x-kom hosting

Prawdopodobienstwo keyloggera

xav
utworzono
utworzono

Zaczne od poczatku. Gram w WoWa (tak, mozecie mnie nazwac nerdem :D), jednak kiedy w niedziele chcialem sie zalogowac okazalo, ze konto zostalo shackowane. Prawdopodonie poprzez keylogger. Pierwsza rzecza jaka wpadla mi do glowy bylo przeskanowanie komputera kilkoma programami antyspyware (Search&Destroy, Spy Doctor, Malwarebytes Anti-Malware, Ad-Aware), ktore prawdopodobnie go usunely. Prosze o sprawdzenie logow poniewaz chce byc absolutnie pewny, ze nie mam tego swinstwa na kompie (korzystam z e-bankingu, a nie chce stracic pieniedzy).

Log z OTL

OTL logfile created on: 2009-07-21 16:03:19 - Run 2OTL by OldTimer - Version 3.0.9.2	 Folder = C:\Documents and Settings\Damian\PulpitWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 68,19% Memory free3,84 Gb Paging File | 3,21 Gb Available in Paging File | 83,50% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 29,79 Gb Total Space | 11,53 Gb Free Space | 38,71% Space Free | Partition Type: NTFSDrive D: | 134,09 Gb Total Space | 9,02 Gb Free Space | 6,72% Space Free | Partition Type: NTFSDrive E: | 134,21 Gb Total Space | 3,73 Gb Free Space | 2,78% Space Free | Partition Type: NTFSF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: SPRZECIORCurrent User Name: DamianLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXEPRC - [2006-07-13 08:12:26 | 00,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exePRC - [2007-01-05 11:39:46 | 00,597,504 | R--- | M] () -- C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exePRC - [2006-10-27 01:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exePRC - [2009-02-26 19:56:48 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2006-12-18 15:34:36 | 00,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exePRC - [2008-08-06 12:16:42 | 00,159,744 | ---- | M] (Linksys LLC - A Division of Cisco Systems) -- C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exePRC - [2008-05-16 07:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exePRC - [2008-12-08 13:33:48 | 01,173,384 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exePRC - [2009-02-26 19:56:48 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exePRC - [2008-06-26 14:52:42 | 00,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exePRC - [2009-01-15 09:19:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exePRC - [2009-02-26 19:56:48 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exePRC - [2009-01-07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exePRC - [2009-01-21 13:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exePRC - [2008-05-16 07:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exePRC - [2009-03-14 09:46:02 | 00,386,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exePRC - [2009-07-21 15:45:03 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Damian\Pulpit\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2009-07-03 15:56:14 | 00,303,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP [Auto | Running])SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [2006-10-20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2006-10-30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])SRV - [2009-02-26 19:56:48 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])SRV - [2008-06-26 14:52:42 | 00,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater [Auto | Running])SRV - [2006-10-27 01:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])SRV - [2006-10-30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])SRV - [2008-05-16 07:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice [Auto | Running])SRV - [2009-01-15 09:19:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])SRV - [2006-10-26 20:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])SRV - [2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2009-04-24 18:20:01 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Stopped])SRV - [2009-05-01 16:33:23 | 00,189,784 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Stopped])SRV - [2009-01-07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])SRV - [2009-01-21 13:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2007-01-16 03:09:06 | 00,293,888 | R--- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])DRV - [2007-02-07 17:50:32 | 00,118,552 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\adiusbaw.sys -- (adiusbaw [On_Demand | Stopped])DRV - [2006-08-07 00:57:30 | 00,093,952 | R--- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\drivers\AEAudio.sys -- (AEAudio [On_Demand | Running])DRV - [2006-10-18 21:12:16 | 00,012,664 | R--- | M] () -- C:\WINDOWS\System32\drivers\AsIO.sys -- (AsIO [system | Running])DRV - [2009-01-27 12:09:39 | 00,271,360 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])DRV - [2007-02-07 17:50:14 | 00,056,088 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\adildr.sys -- (ELOADER [Auto | Stopped])DRV - [2009-03-16 19:41:55 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])DRV - [2006-02-07 13:52:58 | 00,006,912 | R--- | M] (JMicron ) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO [boot | Running])DRV - [2006-10-30 05:31:58 | 00,043,648 | R--- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID [boot | Running])DRV - [2009-06-15 14:01:00 | 00,128,016 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [boot | Running])DRV - [2008-12-15 20:41:32 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [boot | Running])DRV - [2009-07-21 15:27:35 | 00,296,976 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klif.sys -- (KLIF [system | Running])DRV - [2009-05-13 17:46:52 | 00,031,760 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])DRV - [2009-05-16 20:59:44 | 00,019,472 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klmouflt.sys -- (klmouflt [On_Demand | Running])DRV - [2009-01-27 12:09:39 | 00,018,048 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])DRV - [2009-01-15 09:19:00 | 06,301,248 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])DRV - [2009-04-03 11:18:26 | 00,130,936 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore [boot | Running])DRV - [2008-05-16 07:10:32 | 00,023,992 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\System32\DRIVERS\pnarp.sys -- (pnarp [Auto | Running])DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2008-05-16 07:10:30 | 00,025,272 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\System32\DRIVERS\purendis.sys -- (purendis [Auto | Running])DRV - [2008-11-20 21:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2006-07-27 03:49:10 | 00,083,712 | R--- | M] (Realtek Semiconductor Corporation						   ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2006-03-17 11:18:58 | 00,392,960 | R--- | M] (Sensaura) -- C:\WINDOWS\System32\drivers\Senfilt.sys -- (SenFiltService [On_Demand | Running])DRV - [2009-02-01 12:15:30 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])DRV - [2007-05-02 12:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped])DRV - [2007-05-02 12:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped])DRV - [2007-05-02 12:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped])DRV - [2006-07-24 17:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [system | Running])DRV - [2008-02-01 15:00:00 | 00,012,672 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\System32\DRIVERS\lgusbbus.sys -- (usbbus [On_Demand | Stopped])DRV - [2008-02-01 15:00:00 | 00,021,760 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys -- (USBModem [On_Demand | Stopped])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-73586283-1580436667-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-73586283-1580436667-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-73586283-1580436667-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhomeIE - HKU\S-1-5-21-73586283-1580436667-839522115-1003\S-1-5-21-73586283-1580436667-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.0FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.1.2FF - prefs.js..extensions.enabledItems: {463F6CA5-EE3C-4be1-B7E6-7FEE11953374}:3.5.5FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11FF - prefs.js..network.proxy.type: 2FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-02-26 19:56:49 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-06-14 19:30:47 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-06-14 19:30:45 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009-07-21 15:29:02 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\pluginsFF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla ThunderbirdFF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2009-07-21 15:28:30 | 00,000,000 | ---D | M][2009-03-05 22:08:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\mozilla\Extensions[2009-03-05 22:08:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-07-21 14:51:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\mozilla\Firefox\Profiles\b5obvgbb.default\extensions[2009-05-28 15:13:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\mozilla\Firefox\Profiles\b5obvgbb.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}[2009-05-28 15:13:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\mozilla\Firefox\Profiles\b5obvgbb.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}[2009-05-28 15:13:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\mozilla\Firefox\Profiles\b5obvgbb.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}[2009-06-21 21:11:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\mozilla\Firefox\Profiles\b5obvgbb.default\extensions\anycolor.pavlos256@gmail.com[2009-07-21 15:29:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-06-14 19:30:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2009-07-21 15:29:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru[2009-06-14 19:30:42 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-06-14 19:30:42 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll[2009-06-14 19:30:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2009-05-02 19:13:49 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll[2009-05-02 19:13:49 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll[2009-05-02 19:13:49 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll[2009-05-02 19:13:49 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll[2009-05-02 19:13:49 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll[2009-05-02 19:13:49 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll[2009-05-02 19:13:49 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll[2009-05-16 09:15:43 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-05-16 09:15:43 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-05-16 09:15:43 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-05-16 09:15:43 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-05-16 09:15:43 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-05-16 09:15:43 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-05-16 09:15:43 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (317633 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1	   localhostO1 - Hosts: 127.0.0.1	www.007guard.comO1 - Hosts: 127.0.0.1	007guard.comO1 - Hosts: 127.0.0.1	008i.comO1 - Hosts: 127.0.0.1	www.008k.comO1 - Hosts: 127.0.0.1	008k.comO1 - Hosts: 127.0.0.1	www.00hq.comO1 - Hosts: 127.0.0.1	00hq.comO1 - Hosts: 127.0.0.1	010402.comO1 - Hosts: 127.0.0.1	www.032439.comO1 - Hosts: 127.0.0.1	032439.comO1 - Hosts: 127.0.0.1	www.0scan.comO1 - Hosts: 127.0.0.1	0scan.comO1 - Hosts: 127.0.0.1	www.1000gratisproben.comO1 - Hosts: 127.0.0.1	1000gratisproben.comO1 - Hosts: 127.0.0.1	www.1001namen.comO1 - Hosts: 127.0.0.1	1001namen.comO1 - Hosts: 127.0.0.1	100888290cs.comO1 - Hosts: 127.0.0.1	www.100888290cs.comO1 - Hosts: 127.0.0.1	100sexlinks.comO1 - Hosts: 127.0.0.1	www.100sexlinks.comO1 - Hosts: 127.0.0.1	10sek.comO1 - Hosts: 127.0.0.1	www.10sek.comO1 - Hosts: 127.0.0.1	www.1-2005-search.comO1 - Hosts: 127.0.0.1	1-2005-search.comO1 - Hosts: 10896 more lines...O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not foundO3 - HKU\S-1-5-21-73586283-1580436667-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not foundO4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe ()O4 - HKLM..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe ()O4 - HKLM..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe ()O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)O4 - HKLM..\Run: [Digital Patrol Update 5] C:\Program Files\NictaTech Software\Digital Patrol 5\dpatrolu.exe File not foundO4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)O4 - HKLM..\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidSetup.exe (JMicron Technology Corp.)O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()O4 - HKLM..\Run: [LELA] C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe (Linksys LLC - A Division of Cisco Systems)O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKU\S-1-5-21-73586283-1580436667-839522115-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()O4 - HKU\S-1-5-21-73586283-1580436667-839522115-1003..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)O4 - HKU\S-1-5-21-73586283-1580436667-839522115-1003..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe File not foundO4 - HKU\S-1-5-21-73586283-1580436667-839522115-1003..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe ()O4 - HKU\S-1-5-21-73586283-1580436667-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe File not foundO4 - HKU\S-1-5-21-73586283-1580436667-839522115-1003..\Run: [HEXelon MAX] C:\Program Files\HEXelon MAX 6\hexelon.exe (Jerzy Znamirowski)O4 - HKU\S-1-5-21-73586283-1580436667-839522115-1003..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Phoenix Labs)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-73586283-1580436667-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O8 - Extra context menu item: ÓñČĚŘľ«ÁéĎÂÔŘ(&B) - Reg Error: Value error. File not foundO8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm File not foundO9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.O15 - HKU\.DEFAULT\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.O15 - HKU\S-1-5-18\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.O15 - HKU\S-1-5-21-73586283-1580436667-839522115-1003\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control)O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab (Battlefield Heroes Updater)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd.dll (Kaspersky Lab)O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-01-26 21:13:19 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck) -  File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) -  File not found========== Files/Folders - Created Within 30 Days ==========[2009-07-21 15:56:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\EurekaLog[2009-07-21 15:45:03 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Damian\Pulpit\OTL.exe[2009-07-21 15:30:02 | 00,604,140 | -HS- | C] () -- C:\WINDOWS\System32\drivers\ISwift3.dat[2009-07-21 15:28:54 | 00,105,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat[2009-07-21 15:28:54 | 00,094,643 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat[2009-07-21 15:27:54 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab[2009-07-21 15:27:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab[2009-07-21 15:27:35 | 00,296,976 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys[2009-07-21 15:18:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Pulpit\Kaspersky.Internet.Security.2010.9.0.0.463[2009-07-21 15:03:01 | 64,429,122 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Kaspersky.Internet.Security.2010.9.0.0.463.rar[2009-07-21 10:22:42 | 06,571,484 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\xp.rar[2009-07-20 23:42:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Digital Patrol[2009-07-20 23:35:29 | 10,935,808 | ---- | C] (NictaTech Software										  ) -- C:\Documents and Settings\Damian\Pulpit\dp.5.2.18.setup.exe[2009-07-20 23:28:05 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job[2009-07-20 23:24:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft[2009-07-20 23:13:02 | 60,857,536 | ---- | C] (Lavasoft																																																																									) -- C:\Documents and Settings\Damian\Pulpit\Ad-AwareAE807_[www.programosy.pl].exe[2009-07-20 13:11:31 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\HijackThis.lnk[2009-07-20 13:11:27 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro[2009-07-20 13:10:43 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Damian\Pulpit\HJTInstall.exe[2009-07-19 23:49:25 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys[2009-07-19 23:49:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2009-07-19 23:49:18 | 00,130,936 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys[2009-07-19 23:49:18 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys[2009-07-19 23:49:14 | 00,001,655 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk[2009-07-19 23:49:12 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys[2009-07-19 23:49:12 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools[2009-07-19 23:49:02 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor[2009-07-19 23:49:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\PC Tools[2009-07-19 23:49:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools[2009-07-19 23:44:12 | 23,975,456 | ---- | C] (PC Tools													) -- C:\Documents and Settings\Damian\Pulpit\sdstart.exe[2009-07-19 23:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\Malwarebytes[2009-07-19 23:29:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes[2009-07-19 23:25:21 | 03,775,176 | ---- | C] (Malwarebytes Corporation									) -- C:\Documents and Settings\Damian\Pulpit\mbam-setup.exe[2009-07-19 23:25:05 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy[2009-07-19 23:25:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy[2009-07-19 23:19:35 | 16,409,960 | ---- | C] (Safer Networking Limited									) -- C:\Documents and Settings\Damian\Pulpit\spybotsd162.exe[2009-07-19 23:19:00 | 01,684,616 | ---- | C] (Uniblue Systems																																																																							 ) -- C:\Documents and Settings\Damian\Pulpit\registrybooster.exe[2009-07-19 20:55:34 | 00,000,000 | ---D | C] -- C:\Program Files\Google[2009-07-19 19:17:46 | 00,000,772 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\AQQ.lnk[2009-07-19 19:17:40 | 00,000,000 | ---D | C] -- C:\Program Files\WapSter[2009-07-19 19:16:10 | 06,297,716 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\AQQ_PD_20550.exe[2009-07-16 17:53:31 | 31,046,7037 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\WoW-3.1.3-to-3.2.0-enGB-Win-patch_Part1.zip[2009-07-13 20:29:31 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Damian\Pulpit\Dok1.doc[2009-07-08 14:31:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\ESET[2009-07-08 14:06:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Dane aplikacji\ESET[2009-07-04 17:12:15 | 00,000,555 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk[2009-07-03 15:48:56 | 00,219,664 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\klogon.dll[2009-07-03 15:45:12 | 00,027,507 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat[2009-06-28 10:47:15 | 00,001,538 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Curse Client.lnk[2009-06-28 10:47:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\CurseClient[2009-06-28 10:47:11 | 00,000,000 | ---D | C] -- C:\Program Files\Curse[2009-05-16 20:14:00 | 00,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI[2009-04-22 00:19:06 | 00,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat[2009-04-05 10:17:00 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2009-03-25 15:28:22 | 00,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys[2009-03-25 15:28:22 | 00,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys[2009-03-25 15:22:44 | 00,014,682 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini[2009-03-22 20:18:45 | 00,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini[2009-03-22 20:18:45 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini[2009-03-22 20:18:38 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll[2009-03-22 20:18:37 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL[2009-03-08 17:17:42 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys[2009-03-05 21:09:03 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2009-03-05 21:09:02 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2009-03-05 21:09:02 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2009-03-05 21:09:01 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll[2009-02-12 14:28:34 | 00,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI[2009-02-05 20:55:43 | 00,138,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys[2009-02-05 20:55:21 | 00,000,305 | ---- | C] () -- C:\WINDOWS\game.ini[2009-02-02 23:54:45 | 00,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll[2009-02-02 23:54:45 | 00,012,664 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys[2009-02-02 21:22:10 | 00,005,288 | ---- | C] () -- C:\WINDOWS\hpdj3600.ini[2009-02-01 12:15:30 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys[2009-01-27 12:09:39 | 00,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys[2009-01-27 12:09:39 | 00,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys[2009-01-26 22:21:52 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2009-01-26 22:21:52 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest[2009-01-26 21:30:33 | 00,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini[2009-01-26 21:18:27 | 00,015,010 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini[2009-01-26 21:18:01 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys[2009-01-26 21:17:46 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS[2009-01-15 09:19:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll[2009-01-15 09:19:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll[2009-01-15 09:19:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll[2009-01-15 09:19:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll[2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll[2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll[2002-10-03 14:42:27 | 00,000,034 | ---- | C] () -- C:\WINDOWS\Q3version.ini[2001-07-21 22:16:20 | 00,000,618 | ---- | C] () -- C:\WINDOWS\win.ini[2001-07-21 22:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini========== Files - Modified Within 30 Days ==========[5 C:\WINDOWS\System32\*.tmp files][4 C:\WINDOWS\*.tmp files][1 C:\Documents and Settings\Damian\Moje dokumenty\*.tmp files][2009-07-21 15:57:10 | 00,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{263C032E-50AD-4122-B838-927203621CA1}.job[2009-07-21 15:56:03 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009-07-21 15:55:11 | 00,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2009-07-21 15:55:00 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-07-21 15:54:59 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-07-21 15:45:03 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Damian\Pulpit\OTL.exe[2009-07-21 15:30:02 | 00,604,140 | -HS- | M] () -- C:\WINDOWS\System32\drivers\ISwift3.dat[2009-07-21 15:28:54 | 00,105,395 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat[2009-07-21 15:28:54 | 00,094,643 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat[2009-07-21 15:27:35 | 00,296,976 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys[2009-07-21 15:14:23 | 64,429,122 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Kaspersky.Internet.Security.2010.9.0.0.463.rar[2009-07-21 10:42:08 | 00,042,496 | ---- | M] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-07-21 10:23:45 | 06,571,484 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\xp.rar[2009-07-20 23:40:24 | 10,935,808 | ---- | M] (NictaTech Software										  ) -- C:\Documents and Settings\Damian\Pulpit\dp.5.2.18.setup.exe[2009-07-20 23:28:06 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job[2009-07-20 23:22:22 | 60,857,536 | ---- | M] (Lavasoft																																																																									) -- C:\Documents and Settings\Damian\Pulpit\Ad-AwareAE807_[www.programosy.pl].exe[2009-07-20 20:18:37 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2009-07-20 13:11:32 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\HijackThis.lnk[2009-07-20 13:11:07 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Damian\Pulpit\HJTInstall.exe[2009-07-19 23:49:14 | 00,001,655 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk[2009-07-19 23:48:17 | 23,975,456 | ---- | M] (PC Tools													) -- C:\Documents and Settings\Damian\Pulpit\sdstart.exe[2009-07-19 23:33:09 | 00,317,633 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts[2009-07-19 23:26:10 | 03,775,176 | ---- | M] (Malwarebytes Corporation									) -- C:\Documents and Settings\Damian\Pulpit\mbam-setup.exe[2009-07-19 23:22:09 | 16,409,960 | ---- | M] (Safer Networking Limited									) -- C:\Documents and Settings\Damian\Pulpit\spybotsd162.exe[2009-07-19 23:19:27 | 01,684,616 | ---- | M] (Uniblue Systems																																																																							 ) -- C:\Documents and Settings\Damian\Pulpit\registrybooster.exe[2009-07-19 21:26:05 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2009-07-19 19:17:46 | 00,000,772 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\AQQ.lnk[2009-07-19 19:17:14 | 06,297,716 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\AQQ_PD_20550.exe[2009-07-16 18:36:11 | 31,046,7037 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\WoW-3.1.3-to-3.2.0-enGB-Win-patch_Part1.zip[2009-07-15 15:53:25 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2009-07-13 20:29:22 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Damian\Pulpit\Dok1.doc[2009-07-13 19:57:09 | 02,106,682 | -H-- | M] () -- C:\Documents and Settings\Damian\Ustawienia lokalne\Dane aplikacji\IconCache.db[2009-07-11 20:29:38 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf[2009-07-09 23:26:01 | 00,000,618 | ---- | M] () -- C:\WINDOWS\win.ini[2009-07-07 17:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe[2009-07-04 19:56:17 | 00,000,083 | ---- | M] () -- C:\WINDOWS\wa.INI[2009-07-04 19:20:40 | 00,000,555 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk[2009-07-03 15:48:56 | 00,219,664 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\klogon.dll[2009-07-03 15:45:12 | 00,027,507 | ---- | M] () -- C:\WINDOWS\System32\drivers\klopp.dat[2009-07-02 10:52:58 | 04,194,322 | ---- | M] () -- C:\memory_map.tga[2009-06-30 19:23:10 | 00,000,437 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics[2009-06-29 08:58:58 | 00,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat[2009-06-28 10:47:15 | 00,001,538 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Curse Client.lnk========== LOP Check ==========[2009-07-21 15:52:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2009-04-05 19:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy[2009-02-01 12:10:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard[2009-02-01 12:17:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite[2009-07-08 14:05:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET[2009-04-24 18:14:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software[2009-03-22 19:58:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pure Networks[2009-02-20 18:16:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive[2009-07-21 15:56:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2009-04-12 10:50:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft[2009-07-21 15:56:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Damian\Dane aplikacji[2009-02-02 15:47:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\BitSpirit[2009-02-01 12:18:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\DAEMON Tools[2009-02-01 12:21:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\DAEMON Tools Lite[2009-02-01 12:18:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\DAEMON Tools Pro[2009-07-21 14:57:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Digital Patrol[2009-07-08 14:06:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\ESET[2009-07-21 15:56:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\EurekaLog[2009-07-21 12:32:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\foobar2000[2009-02-11 22:00:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Gadu-Gadu[2009-04-04 23:57:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Hamachi[2009-04-26 18:51:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\HEXelon[2009-04-05 09:47:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\id Software[2009-02-04 14:32:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Leadertech[2009-03-04 23:33:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\LG Electronics[2009-05-17 15:48:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\MobMapUpdater[2009-02-11 23:00:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Nowe Gadu-Gadu[2009-01-26 21:35:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Opera[2009-04-30 18:43:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\SecuROM[2009-04-30 16:28:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Sports Interactive[2009-06-20 16:29:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\teamspeak2[2009-03-09 08:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\The Creative Assembly[2009-02-16 20:32:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Thunderbird[2009-01-26 21:50:52 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2009-07-10 19:23:46 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Halina\Dane aplikacji[2009-07-10 19:23:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Halina\Dane aplikacji\ESET[2009-06-08 18:43:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Halina\Dane aplikacji\foobar2000[2009-01-27 10:42:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Halina\Dane aplikacji\Opera[2009-01-26 21:16:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2009-07-11 20:21:42 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Natalka\Dane aplikacji[2009-03-08 18:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Natalka\Dane aplikacji\Cool Record Edit Pro[2009-07-11 20:21:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Natalka\Dane aplikacji\ESET[2009-01-29 15:44:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Natalka\Dane aplikacji\Gadu-Gadu[2009-02-14 21:02:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Natalka\Dane aplikacji\Nowe Gadu-Gadu[2009-01-27 11:50:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Natalka\Dane aplikacji\Opera[2009-03-08 17:21:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Natalka\Dane aplikacji\Samsung[2009-01-26 21:15:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2009-07-20 23:28:06 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job[2009-07-20 20:18:37 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job[2001-07-21 22:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2009-07-21 15:55:00 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT[2009-07-21 15:57:10 | 00,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{263C032E-50AD-4122-B838-927203621CA1}.job========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2< End of report >

Z gory dzieki za pomoc.

Gość
komentarz
komentarz

W logu nic nie ma oprócz kosmetyki.

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)O8 - Extra context menu item: ÓñČĚŘľ«ÁéĎÂÔŘ(&B) - Reg Error: Value error. File not foundO8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm File not foundO3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not foundO3 - HKU\S-1-5-21-73586283-1580436667-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found:Commands[emptytemp][start explorer][Reboot]

Klikasz w Run Fix i zatwierdzasz restart komputera.

Po restarcie pokazujesz log z czyszczenia.

.

xav
komentarz
komentarz
All processes killed========== OTL ==========No active process named explorer.exe was found!Starting removal of ActiveX control {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}C:\Program Files\WebEx\ieatgpc.inf moved successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ not found.Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ÓñČĚŘľ«ÁéĎÂÔŘ(&B)\ deleted successfully.Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Pobierz z &BitSpirit\ deleted successfully.Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.Registry value HKEY_USERS\S-1-5-21-73586283-1580436667-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.========== COMMANDS ==========[EMPTYTEMP]User: All UsersUser: Damian->Temp folder emptied: 11097786 bytes->Temporary Internet Files folder emptied: 28007905 bytes->Java cache emptied: 29297102 bytes->FireFox cache emptied: 44787713 bytes->Opera cache emptied: 24854972 bytesUser: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 33170 bytesUser: Halina->Temp folder emptied: 16311924 bytes->Temporary Internet Files folder emptied: 3629992 bytes->Java cache emptied: 19424203 bytes->FireFox cache emptied: 78208841 bytes->Opera cache emptied: 21840073 bytesUser: LocalService->Temp folder emptied: 0 bytesFile delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.->Temporary Internet Files folder emptied: 33172 bytesUser: Natalka->Temp folder emptied: 70974631 bytes->Temporary Internet Files folder emptied: 40551467 bytes->Java cache emptied: 19424174 bytes->Opera cache emptied: 45771915 bytesUser: NetworkService->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 920643 bytes%systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 2134153 bytes%systemroot%\System32 .tmp files removed: 2932772 bytesWindows Temp folder emptied: 16867 bytesRecycleBin emptied: 0 bytesTotal Files Cleaned = 438,93 mbOTL by OldTimer - Version 3.0.9.2 log created on 07212009_163153Files\Folders moved on Reboot...Registry entries deleted on Reboot...
MarekM25
komentarz
komentarz (edytowane)

Jest ok;)

Jeżeli nie usunąłeś programów ochronnych to zrób to i zostaw jeden;)

O1 HOSTS File: (317633 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1	   localhostO1 - Hosts: 127.0.0.1	www.007guard.comO1 - Hosts: 127.0.0.1	007guard.comO1 - Hosts: 127.0.0.1	008i.comO1 - Hosts: 127.0.0.1	www.008k.comO1 - Hosts: 127.0.0.1	008k.comO1 - Hosts: 127.0.0.1	www.00hq.comO1 - Hosts: 127.0.0.1	00hq.comO1 - Hosts: 127.0.0.1	010402.comO1 - Hosts: 127.0.0.1	www.032439.comO1 - Hosts: 127.0.0.1	032439.comO1 - Hosts: 127.0.0.1	www.0scan.comO1 - Hosts: 127.0.0.1	0scan.comO1 - Hosts: 127.0.0.1	www.1000gratisproben.comO1 - Hosts: 127.0.0.1	1000gratisproben.comO1 - Hosts: 127.0.0.1	www.1001namen.comO1 - Hosts: 127.0.0.1	1001namen.comO1 - Hosts: 127.0.0.1	100888290cs.comO1 - Hosts: 127.0.0.1	www.100888290cs.comO1 - Hosts: 127.0.0.1	100sexlinks.comO1 - Hosts: 127.0.0.1	www.100sexlinks.comO1 - Hosts: 127.0.0.1	10sek.comO1 - Hosts: 127.0.0.1	www.10sek.comO1 - Hosts: 127.0.0.1	www.1-2005-search.comO1 - Hosts: 127.0.0.1	1-2005-search.comO1 - Hosts: 10896 more lines...

Wywal wszystko z pliki Hosts ( C:\WINDOWS\System32\drivers\etc\Hosts) a zostaw tylko O1 - Hosts: 127.0.0.1 localhost

xav
komentarz
komentarz

Z antyspyware'ow zostawilem Spy Doctora, dodatkowo sciagnalem wersje testowa KIS2010.

Co do hostow- ktory usunac?

208bo05.jpg

MarekM25
komentarz
komentarz (edytowane)

Żaden tylko otwórz za pomocą notatnika plik hosts i usuń z niego wszystkie wpisy poza Hosts: 127.0.0.1 localhost

xav
komentarz
komentarz

Okej, usunalem te wpisy.

Wielkie dzieki za pomoc Wam obu. ;)

Temat do zamkniecia.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.