Konioklonio utworzono 12 sierpnia 2009 utworzono 12 sierpnia 2009 (edytowane) Złapałem jakiegoś wirusa, ściągając patch do gry, a antywirus nie może go usunąć ( UPC Smart Guard czyli F-Secure 2009 ). Log do sprawdzenia OTL logfile created on: 2009-08-12 19:06:49 - Run 1OTL by OldTimer - Version 3.0.10.6 Folder = D:\Pobieranie - Firefox Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 11,72 Gb Total Space | 6,05 Gb Free Space | 51,64% Space Free | Partition Type: NTFS Drive D: | 221,16 Gb Total Space | 153,97 Gb Free Space | 69,62% Space Free | Partition Type: NTFS Drive E: | 656,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-146D1BD986F Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009-06-10 08:28:50 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2009-06-24 11:14:50 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Anti-Virus\fsgk32st.exe PRC - [2008-09-23 15:37:18 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Common\FSMA32.EXE PRC - [2009-07-07 17:09:12 | 00,466,048 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Anti-Virus\FSGK32.EXE PRC - [2009-06-29 11:08:56 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe PRC - [2008-09-23 15:37:20 | 00,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Common\FSMB32.EXE PRC - [2009-07-10 19:07:00 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe PRC - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- D:\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2008-09-23 15:37:18 | 00,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Common\FCH32.EXE PRC - [2008-09-23 15:37:18 | 00,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Common\FAMEH32.EXE PRC - [2008-09-23 15:35:14 | 00,043,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Anti-Virus\fsqh.exe PRC - [2008-09-23 15:37:28 | 00,686,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\FSPC\fspc.exe PRC - [2008-09-23 15:34:32 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\FSAUA\program\fsaua.exe PRC - [2009-07-07 17:09:12 | 00,586,880 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Anti-Virus\fssm32.exe PRC - [2008-09-23 15:37:54 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\ORSP Client\fsorsp.exe PRC - [2008-09-23 15:35:40 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\FWES\Program\fsdfwd.exe PRC - [2008-10-10 15:08:46 | 00,174,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\FSAUA\program\fsus.exe PRC - [2009-06-24 11:14:50 | 00,347,744 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Anti-Virus\fsav32.exe PRC - [2004-08-04 00:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2008-08-15 05:13:26 | 30,003,200 | R--- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe PRC - [2008-09-23 15:37:18 | 00,182,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Common\FSM32.EXE PRC - [2009-07-23 19:30:06 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2008-09-23 15:36:54 | 00,604,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\FSGUI\fsguidll.exe PRC - [2009-08-12 19:05:45 | 00,513,536 | ---- | M] (OldTimer Tools) -- D:\Pobieranie - Firefox\OTL(2).exe PRC - [2009-08-09 10:48:55 | 00,908,280 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe ========== Win32 Services (SafeList) ========== SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2009-06-24 11:14:50 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running]) SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2008-09-23 15:34:32 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running]) SRV - [2008-09-23 15:35:40 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\FWES\Program\fsdfwd.exe -- (FSDFWD [On_Demand | Running]) SRV - [2008-09-23 15:37:18 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\Common\FSMA32.EXE -- (FSMA [Auto | Running]) SRV - [2008-09-23 15:37:54 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\ORSP Client\fsorsp.exe -- (FSORSPClient [On_Demand | Running]) SRV - [2009-07-23 19:30:10 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca0bbb4535872a [Auto | Stopped]) SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped]) SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2009-06-10 08:28:50 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (nvsvc [Auto | Running]) SRV - [2009-06-29 11:08:56 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running]) SRV - [2009-07-10 19:07:00 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running]) SRV - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- D:\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running]) ========== Driver Services (SafeList) ========== DRV - [2007-06-29 14:47:34 | 00,034,304 | ---- | M] (AMD, Inc.) -- C:\WINDOWS\System32\DRIVERS\AmdLLD.sys -- (AmdLLD [On_Demand | Running]) DRV - [2007-05-14 23:38:22 | 00,009,216 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\DRIVERS\Amfilter.sys -- (Amfilter [system | Running]) DRV - [2007-05-14 23:41:46 | 00,014,336 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\DRIVERS\Amusbprt.sys -- (Amusbprt [On_Demand | Stopped]) DRV - [2008-09-23 15:35:18 | 00,039,776 | ---- | M] () -- C:\Program Files\UPC SmartGuard\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter [Disabled | Stopped]) DRV - [2009-07-07 17:09:43 | 00,099,960 | ---- | M] () -- C:\Program Files\UPC SmartGuard\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper [On_Demand | Running]) DRV - [2008-09-23 15:37:06 | 00,066,720 | ---- | M] (F-Secure Corporation) -- C:\Program Files\UPC SmartGuard\HIPS\drivers\fshs.sys -- (F-Secure HIPS [system | Running]) DRV - [2008-09-23 15:35:18 | 00,025,184 | ---- | M] () -- C:\Program Files\UPC SmartGuard\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer [Disabled | Stopped]) DRV - [2009-07-08 10:38:25 | 00,033,920 | ---- | M] () -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts [boot | Running]) DRV - [2008-09-23 15:35:38 | 00,079,904 | ---- | M] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW [boot | Running]) DRV - [1996-04-03 21:33:26 | 00,005,248 | ---- | M] () -- C:\WINDOWS\system32\giveio.sys -- (giveio [boot | Running]) DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2008-02-14 08:12:00 | 01,389,056 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\monfilt.sys -- (monfilt [On_Demand | Running]) DRV - [2004-08-15 02:00:00 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running]) DRV - [2009-06-10 18:33:00 | 08,087,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2009-07-10 19:06:33 | 00,138,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys -- (PnkBstrK [On_Demand | Stopped]) DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2009-02-25 19:55:00 | 00,009,088 | ---- | M] () -- D:\RivaTuner v2.24\RivaTuner32.sys -- (RivaTuner32 [On_Demand | Running]) DRV - [2008-07-01 05:27:44 | 00,108,800 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running]) DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2006-09-24 15:28:46 | 00,005,248 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\speedfan.sys -- (speedfan [boot | Running]) DRV - [2009-06-26 09:41:02 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running]) DRV - [2005-08-30 01:47:38 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped]) DRV - [2005-08-30 01:49:34 | 00,008,336 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped]) DRV - [2005-08-30 01:49:38 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped]) DRV - [2008-07-25 14:09:24 | 00,845,184 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\viahduaa.sys -- (VIAHdAudAddService [On_Demand | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\S-1-5-21-1659004503-1614895754-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-1659004503-1614895754-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKU\S-1-5-21-1659004503-1614895754-839522115-500\S-1-5-21-1659004503-1614895754-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-06-28 16:14:07 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009-07-23 19:30:14 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: D:\Mozilla Firefox\components [2009-08-09 14:28:06 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: D:\Mozilla Firefox\plugins [2009-08-09 10:49:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: D:\Mozilla Thunderbird\components [2009-07-23 19:30:11 | 00,000,000 | ---D | M] [2009-07-01 08:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions [2009-07-01 08:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-08-12 12:50:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\0xzh2nyy.default\extensions Hosts file not found O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Free Download Manager\iefdm2.dll () O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\UPC SmartGuard\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\UPC SmartGuard\FSGUI\TNBUtil.exe (F-Secure Corporation) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.) O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [RivaTunerStartupDaemon] D:\RivaTuner v2.24\RivaTuner.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1659004503-1614895754-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - D:\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Pobierz w Free Download Manager - D:\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - D:\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - D:\Free Download Manager\dlselected.htm () O9 - Extra Button: Kontrola rodzicielska... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\UPC SmartGuard\FSPC\fspcmsie.dll (F-Secure Corporation) O9 - Extra 'Tools' menuitem : Kontrola rodzicielska... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\UPC SmartGuard\FSPC\fspcmsie.dll (F-Secure Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\UPC SmartGuard\FSPS\program\fslsp.dll (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\UPC SmartGuard\FSPS\program\fslsp.dll (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\UPC SmartGuard\FSPS\program\fslsp.dll (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\UPC SmartGuard\FSPS\program\fslsp.dll (F-Secure Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-24 10:28:27 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-01-27 17:02:52 | 00,000,030 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{22a90242-60a7-11de-85a8-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{22a90242-60a7-11de-85a8-806d6172696f}\Shell\AutoRun\command - "" = E:\pcformat.exe -- [2008-01-24 12:16:12 | 02,199,040 | R--- | M] () O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found ========== Files/Folders - Created Within 30 Days ========== [2 C:\WINDOWS\System32\*.tmp files] [2009-08-12 18:55:23 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk [2009-08-12 18:55:22 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2009-08-12 18:50:12 | 00,002,456 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg [2009-08-12 18:39:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\SmitFraudFix 2.423 [2009-08-12 16:18:08 | 00,000,445 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\KungFu-L2.lnk [2009-08-12 16:08:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield [2009-08-12 14:11:00 | 00,000,339 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Muzyka.lnk [2009-08-12 12:02:06 | 00,000,000 | ---D | C] -- C:\Downloads [2009-08-12 11:55:43 | 00,000,000 | ---D | C] -- C:\Program Files\Software Informer [2009-08-12 11:55:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Software Informer [2009-08-12 11:55:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2009-08-12 11:55:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2009-08-06 18:30:03 | 00,000,428 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do fraps.exe.lnk [2009-08-06 10:13:53 | 00,000,595 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Medieval 2 Total War.lnk [2009-08-04 14:12:59 | 00,094,000 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ssm_mdm.sys [2009-08-04 14:12:59 | 00,058,320 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ssm_bus.sys [2009-08-04 14:12:59 | 00,008,336 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ssm_mdfl.sys [2009-08-04 14:12:59 | 00,006,176 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ssm_cmnt.sys [2009-08-04 14:12:59 | 00,006,176 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ssm_cm.sys [2009-08-04 14:12:59 | 00,005,840 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ssm_whnt.sys [2009-08-04 14:12:59 | 00,005,840 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ssm_wh.sys [2009-08-04 14:12:58 | 00,022,486 | R--- | C] () -- C:\WINDOWS\System32\UnInstall_Driver.ico [2009-08-04 14:12:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Samsung_USB_Drivers [2009-08-04 13:18:57 | 00,001,478 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Wylacz.exe.lnk [2009-07-30 18:24:08 | 00,000,500 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do RivaTuner.exe.lnk [2009-07-29 09:12:20 | 00,000,736 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Need for Sped Pro Street.lnk [2009-07-28 08:26:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2009-07-28 08:26:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Codemasters [2009-07-28 08:22:36 | 00,000,000 | ---D | C] -- C:\Program Files\OpenAL [2009-07-28 08:22:35 | 00,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2009-07-28 08:22:35 | 00,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2009-07-28 08:21:23 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2009-07-28 08:21:23 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2009-07-28 08:21:22 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2009-07-28 08:21:20 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2009-07-28 08:21:20 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2009-07-28 08:21:19 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2009-07-28 08:21:19 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2009-07-28 08:21:17 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll [2009-07-28 08:21:17 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll [2009-07-28 08:21:16 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll [2009-07-28 08:21:15 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2009-07-28 08:21:15 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2009-07-28 08:21:14 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2009-07-28 08:21:14 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2009-07-28 08:21:12 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll [2009-07-28 08:21:12 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll [2009-07-28 08:21:11 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2009-07-28 08:21:10 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2009-07-28 08:21:10 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2009-07-28 08:21:09 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll [2009-07-28 08:21:08 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2009-07-28 08:21:08 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2009-07-28 08:21:07 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2009-07-28 08:21:06 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2009-07-28 08:21:05 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2009-07-28 08:21:04 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2009-07-28 08:21:04 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2009-07-28 08:21:03 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2009-07-28 08:21:02 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2009-07-28 08:21:01 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2009-07-28 08:21:00 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2009-07-28 08:21:00 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2009-07-28 08:20:59 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2009-07-28 08:20:58 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2009-07-28 08:20:55 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2009-07-28 08:20:55 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2009-07-28 08:20:54 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2009-07-28 08:19:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs [2009-07-28 08:16:52 | 00,000,454 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Race Driver GRID.lnk [2009-07-26 13:30:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS ProStreet [2009-07-24 10:45:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\F-Secure [2009-07-24 09:25:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads [2009-07-23 21:28:26 | 04,833,732 | -H-- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-07-23 19:41:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Temp [2009-07-23 19:36:36 | 00,001,036 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009-07-23 19:36:36 | 00,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009-07-23 19:30:48 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje wideo [2009-07-23 19:30:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Real [2009-07-23 19:30:41 | 00,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2009-07-23 19:30:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2009-07-23 19:30:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google [2009-07-23 19:30:11 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2009-07-23 19:30:07 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll [2009-07-23 19:30:07 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2009-07-23 19:30:07 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2009-07-23 19:30:07 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2009-07-23 19:30:06 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009-07-23 19:30:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real [2009-07-23 19:30:05 | 00,000,000 | ---D | C] -- C:\Program Files\Real [2009-07-23 19:29:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Real [2009-07-23 19:24:31 | 00,892,928 | ---- | C] (Free Software Foundation) -- C:\WINDOWS\System32\iconv.dll [2009-07-23 19:24:31 | 00,675,840 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax [2009-07-22 09:32:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\My Battle for Middle-earth Files [2009-07-21 19:04:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2009-07-16 13:20:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\DivX [2009-07-16 13:20:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Media Player Classic [2009-06-26 09:34:32 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-06-24 14:43:04 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-06-24 14:43:03 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-06-24 14:43:03 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-06-24 14:43:03 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-06-24 14:43:02 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-06-24 14:43:02 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-06-24 11:41:53 | 00,138,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-06-24 11:20:27 | 00,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys [2009-06-24 10:46:57 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009-06-24 10:46:42 | 00,033,205 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-06-24 10:46:41 | 00,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-06-10 08:29:34 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-06-10 08:29:34 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-06-10 08:29:34 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-06-10 08:29:32 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2004-08-04 00:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-07-17 11:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-07-22 00:16:20 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-22 00:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [1996-04-03 21:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys ========== Files - Modified Within 30 Days ========== [2 C:\WINDOWS\System32\*.tmp files] [2009-08-12 18:55:23 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk [2009-08-12 18:50:13 | 00,002,456 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg [2009-08-12 18:41:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009-08-12 18:37:43 | 01,109,384 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-08-12 18:37:43 | 00,497,412 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-08-12 18:37:43 | 00,439,484 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-08-12 18:37:43 | 00,086,904 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-08-12 18:37:43 | 00,070,556 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-08-12 18:35:17 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2009-08-12 18:35:17 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-08-12 18:35:17 | 00,000,223 | RHS- | M] () -- C:\boot.ini [2009-08-12 18:34:23 | 00,236,038 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2009-08-12 18:34:20 | 00,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009-08-12 18:33:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-08-12 18:33:28 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-08-12 18:30:59 | 04,833,732 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-08-12 16:18:08 | 00,000,445 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\KungFu-L2.lnk [2009-08-12 14:11:00 | 00,000,339 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Muzyka.lnk [2009-08-12 13:39:02 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2009-08-07 10:00:12 | 00,000,244 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy.job [2009-08-06 18:30:03 | 00,000,428 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do fraps.exe.lnk [2009-08-06 10:13:53 | 00,000,595 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Medieval 2 Total War.lnk [2009-08-05 12:41:39 | 00,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2009-08-04 13:20:18 | 00,001,478 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Wylacz.exe.lnk [2009-08-02 10:27:28 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-07-30 18:24:08 | 00,000,500 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do RivaTuner.exe.lnk [2009-07-29 09:12:20 | 00,000,736 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Need for Sped Pro Street.lnk [2009-07-28 08:22:36 | 00,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2009-07-28 08:22:35 | 00,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2009-07-28 08:16:52 | 00,000,454 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Race Driver GRID.lnk [2009-07-23 19:30:11 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2009-07-23 19:30:07 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll [2009-07-23 19:30:07 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll [2009-07-23 19:30:07 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2009-07-23 19:30:07 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2009-07-23 19:30:07 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll ========== LOP Check ========== [2009-08-12 16:08:15 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji [2009-08-12 18:34:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2009-07-24 10:45:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\F-Secure [2009-07-22 09:32:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\My Battle for Middle-earth Files [2009-08-12 18:35:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Software Informer [2009-07-09 13:44:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Thunderbird [2009-08-12 11:55:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-06-24 12:50:15 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31} [2009-06-29 11:08:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA3DeployClient [2009-07-28 08:26:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2009-06-26 09:40:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-08-12 11:55:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2009-06-24 11:06:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure [2009-06-24 11:06:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\fssg [2009-08-06 18:29:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-06-29 12:55:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited [2009-06-24 12:08:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip [2009-06-24 12:12:09 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-06-24 10:32:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-06-24 10:31:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-08-12 18:34:20 | 00,001,032 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2009-08-12 18:41:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2009-08-12 18:33:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [2009-08-07 10:00:12 | 00,000,244 | ---- | M] () -- C:\WINDOWS\Tasks\Spybot - Search & Destroy.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report > Proszę bardzo
Psycholandia komentarz 12 sierpnia 2009 komentarz 12 sierpnia 2009 Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338
Gość komentarz 12 sierpnia 2009 komentarz 12 sierpnia 2009 Log jest OK. Gdzie AV wykrywa tego wirusa? .
Konioklonio komentarz 12 sierpnia 2009 Autor komentarz 12 sierpnia 2009 W folderze do którego rozpakowałem patch, czyli w folderze z grą. Mogę jeszcze wrzucić log z Smith Freauda.
Gość komentarz 12 sierpnia 2009 komentarz 12 sierpnia 2009 Może Screen jak wykrywa tego wirusa? Raczej SmitFraudFix to nic nie pomoże po on raczej nie jest on do takich infecji, loga możesz wklejić. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.