett-PackardeskjetD1F5C76C62909B80B7DD96D9CE9D83EC24F74D1377528048C4168AA70B210A5D420.job- c:\program files\Hewlett-Packard\upapp\hpqfruv.exe [2002-05-31 07:38].- - - - USUNIĘTO PUSTE WPISY - - - -HKLM-Run-Cmaudio - cmicnfg.cplHKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe.------- Skan uzupełniający -------.uStart Page = hxxp://www.google.pl/uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uSearchURL,(Default) = hxxp://www.google.com/search?q=%sDPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cabFF - ProfilePath - c:\documents and settings\Wlodek\Dane aplikacji\Mozilla\Firefox\Profiles\r8l293si.default\FF - prefs.js: browser.startup.homepage - www.onet.plFF - plugin: c:\documents and settings\Wlodek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npjpi160_01.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npOggX.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-07-19 18:15Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXBTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vsdatant]"ImagePath"="".Czas ukończenia: 2009-07-19 18:26ComboFix-quarantined-files.txt 2009-07-19 16:25Przed: 12 018 503 680 bajtów wolnychPo: 12 006 211 584 bajtów wolnychCurrent=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4141 --- E O F --- 2009-07-15 21:19 celem jest sprawdzenie systemu czy nie ma zagrozenia i co jest powidem dlugiego otwierania sie kompa! z gory dzeiki za pomoc // @MarekM25 prosił Cię o log z OTL ew. RSIT. // Użyłeś ComboFixa WOGÓLE niepotrzebnie. // Jeszcze raz nie poszłuchasz się naszych rad i poleci +20% to kolekcji. // Logi wstawiamy też w tagi . // Poprawiam. // Kamil
Gość komentarz 19 lipca 2009 komentarz 19 lipca 2009 Proszę nie używać ComboFixa jeżeli ktoś Ciebie nie prosi. Instaluj też Konsolkę. 1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt. 2. Użyj programu Malwarebytes. Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok. Wrzuć wygenerowany raport po usuwaniu MBAMem. .
torson komentarz 20 lipca 2009 Autor komentarz 20 lipca 2009 OTL logfile created on: 2009-07-20 11:16:20 - Run 1OTL by OldTimer - Version 3.0.9.2 Folder = C:\Documents and Settings\Wlodek\PulpitWindows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 7.0.5730.13)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd255,49 Mb Total Physical Memory | 44,65 Mb Available Physical Memory | 17,48% Memory free1,69 Gb Paging File | 1,39 Gb Available in Paging File | 81,97% Paging File freePaging file location(s): C:\pagefile.sys 1500 1500 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 37,26 Gb Total Space | 17,34 Gb Free Space | 46,53% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: WŁODEKCurrent User Name: WlodekLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2004-09-13 11:49:42 | 01,192,050 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exePRC - [2004-10-15 19:40:56 | 02,577,632 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Sygate\SPF\smc.exePRC - [2009-02-05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exePRC - [2009-02-05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exePRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXEPRC - [2002-07-16 06:16:00 | 00,061,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exePRC - [2006-11-02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\System32\PSIService.exePRC - [2002-09-25 12:44:18 | 00,087,751 | R--- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exePRC - [2002-06-21 12:32:04 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exePRC - [2009-02-05 23:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exePRC - [2008-02-22 04:25:21 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exePRC - [2007-06-26 19:04:11 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exePRC - [2006-05-16 11:22:58 | 00,614,400 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exePRC - [2009-02-05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exePRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exePRC - [2009-02-05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exePRC - [2009-04-29 15:10:06 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2009-07-20 11:14:36 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wlodek\Pulpit\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2007-03-20 03:19:14 | 00,263,168 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer [On_Demand | Stopped])SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2009-02-05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])SRV - [2009-02-05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])SRV - [2009-02-05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])SRV - [2009-02-05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2004-09-13 11:49:42 | 01,192,050 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])SRV - [2004-02-20 21:10:08 | 00,421,888 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbtcoms.exe -- (lxbt_device [On_Demand | Stopped])SRV - [2005-01-26 15:30:04 | 00,053,337 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV [On_Demand | Stopped])SRV - [2002-07-16 06:16:00 | 00,061,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])SRV - [2005-01-26 15:25:34 | 00,053,337 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR [On_Demand | Stopped])SRV - [2006-11-02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\System32\PSIService.exe -- (ProtexisLicensing [Auto | Running])SRV - [2004-10-15 19:40:56 | 02,577,632 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Sygate\SPF\smc.exe -- (SmcService [Auto | Running])SRV - [2005-01-26 15:20:14 | 00,069,718 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2009-02-05 23:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [system | Running])DRV - [2007-04-19 21:13:07 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])DRV - [2002-09-25 12:44:32 | 01,141,248 | R--- | M] (Agere Systems) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])DRV - [2009-02-05 23:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])DRV - [2009-02-05 23:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])DRV - [2009-02-05 23:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])DRV - [2009-02-05 23:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [system | Running])DRV - [2009-02-05 23:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [system | Running])DRV - [2003-02-26 05:44:36 | 00,739,983 | ---- | M] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys -- (cmuda [On_Demand | Running])DRV - [2008-04-13 20:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])DRV - [2004-09-13 11:54:06 | 00,093,440 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])DRV - [2004-09-13 11:54:46 | 00,028,672 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys -- (InCDPass [system | Running])DRV - [2007-07-15 12:38:24 | 00,058,288 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k510bus.sys -- (k510bus [On_Demand | Stopped])DRV - [2001-08-17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])DRV - [2001-08-17 23:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])DRV - [2002-07-16 06:16:00 | 00,981,466 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])DRV - [2001-10-30 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2006-05-04 19:02:58 | 00,380,928 | ---- | M] (Ralink Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\RT61.sys -- (RT61 [On_Demand | Running])DRV - [2007-11-13 12:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])DRV - [2007-07-03 16:54:24 | 00,080,552 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\sscdbus.sys -- (sscdbus [On_Demand | Stopped])DRV - [2007-07-03 16:57:24 | 00,011,944 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])DRV - [2007-07-03 16:58:20 | 00,106,792 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])DRV - [2007-05-02 11:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Running])DRV - [2007-05-02 11:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Running])DRV - [2007-05-02 11:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Running])DRV - [2009-02-24 23:16:08 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [system | Running])DRV - [2004-10-15 18:17:02 | 00,060,496 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys -- (Teefer [boot | Running])DRV - [2002-12-26 22:41:00 | 00,026,880 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1 [boot | Running])DRV - [2001-10-18 06:00:00 | 00,006,144 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\viaidexp.sys -- (ViaIde [boot | Running])DRV - [2004-10-15 18:32:38 | 00,014,568 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys -- (wg3n [Auto | Running])DRV - [2004-10-15 18:32:40 | 00,014,568 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys -- (wg4n [Auto | Running])DRV - [2004-10-15 18:32:42 | 00,014,568 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys -- (wg5n [Auto | Running])DRV - [2004-10-15 18:32:44 | 00,014,568 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys -- (wg6n [Auto | Running])DRV - [2004-10-15 18:18:46 | 00,021,075 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wpsdrvnt.sys -- (wpsdrvnt [system | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = GoogleIE - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8IE - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/IE - URLSearchHook: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Reg Error: Key error. File not foundIE - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\S-1-5-21-1465058494-955046455-3802400216-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.startup.homepage: "www.onet.pl"FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.1.9FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-06-19 17:12:13 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-07-19 17:08:25 | 00,000,000 | ---D | M][2008-08-28 20:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\mozilla\Extensions[2008-08-28 20:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-07-19 19:05:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\mozilla\Firefox\Profiles\r8l293si.default\extensions[2009-05-31 20:03:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\mozilla\Firefox\Profiles\r8l293si.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}[2009-07-19 19:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-04-29 15:10:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2007-06-18 11:11:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}[2007-08-06 11:18:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[2008-07-06 13:30:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[2009-04-29 15:09:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-04-29 15:09:57 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2007-03-14 03:43:41 | 00,132,760 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npjpi160_01.dll[2007-04-24 11:36:16 | 01,452,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll[2009-04-29 15:10:13 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2007-12-11 10:07:00 | 00,307,200 | ---- | M] (ESKA) -- C:\Program Files\mozilla firefox\plugins\npOggX.dll[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2006-10-07 05:18:48 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll[2009-06-18 17:54:42 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll[2009-06-18 17:54:42 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll[2009-06-18 17:54:42 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll[2009-06-18 17:54:42 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll[2009-06-18 17:54:42 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll[2009-06-18 17:54:42 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll[2009-06-18 17:54:43 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll[2006-10-07 05:01:00 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll[2009-04-29 15:10:18 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-04-29 15:10:18 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-04-29 15:10:18 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-04-29 15:10:18 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-04-29 15:10:18 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-04-29 15:10:19 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-04-29 15:10:19 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (UrlHelper Class) - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll ()O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Wlodek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare)O3 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.O3 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe (HP)O4 - HKLM..\Run: [LXBTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.DLL (Lexmark International, Inc.)O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)O4 - HKLM..\Run: [smcService] C:\Program Files\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.O15 - HKU\S-1-5-21-1465058494-955046455-3802400216-1006\..Trusted Domains: ([]msn in My Computer)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177010963294 (WUWebControl Class)O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177017127639 (MUWebControl Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (ActiveScan Installer Class)O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.92.200.1O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2003-07-07 13:49:34 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found========== Files/Folders - Created Within 30 Days ==========[4 C:\WINDOWS\*.tmp files][1 C:\Documents and Settings\Wlodek\Pulpit\*.tmp files][2009-07-20 11:14:29 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Wlodek\Pulpit\OTL.exe[2009-07-20 11:10:58 | 00,181,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Wlodek\Pulpit\OTC.exe[2009-07-19 22:45:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Wlodek\Pulpit\nnnnnn[2009-07-19 22:16:21 | 01,613,354 | ---- | C] () -- C:\Documents and Settings\Wlodek\Pulpit\ewa farna - cicho.mp3[2009-07-19 19:41:14 | 00,149,482 | ---- | C] () -- C:\cc_20090719_194107l.reg[2009-07-19 19:34:56 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker[2009-07-19 18:51:35 | 00,000,000 | -HSD | C] -- C:\RECYCLER[2009-07-19 18:24:25 | 02,190,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntoskrnl.exe[2009-07-19 18:24:25 | 02,067,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntkrnlpa.exe[2009-07-19 18:24:25 | 01,571,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfcfiles.dll[2009-07-19 18:24:25 | 01,035,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\explorer.exe[2009-07-19 18:24:25 | 01,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kernel32.dll[2009-07-19 18:24:25 | 00,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mfc40u.dll[2009-07-19 18:24:25 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wininet.dll[2009-07-19 18:24:25 | 00,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comres.dll[2009-07-19 18:24:25 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comctl32.dll[2009-07-19 18:24:25 | 00,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\user32.dll[2009-07-19 18:24:25 | 00,510,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\winlogon.exe[2009-07-19 18:24:25 | 00,435,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntmssvc.dll[2009-07-19 18:24:25 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rpcss.dll[2009-07-19 18:24:25 | 00,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\tcpip.sys[2009-07-19 18:24:25 | 00,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\termsrv.dll[2009-07-19 18:24:25 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ndis.sys[2009-07-19 18:24:25 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\aec.sys[2009-07-19 18:24:25 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\services.exe[2009-07-19 18:24:25 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\imm32.dll[2009-07-19 18:24:25 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rasauto.dll[2009-07-19 18:24:25 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ws2_32.dll[2009-07-19 18:24:25 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\spoolsv.exe[2009-07-19 18:24:25 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wuauclt.exe[2009-07-19 18:24:25 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ip6fw.sys[2009-07-19 18:24:25 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\msgsvc.dll[2009-07-19 18:24:25 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\userinit.exe[2009-07-19 18:24:25 | 00,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kbdclass.sys[2009-07-19 18:24:25 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lpk.dll[2009-07-19 18:24:25 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\powrprof.dll[2009-07-19 18:24:25 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ctfmon.exe[2009-07-19 18:24:25 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\svchost.exe[2009-07-19 18:24:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lsass.exe[2009-07-19 18:24:25 | 00,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\acpiec.sys[2009-07-19 18:24:25 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfc.dll[2009-07-19 18:24:25 | 00,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\beep.sys[2009-07-19 18:24:25 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\null.sys[2009-07-19 18:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache[2009-07-19 17:49:40 | 00,000,000 | ---D | C] -- C:\Program Files\HijackThis[2009-07-19 17:47:58 | 00,219,648 | ---- | C] () -- C:\WINDOWS\PEV.exe[2009-07-19 17:47:58 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2009-07-19 17:47:58 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2009-07-19 17:47:58 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2009-07-19 17:47:58 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2009-07-19 17:47:58 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2009-07-19 17:47:58 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2009-07-19 17:47:58 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2009-07-19 17:47:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2009-07-19 17:47:28 | 00,000,000 | ---D | C] -- C:\Qoobox[2009-07-19 17:40:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss[2009-07-19 17:38:17 | 03,146,421 | R--- | C] () -- C:\Documents and Settings\Wlodek\Pulpit\ComboFix.exe[2009-07-19 17:28:08 | 00,049,976 | ---- | C] () -- C:\cc_20090719_172803k.reg[2009-07-19 17:27:10 | 00,944,634 | ---- | C] () -- C:\cc_20090719_172653.reg[2009-07-19 17:14:03 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner[2009-07-19 17:08:26 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk[2009-07-19 17:06:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe[2009-07-08 01:55:12 | 00,041,808 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll[2009-06-26 14:07:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Wlodek\Dane aplikacji\GameInvest[2009-06-24 16:52:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Xfire[2009-06-24 16:52:22 | 00,000,000 | ---D | C] -- C:\Program Files\Xfire[2009-06-20 19:58:01 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for[2009-06-20 19:58:00 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn[2009-05-01 21:32:49 | 00,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini[2008-08-13 10:53:37 | 00,000,031 | ---- | C] () -- C:\WINDOWS\System32\Days5.ini[2008-07-20 14:15:09 | 00,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI[2008-07-08 22:04:22 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys[2008-03-05 19:50:46 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\7B712B0690.sys[2008-03-05 19:50:45 | 00,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys[2008-01-20 02:39:58 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2007-09-01 15:00:20 | 00,001,363 | ---- | C] () -- C:\WINDOWS\DigbysDonuts.ini[2007-08-14 18:40:46 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll[2007-08-14 18:40:42 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll[2007-08-14 18:40:25 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll[2007-08-14 18:40:21 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll[2007-08-14 18:39:44 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll[2007-08-14 18:38:58 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2007-04-19 21:12:47 | 00,295,028 | ---- | C] () -- C:\WINDOWS\System32\Install6x.dll[2007-03-13 20:25:31 | 00,001,104 | ---- | C] () -- C:\WINDOWS\bestplayer.ini[2006-04-16 10:53:06 | 00,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini[2006-04-16 10:50:33 | 00,000,016 | ---- | C] () -- C:\WINDOWS\compedia.ini[2006-01-20 17:37:01 | 00,000,016 | ---- | C] () -- C:\WINDOWS\zone2.INI[2005-08-17 12:12:20 | 00,000,142 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI[2005-08-12 11:16:52 | 00,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2005-08-11 18:31:09 | 00,000,784 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2005-07-04 19:53:12 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll[2005-07-04 19:53:12 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll[2005-07-04 19:53:12 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll[2005-05-16 19:36:37 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL[2005-05-16 19:36:37 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL[2005-05-16 19:30:55 | 00,139,264 | R--- | C] () -- C:\WINDOWS\System32\lxbtcoin.dll[2005-05-16 19:30:55 | 00,126,976 | R--- | C] () -- C:\WINDOWS\System32\lxbtsnls.dll[2005-05-16 19:30:54 | 00,001,832 | R--- | C] () -- C:\WINDOWS\System32\lxbtprod.ini[2004-11-12 20:18:13 | 01,892,352 | ---- | C] () -- C:\WINDOWS\System32\cmiwcnfg.dll[2004-11-12 20:18:13 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll[2004-11-12 20:16:57 | 00,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll[2004-11-12 18:33:39 | 00,000,117 | ---- | C] () -- C:\WINDOWS\solsphdx.ini[2004-11-12 18:32:26 | 00,000,020 | ---- | C] () -- C:\WINDOWS\solsphedit.ini[2004-11-12 18:30:24 | 00,000,101 | ---- | C] () -- C:\WINDOWS\orbitz.ini[2004-11-12 18:30:21 | 00,000,044 | ---- | C] () -- C:\WINDOWS\undomove.ini[2004-11-12 18:16:55 | 00,000,012 | ---- | C] () -- C:\WINDOWS\kulkissave.INI[2004-11-12 18:12:14 | 00,000,035 | ---- | C] () -- C:\WINDOWS\madlocnoidscore.INI[2004-11-12 17:17:23 | 00,000,476 | ---- | C] () -- C:\WINDOWS\cncscore.ini[2004-10-27 19:17:21 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll[2004-10-15 18:31:56 | 00,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll[2004-10-08 18:12:56 | 00,151,056 | ---- | C] () -- C:\WINDOWS\System32\IR32.DLL[2004-10-08 18:12:56 | 00,050,016 | ---- | C] () -- C:\WINDOWS\System32\IYVU9.DLL[2004-10-08 18:12:55 | 00,077,664 | ---- | C] () -- C:\WINDOWS\System32\IR21.DLL[2004-10-08 18:12:55 | 00,018,384 | ---- | C] () -- C:\WINDOWS\System32\DCISVGA.DRV[2004-08-19 19:56:37 | 00,000,782 | ---- | C] () -- C:\WINDOWS\Rollemup.ini[2004-08-19 19:18:00 | 00,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini[2004-08-19 19:17:57 | 00,088,064 | ---- | C] () -- C:\WINDOWS\System32\AudioExCtl.dll[2004-08-19 19:16:01 | 00,000,236 | ---- | C] () -- C:\WINDOWS\SIERRA.INI[2004-08-05 19:12:30 | 00,089,088 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll[2004-06-02 16:18:33 | 00,000,188 | ---- | C] () -- C:\WINDOWS\disneysy.ini[2004-03-20 18:06:57 | 00,000,423 | ---- | C] () -- C:\WINDOWS\disney.ini[2004-03-13 16:21:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll[2004-03-10 12:02:14 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\lxbthwdf.dll[2004-01-16 19:06:48 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI[2003-07-21 18:18:20 | 00,000,254 | ---- | C] () -- C:\WINDOWS\SloOrtEx.ini[2003-07-21 17:47:17 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL[2003-07-21 17:15:18 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll[2003-07-08 19:07:38 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini[2003-07-07 14:25:41 | 00,005,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\Vichw00.sys[2003-07-07 14:16:03 | 00,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI[2003-07-07 14:16:02 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI[2003-07-07 14:16:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini[2003-06-23 18:06:02 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbtvs.dll[2001-10-30 14:00:00 | 00,001,125 | ---- | C] () -- C:\WINDOWS\win.ini[2001-10-30 14:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini[2001-10-24 16:00:40 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll[2000-10-31 19:00:00 | 00,132,096 | ---- | C] () -- C:\WINDOWS\System32\ZipDll.dll[2000-10-31 19:00:00 | 00,117,760 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll========== Files - Modified Within 30 Days ==========[2 C:\WINDOWS\System32\*.tmp files][4 C:\WINDOWS\*.tmp files][1 C:\Documents and Settings\Wlodek\Pulpit\*.tmp files][2009-10-06 19:45:31 | 00,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT[2009-07-20 11:14:36 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wlodek\Pulpit\OTL.exe[2009-07-20 11:11:00 | 00,181,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wlodek\Pulpit\OTC.exe[2009-07-20 11:02:08 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009-07-20 11:01:46 | 00,000,211 | RHS- | M] () -- C:\boot.ini[2009-07-20 11:01:44 | 00,001,125 | ---- | M] () -- C:\WINDOWS\win.ini[2009-07-20 11:01:44 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini[2009-07-20 10:58:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-07-20 10:58:29 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-07-19 22:16:50 | 01,613,354 | ---- | M] () -- C:\Documents and Settings\Wlodek\Pulpit\ewa farna - cicho.mp3[2009-07-19 21:28:17 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk[2009-07-19 21:05:38 | 00,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2009-07-19 19:58:57 | 00,149,482 | ---- | M] () -- C:\cc_20090719_194107l.reg[2009-07-19 18:31:37 | 00,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2009-07-19 17:39:12 | 03,146,421 | R--- | M] () -- C:\Documents and Settings\Wlodek\Pulpit\ComboFix.exe[2009-07-19 17:28:57 | 00,049,976 | ---- | M] () -- C:\cc_20090719_172803k.reg[2009-07-19 17:27:37 | 00,944,634 | ---- | M] () -- C:\cc_20090719_172653.reg[2009-07-19 15:18:08 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt[2009-07-19 14:02:15 | 00,000,030 | ---- | M] () -- C:\WINDOWS\TextSpy.ini[2009-07-13 05:48:54 | 00,219,648 | ---- | M] () -- C:\WINDOWS\PEV.exe[2009-07-10 16:47:21 | 01,012,492 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2009-07-10 16:47:21 | 00,457,678 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2009-07-10 16:47:21 | 00,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2009-07-10 16:47:21 | 00,079,188 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2009-07-10 16:47:21 | 00,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2009-07-09 22:51:27 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn[2009-07-09 14:20:35 | 00,000,049 | ---- | M] () -- C:\WINDOWS\iltwain.ini[2009-07-08 01:55:12 | 00,041,808 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll[2009-07-07 17:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe[2009-06-20 19:58:01 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for========== LOP Check ==========[2009-07-20 10:31:24 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2005-08-11 18:41:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead[2007-07-17 21:05:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Aliasworlds[2008-05-02 20:15:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo[2008-03-05 20:12:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Corel[2005-08-11 18:46:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink[2008-09-27 18:57:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink[2008-06-20 16:42:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\eGames[2005-05-16 19:36:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FaxCtr[2007-08-14 11:45:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Friday's games[2007-11-17 14:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fugazo[2008-08-06 13:40:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Go Go Gourmet[2008-03-08 15:18:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gogii[2009-04-09 18:11:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iWin[2003-07-22 21:25:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MSN6[2007-08-11 13:57:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Oberon Games[2009-07-15 21:48:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM[2009-06-18 18:19:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PlayFirst[2008-11-01 19:23:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sandlot Games[2007-08-13 14:43:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia[2008-08-07 12:16:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Valusoft[2007-09-16 16:47:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Zylom[2003-07-07 14:39:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2003-07-07 13:53:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2009-06-24 17:02:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2009-06-24 17:02:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire[2009-07-19 16:50:14 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji[2006-11-18 19:30:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Ahead[2008-05-02 20:15:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Ashampoo[2008-12-29 21:34:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Audacity[2009-07-05 12:22:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\BearShare[2009-06-18 17:56:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\BESTplayer[2005-04-29 19:41:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Chromeflower[2004-11-12 17:27:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Clonk[2008-03-07 14:41:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Corel[2005-04-29 19:41:19 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\CrystalSpace[2005-08-11 19:53:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\CyberLink[2007-08-15 14:30:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\EA[2008-06-20 16:41:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\eGames[2008-08-25 16:31:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\FaxCtr[2007-04-22 13:14:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Gadu-Gadu[2008-08-22 11:13:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Gaijin Ent[2009-06-26 14:07:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\GameInvest[2008-10-24 21:04:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Gamelab[2009-04-30 20:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\gtk-2.0[2008-02-01 20:10:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Home Sweet Home[2008-08-29 11:11:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\ITTNord[2009-04-09 18:11:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\iWin[2007-10-02 00:09:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Jane s Hotel[2007-11-17 13:55:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\MaggieTheGardener[2008-05-21 19:50:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Miranda[2003-07-22 21:25:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\MSN6[2007-08-13 18:41:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\My Games[2009-07-19 13:46:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Nowe Gadu-Gadu[2007-04-25 15:34:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\OfficeUpdate12[2007-12-26 15:13:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Ohana Games[2009-06-15 18:35:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\OpenFM[2009-06-18 18:19:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\PlayFirst[2009-02-17 15:26:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Pogo Games[2008-07-08 22:15:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Samsung[2007-11-15 19:18:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Tlen.pl[2008-08-07 12:16:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Valusoft[2009-07-09 18:15:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wlodek\Dane aplikacji\Xfire[2001-10-30 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2003-08-22 19:08:09 | 00,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#Deskjet#3420.job[2009-07-20 10:58:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT========== Purity Check ==========< End of report > sory za to ze was nie posluchalem za pierwszym razem! teraz stosuje sie do waszych rad! najpierw log z otl...jesli mozecie to prosze sprawdzcie...
torson komentarz 20 lipca 2009 Autor komentarz 20 lipca 2009 Malwarebytes' Anti-Malware 1.39Wersja bazy definicji: 2465Windows 5.1.2600 Dodatek Service Pack 32009-07-20 15:45:36mbam-log-2009-07-20 (15-45-36).txtTyp skanowania: Pełne skanowanie (C:\|)Przeskanowane obiekty: 187121Upłynęło: 1 hour(s), 17 minute(s), 50 second(s)Zainfekowane procesy w pamięci: 0Zainfekowane moduły pamięci: 0Zainfekowane klucze rejestru: 0Zainfekowane wartości rejestru: 0Zainfekowane pliki rejestru: 0Zainfekowane foldery: 0Zainfekowane pliki: 0Zainfekowane procesy w pamięci:(Nie wykryto groźnych plików)Zainfekowane moduły pamięci:(Nie wykryto groźnych plików)Zainfekowane klucze rejestru:(Nie wykryto groźnych plików)Zainfekowane wartości rejestru:(Nie wykryto groźnych plików)Zainfekowane pliki rejestru:(Nie wykryto groźnych plików)Zainfekowane foldery:(Nie wykryto groźnych plików)Zainfekowane pliki:(Nie wykryto groźnych plików) a i mam pytanie czy moge swobodnie usunac pliki ktore pojawily mi sie po otcleanit..?
MarekM25 komentarz 20 lipca 2009 komentarz 20 lipca 2009 Jest czysto jakie pliki Ci się pojawiły po otcleanit?
torson komentarz 20 lipca 2009 Autor komentarz 20 lipca 2009 na pulpicie wyskoczyly mi jakies pliki ukryte...
Gość komentarz 20 lipca 2009 komentarz 20 lipca 2009 Jeżeli chcesz wyłączyć "Ukryte pliki" to: Mój Komputer>>>Zakładka "Nardzędzia">>>Opcje folderów>>>Zakładka "Widok">>>Zahaczykuj tak jak tutaj na Screenie: No i po ,,Zahaczykowaniu" tych dwóch linijek naciskasz "Zastosuj">>>"OK". .
MarekM25 komentarz 20 lipca 2009 komentarz 20 lipca 2009 (edytowane) Jakie nazwy? Jeżeli ich nie chcesz widzieć to po prostu wejdź w Mój Komputer->Narzędzia->Opcję Folderów-> Zaznacz nie pokazuj ukrytych plików sory kamil pierwszy napisał posta
torson komentarz 20 lipca 2009 Autor komentarz 20 lipca 2009 dzieki...a co moge zrobic zeby komp mi szybciej chodzil i sie zalaczal...
MarekM25 komentarz 20 lipca 2009 komentarz 20 lipca 2009 Posprzątaj na nim: Usuń zbędne programy, przeczyść rejestr, wywal zbędniki z autostartu itp
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.