dudeck utworzono 2 września 2009 utworzono 2 września 2009 Cześć. Od ponad tygodnia avast wyrzuca mi alert o trojanie. Nie pamiętam dokładnie gdzie, ale jest on w sterownikach systemowych. Poniżej zamieszczam skan z OTLa. Log do sprawdzenia OTL logfile created on: 2009-09-02 17:46:24 - Run 1 OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Mati\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 413,89 Mb Available Physical Memory | 40,44% Memory free 2,40 Gb Paging File | 1,81 Gb Available in Paging File | 75,36% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,97 Gb Total Space | 1,44 Gb Free Space | 7,22% Space Free | Partition Type: NTFS Drive D: | 32,47 Gb Total Space | 3,75 Gb Free Space | 11,56% Space Free | Partition Type: NTFS Drive E: | 22,11 Gb Total Space | 3,40 Gb Free Space | 15,39% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DUDEK Current User Name: Mati Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2004-09-07 16:25:12 | 01,151,090 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe PRC - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2004-08-04 02:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2009-06-30 18:00:42 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe PRC - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe PRC - [2009-03-09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2003-06-20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2004-06-03 21:51:54 | 00,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe PRC - [2009-08-17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-03-06 21:07:30 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\WINDOWS\System32\qttask.exe PRC - [2009-03-09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2008-11-15 06:53:14 | 06,447,744 | ---- | M] () -- C:\xampp\mysql\bin\mysqld.exe PRC - [2009-01-17 16:48:08 | 05,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe PRC - [2008-10-20 22:18:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2004-08-04 01:55:54 | 01,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2009-01-15 09:19:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2003-04-30 17:43:32 | 00,389,120 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall\persfw.exe PRC - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe PRC - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe PRC - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-08-16 21:04:08 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2003-07-15 07:45:18 | 00,196,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE PRC - [2003-08-06 22:24:20 | 12,037,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE PRC - [2009-07-10 11:27:57 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe PRC - [2009-09-02 17:45:44 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mati\Pulpit\OTL.exe ========== Win32 Services (SafeList) ========== SRV - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe -- (Apache2.2 [Auto | Running]) SRV - [2007-10-24 02:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running]) SRV - [2007-10-24 02:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2007-10-09 13:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2009-02-25 00:02:03 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c996cb8a1ea944 [Auto | Stopped]) SRV - [2004-08-04 02:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007-10-11 10:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped]) SRV - [2004-09-07 16:25:12 | 01,151,090 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running]) SRV - [2009-03-09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2003-06-20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running]) SRV - [2008-11-15 06:53:14 | 06,447,744 | ---- | M] () -- C:\xampp\mysql\bin\mysqld.exe -- (mysql [Auto | Running]) SRV - [2007-10-11 10:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2008-10-20 22:18:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU [Auto | Running]) SRV - [2009-01-15 09:19:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2003-04-30 17:43:32 | 00,389,120 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall\persfw.exe -- (PersFw [Auto | Running]) SRV - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) ========== Driver Services (SafeList) ========== DRV - [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [system | Running]) DRV - [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [system | Running]) DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [system | Running]) DRV - [2002-04-15 13:28:32 | 00,102,912 | ---- | M] () -- C:\WINDOWS\System32\Drivers\fwdrv.sys -- (fwdrv [system | Running]) DRV - [2006-03-01 10:25:12 | 00,008,704 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped]) DRV - [2004-09-07 16:27:22 | 00,091,136 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running]) DRV - [2004-09-07 16:27:38 | 00,028,544 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys -- (InCDPass [system | Running]) DRV - [2004-08-04 06:04:28 | 00,026,624 | R--- | M] (IC Plus Corp. ) -- C:\WINDOWS\System32\DRIVERS\ipfnd51.sys -- (ip100xp [On_Demand | Running]) DRV - [2009-01-15 09:19:00 | 06,301,248 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2004-06-03 04:40:46 | 00,079,360 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus [boot | Running]) DRV - [2004-05-25 09:58:02 | 00,048,640 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvax.sys -- (nvax [On_Demand | Running]) DRV - [2004-05-25 09:58:04 | 00,396,032 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvapu.sys -- (nvnforce [On_Demand | Running]) DRV - [2003-10-29 07:02:00 | 00,021,120 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp [boot | Running]) DRV - [2002-09-29 01:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running]) DRV - [2004-08-03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running]) DRV - [2004-07-17 13:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2009-07-09 17:56:14 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running]) DRV - [2007-05-02 12:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped]) DRV - [2007-05-02 12:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped]) DRV - [2007-05-02 12:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped]) DRV - [2009-02-06 17:12:56 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [system | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\s-1-5-21-448539723-573735546-839522115-1003\s-1-5-21-448539723-573735546-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Astroburn Search" FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.2 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.2 FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.30.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20090810 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-04-26 13:56:36 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2009-07-18 20:05:21 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\mozilla firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-08-16 21:27:05 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\mozilla firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-08-16 21:04:18 | 00,000,000 | ---D | M] [2009-02-06 13:40:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Extensions [2009-02-06 13:40:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-09-02 17:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions [2009-06-15 21:14:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66} [2009-08-20 16:30:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2009-08-19 16:28:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-07-20 14:57:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2009-08-19 16:28:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\pl@dictionaries.addons.mozilla.org [2009-03-16 19:53:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\SignPlugin@bph.pl [2009-09-02 17:45:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-08-16 21:04:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-04-26 13:56:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009-04-27 10:47:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-08-16 21:04:04 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-08-16 21:04:04 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-03-09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2003-01-13 17:08:06 | 00,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\mozilla firefox\plugins\npjp2.dll [2009-08-16 21:04:11 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2003-07-15 07:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2004-12-14 03:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2008-09-10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2008-09-10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009-08-16 21:04:13 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-08-16 21:04:13 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-16 21:04:13 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-08-16 21:04:13 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-08-16 21:04:13 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-08-16 21:04:13 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-08-16 21:04:13 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (316342 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 10878 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll (Google Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll () O3 - HKU\s-1-5-21-448539723-573735546-839522115-1003\..\Toolbar\WebBrowser: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\s-1-5-21-448539723-573735546-839522115-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team) O4 - HKU\s-1-5-21-448539723-573735546-839522115-1003..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.) O4 - HKU\s-1-5-21-448539723-573735546-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\s-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\s-1-5-19_classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\s-1-5-20_classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003_classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\FLV Player\MDIEEx.dll (Tomato) O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\FLV Player\MDIEEx.dll (Tomato) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll (Google Inc.) O9 - Extra Button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\FLV Player\MDIEEx.dll (Tomato) O9 - Extra 'Tools' menuitem : Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\FLV Player\MDIEEx.dll (Tomato) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\.DEFAULT\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-18\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\s-1-5-21-448539723-573735546-839522115-1003\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.63.129.30 84.201.208.218 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-02-06 13:06:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-03-20 17:42:25 | 00,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found ========== Files/Folders - Created Within 30 Days ========== [2015-08-24 19:41:23 | 00,000,787 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\EVEREST Ultimate Edition.lnk [2009-09-02 17:45:45 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mati\Pulpit\OTL.exe [2009-09-01 16:49:56 | 00,098,457 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\DSC01679.JPG [2009-08-24 20:01:53 | 05,292,054 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\komp.bmp [2009-08-24 19:40:58 | 09,880,664 | ---- | C] (Lavalys, Inc. ) -- C:\Documents and Settings\Mati\Pulpit\everestultimate502.exe [2009-08-20 22:04:36 | 00,014,433 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\Grace_(NAPiSY-110514).NS.zip [2009-08-20 14:09:51 | 04,244,198 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\zaproszenie2.bmp [2009-08-20 13:07:59 | 04,244,198 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\zaproszenie1.bmp [2009-08-20 12:36:18 | 00,013,930 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\szlaczek2.jpg [2009-08-20 12:31:48 | 00,023,142 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\img-thing.jpg [2009-08-20 12:26:36 | 00,002,539 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\Microsoft Office Word 2003.lnk [2009-08-19 13:40:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2009-08-19 13:39:50 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009-08-17 11:53:12 | 00,043,520 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\asi podreczniki.doc [2009-08-17 10:46:00 | 00,342,475 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\cuban-tree-frog-081709-xl.jpg [2009-08-13 20:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-08-13 20:55:40 | 00,001,914 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2009-08-13 20:55:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Moje dokumenty\DAEMON Tools Lite [2009-08-13 20:55:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Dane aplikacji\DAEMON Tools Lite [2009-08-10 16:51:36 | 00,000,499 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\Resume AOL Safety and Security Center Download.lnk [2009-08-10 16:51:31 | 00,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini [2009-08-10 16:51:30 | 00,001,635 | -H-- | C] () -- C:\IPH.PH [2009-08-10 16:50:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Pulpit\AOL 9.0 [2009-08-07 21:55:53 | 00,317,571 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\screen2.jpg [2009-08-07 21:55:34 | 05,292,054 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\screen.bmp [2009-08-04 23:39:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Pulpit\Nowy folder (4) [2009-08-04 23:36:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Pulpit\Nowy folder [2009-08-04 22:22:47 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\PODZIĘKOWANIE ZA SOLIDARNOŚĆ Z OJCEM ŚWIĘTYM.msg [2009-08-02 19:31:54 | 00,048,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\83c51d05.sys [2009-07-31 13:26:52 | 00,000,482 | ---- | C] () -- C:\WINDOWS\mamba.ini [2009-07-27 19:55:38 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll [2009-07-20 14:28:52 | 00,000,123 | ---- | C] () -- C:\WINDOWS\Winchat.ini [2009-04-07 18:25:07 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-03-06 21:05:44 | 00,000,761 | ---- | C] () -- C:\WINDOWS\m3jp2k.ini [2009-03-06 21:05:44 | 00,000,702 | ---- | C] () -- C:\WINDOWS\mmtvmj.ini [2009-03-06 21:05:43 | 00,000,714 | ---- | C] () -- C:\WINDOWS\m3jpeg.ini [2009-03-06 21:05:40 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2009-03-06 21:05:39 | 00,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-03-06 21:05:37 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-02-09 21:24:45 | 00,000,717 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2009-02-07 21:20:57 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-02-06 17:00:48 | 00,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009-02-06 16:47:25 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-02-06 15:37:04 | 00,000,567 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2009-02-06 13:50:02 | 00,102,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\FWDRV.SYS [2009-02-06 13:44:45 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-01-15 09:19:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-01-15 09:19:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-01-15 09:19:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-01-15 09:19:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2004-08-04 02:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-07-17 13:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004-04-30 09:37:02 | 00,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojubus.sys [2004-04-30 09:33:00 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojuscsi.sys [2003-04-08 12:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-09-29 01:00:00 | 00,009,415 | ---- | C] () -- C:\WINDOWS\system.ini [2002-09-29 01:00:00 | 00,001,045 | ---- | C] () -- C:\WINDOWS\win.ini ========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [2015-08-24 19:41:23 | 00,000,787 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\EVEREST Ultimate Edition.lnk [2015-08-24 19:41:09 | 09,880,664 | ---- | M] (Lavalys, Inc. ) -- C:\Documents and Settings\Mati\Pulpit\everestultimate502.exe [2009-09-02 17:48:25 | 00,048,896 | ---- | M] () -- C:\WINDOWS\System32\drivers\83c51d05.sys [2009-09-02 17:45:44 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mati\Pulpit\OTL.exe [2009-09-02 17:33:53 | 00,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-09-02 17:33:49 | 00,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009-09-02 17:33:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-09-02 17:33:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-09-02 10:05:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009-09-02 09:11:01 | 00,277,352 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-09-01 20:46:13 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Mati\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-01 16:50:55 | 00,098,457 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\DSC01679.JPG [2009-08-27 21:27:09 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009-08-26 20:19:55 | 00,008,890 | ---- | M] () -- C:\WINDOWS\System32\quicktime.qtp [2009-08-24 20:01:54 | 05,292,054 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\komp.bmp [2009-08-22 20:26:30 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-08-20 22:04:32 | 00,014,433 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\Grace_(NAPiSY-110514).NS.zip [2009-08-20 14:09:51 | 04,244,198 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\zaproszenie2.bmp [2009-08-20 13:08:00 | 04,244,198 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\zaproszenie1.bmp [2009-08-20 13:02:36 | 00,070,272 | ---- | M] () -- C:\Documents and Settings\Mati\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-08-20 12:36:18 | 00,013,930 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\szlaczek2.jpg [2009-08-20 12:31:48 | 00,023,142 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\img-thing.jpg [2009-08-20 12:26:41 | 00,002,539 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\Microsoft Office Word 2003.lnk [2009-08-18 15:04:58 | 00,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-08-17 18:10:20 | 01,279,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-08-17 18:06:54 | 00,093,392 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-08-17 18:02:50 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-08-17 11:53:12 | 00,043,520 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\asi podreczniki.doc [2009-08-17 10:46:00 | 00,342,475 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\cuban-tree-frog-081709-xl.jpg [2009-08-16 21:25:58 | 00,009,415 | ---- | M] () -- C:\WINDOWS\system.ini [2009-08-16 21:25:58 | 00,001,045 | ---- | M] () -- C:\WINDOWS\win.ini [2009-08-16 21:25:58 | 00,000,425 | RHS- | M] () -- C:\boot.ini [2009-08-15 19:30:13 | 00,409,600 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2009-08-15 19:30:13 | 00,114,688 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2009-08-15 18:59:38 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-08-13 21:28:52 | 00,001,914 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2009-08-12 21:40:26 | 03,209,422 | -H-- | M] () -- C:\Documents and Settings\Mati\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-08-11 18:28:43 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-08-10 16:52:29 | 00,001,635 | -H-- | M] () -- C:\IPH.PH [2009-08-10 16:52:02 | 00,000,499 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\Resume AOL Safety and Security Center Download.lnk [2009-08-10 16:51:31 | 00,000,030 | ---- | M] () -- C:\WINDOWS\atid.ini [2009-08-07 22:11:32 | 00,000,567 | ---- | M] () -- C:\WINDOWS\WINCMD.INI [2009-08-07 21:56:04 | 00,000,717 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini [2009-08-07 21:55:53 | 00,317,571 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\screen2.jpg [2009-08-07 21:55:35 | 05,292,054 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\screen.bmp [2009-08-05 00:39:26 | 00,000,255 | ---- | M] () -- C:\Documents and Settings\Mati\Dane aplikacji\burnaware.ini [2009-08-04 22:22:47 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\PODZIĘKOWANIE ZA SOLIDARNOŚĆ Z OJCEM ŚWIĘTYM.msg ========== LOP Check ========== [2009-08-13 21:28:53 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Aga\Dane aplikacji [2009-08-12 19:45:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\BESTplayer [2009-08-13 21:19:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\Canneverbe_Limited [2009-02-07 17:09:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\CyberLink [2009-08-13 21:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\DAEMON Tools Lite [2009-02-09 23:51:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\Gadu-Gadu [2009-08-19 13:27:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\gtk-2.0 [2009-07-09 22:41:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\ipla [2009-02-08 20:25:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\Samsung [2009-07-21 16:44:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\SpeedSim [2009-08-19 13:40:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-02-06 16:24:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink [2009-08-13 20:57:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-05-14 18:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-02-24 23:24:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2009-07-09 17:37:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2009-07-09 17:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-02-06 16:00:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2009-06-19 20:08:57 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Asia\Dane aplikacji [2009-03-26 15:18:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\BESTplayer [2009-02-12 20:57:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\CyberLink [2009-02-07 19:16:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\Gadu-Gadu [2009-06-20 13:27:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\gtk-2.0 [2009-05-06 21:17:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\Samsung [2009-02-06 13:48:43 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-02-06 13:10:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-08-13 20:55:31 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Mati\Dane aplikacji [2009-07-14 13:33:14 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\Mati\Dane aplikacji\.# [2009-02-06 15:56:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\AD ON Multimedia [2009-06-28 18:35:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Ashampoo [2009-06-28 14:49:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Astroburn [2009-08-17 12:19:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\BESTplayer [2009-06-28 18:35:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Canneverbe_Limited [2009-02-11 20:35:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\CyberLink [2009-08-13 20:57:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\DAEMON Tools Lite [2009-07-09 17:46:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\DAEMON Tools Pro [2009-06-28 14:33:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Download Manager [2009-02-24 23:57:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\FileZilla [2009-02-14 16:18:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Gadu-Gadu [2009-08-20 13:00:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\gtk-2.0 [2009-02-10 12:37:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\HateML [2009-02-06 16:53:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\MyPhoneExplorer [2009-02-25 00:50:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Publish Providers [2009-02-08 21:15:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Samsung [2009-02-24 23:32:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Sony [2009-02-24 23:13:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Sony Setup [2009-07-24 23:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\SpeedSim [2009-05-25 11:03:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Thinstall [2009-08-23 21:32:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Tlen.pl [2009-06-10 08:35:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Tomato [2009-02-06 13:09:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2009-07-16 20:58:02 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Rodzice\Dane aplikacji [2002-09-29 01:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-09-02 17:33:49 | 00,001,032 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2009-09-02 10:05:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2009-09-02 17:33:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8FF81EB0 @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A9662AE0 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86 < End of report > Proszę o pomoc.
Gość komentarz 2 września 2009 komentarz 2 września 2009 Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt: :OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation):FilesC:\WINDOWS\System32\drivers\83c51d05.sys:Commands[emptytemp][start explorer][Reboot] Kliknij w Run Fix. Zatwierdź restart komputera. Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję Run Scan. Pokazujesz nowy log OTL.txt (z czyszczenia + skan). . 1
dudeck komentarz 2 września 2009 Autor komentarz 2 września 2009 Komp się zawiesił podczas zamykania... po restarcie: Log do sprawdzenia All processes killed ========== OTL ========== No active process named explorer.exe was found! ========== FILES ========== File move failed. C:\WINDOWS\System32\drivers\83c51d05.sys scheduled to be moved on reboot. ========== COMMANDS ========== [EMPTYTEMP] User: Aga ->Temp folder emptied: 49960191 bytes ->Temporary Internet Files folder emptied: 3137958 bytes ->Java cache emptied: 20153797 bytes ->FireFox cache emptied: 98658112 bytes User: All Users User: Asia ->Temp folder emptied: 12939 bytes ->Temporary Internet Files folder emptied: 22671259 bytes ->Java cache emptied: 19490435 bytes ->FireFox cache emptied: 95688912 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 65716 bytes File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 32902 bytes User: Mati ->Temp folder emptied: 8163385 bytes ->Temporary Internet Files folder emptied: 20669488 bytes ->Java cache emptied: 34073114 bytes ->FireFox cache emptied: 88406364 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Rodzice ->Temp folder emptied: 173402 bytes ->Temporary Internet Files folder emptied: 1940804 bytes ->Java cache emptied: 20046460 bytes ->FireFox cache emptied: 91735370 bytes %systemdrive% .tmp files removed: 0 bytes C:\WINDOWS\LastGood.Tmp\system32 folder deleted successfully. C:\WINDOWS\LastGood.Tmp\INF folder deleted successfully. C:\WINDOWS\LastGood.Tmp folder deleted successfully. %systemroot% .tmp files removed: 22217960 bytes %systemroot%\System32 .tmp files removed: 2596 bytes File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5cc.dat scheduled to be deleted on reboot. Windows Temp folder emptied: 647936 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 570,25 mb OTL by OldTimer - Version 3.0.10.7 log created on 09022009_215130 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\System32\drivers\83c51d05.sys scheduled to be moved on reboot. File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found! File move failed. C:\WINDOWS\temp\Perflib_Perfdata_5cc.dat scheduled to be moved on reboot. Registry entries deleted on Reboot... po ponownym skanowaniu: Log do sprawdzenia OTL logfile created on: 2009-09-02 22:02:14 - Run 2 OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Mati\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 491,94 Mb Available Physical Memory | 48,06% Memory free 2,40 Gb Paging File | 1,91 Gb Available in Paging File | 79,37% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,97 Gb Total Space | 1,80 Gb Free Space | 9,02% Space Free | Partition Type: NTFS Drive D: | 32,47 Gb Total Space | 3,32 Gb Free Space | 10,23% Space Free | Partition Type: NTFS Drive E: | 22,11 Gb Total Space | 3,40 Gb Free Space | 15,39% Space Free | Partition Type: NTFS F: Drive not present or media not loaded Drive G: | 3,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DUDEK Current User Name: Mati Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2004-09-07 16:25:12 | 01,151,090 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe PRC - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2004-08-04 02:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2009-02-25 00:02:03 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2009-06-30 18:00:42 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe PRC - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe PRC - [2009-03-09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2003-06-20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2008-11-15 06:53:14 | 06,447,744 | ---- | M] () -- C:\xampp\mysql\bin\mysqld.exe PRC - [2004-06-03 21:51:54 | 00,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe PRC - [2009-08-17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-03-06 21:07:30 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\WINDOWS\System32\qttask.exe PRC - [2009-03-09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-01-17 16:48:08 | 05,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe PRC - [2008-10-20 22:18:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2004-08-04 01:55:54 | 01,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2009-01-15 09:19:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe PRC - [2003-04-30 17:43:32 | 00,389,120 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall\persfw.exe PRC - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe PRC - [2009-08-16 21:04:08 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-09-02 17:45:44 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mati\Pulpit\OTL.exe ========== Win32 Services (SafeList) ========== SRV - [2008-12-10 01:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe -- (Apache2.2 [Auto | Running]) SRV - [2007-10-24 02:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running]) SRV - [2007-10-24 02:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2007-10-09 13:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2009-02-25 00:02:03 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c996cb8a1ea944 [Auto | Stopped]) SRV - [2004-08-04 02:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007-10-11 10:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped]) SRV - [2004-09-07 16:25:12 | 01,151,090 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running]) SRV - [2009-03-09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2003-06-20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running]) SRV - [2008-11-15 06:53:14 | 06,447,744 | ---- | M] () -- C:\xampp\mysql\bin\mysqld.exe -- (mysql [Auto | Running]) SRV - [2007-10-11 10:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2008-10-20 22:18:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU [Auto | Running]) SRV - [2009-01-15 09:19:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2003-04-30 17:43:32 | 00,389,120 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall\persfw.exe -- (PersFw [Auto | Running]) SRV - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) ========== Driver Services (SafeList) ========== DRV - [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [system | Running]) DRV - [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [system | Running]) DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [system | Running]) DRV - [2002-04-15 13:28:32 | 00,102,912 | ---- | M] () -- C:\WINDOWS\System32\Drivers\fwdrv.sys -- (fwdrv [system | Running]) DRV - [2006-03-01 10:25:12 | 00,008,704 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped]) DRV - [2004-09-07 16:27:22 | 00,091,136 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running]) DRV - [2004-09-07 16:27:38 | 00,028,544 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys -- (InCDPass [system | Running]) DRV - [2004-08-04 06:04:28 | 00,026,624 | R--- | M] (IC Plus Corp. ) -- C:\WINDOWS\System32\DRIVERS\ipfnd51.sys -- (ip100xp [On_Demand | Running]) DRV - [2009-01-15 09:19:00 | 06,301,248 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2004-06-03 04:40:46 | 00,079,360 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus [boot | Running]) DRV - [2004-05-25 09:58:02 | 00,048,640 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvax.sys -- (nvax [On_Demand | Running]) DRV - [2004-05-25 09:58:04 | 00,396,032 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvapu.sys -- (nvnforce [On_Demand | Running]) DRV - [2003-10-29 07:02:00 | 00,021,120 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp [boot | Running]) DRV - [2002-09-29 01:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running]) DRV - [2004-08-03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running]) DRV - [2004-07-17 13:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2009-07-09 17:56:14 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running]) DRV - [2007-05-02 12:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped]) DRV - [2007-05-02 12:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped]) DRV - [2007-05-02 12:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped]) DRV - [2009-02-06 17:12:56 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [system | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\s-1-5-21-448539723-573735546-839522115-1003\s-1-5-21-448539723-573735546-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Astroburn Search" FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.2 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.2 FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.30.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20090810 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-04-26 13:56:36 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2009-07-18 20:05:21 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\mozilla firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-08-16 21:27:05 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\mozilla firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-08-16 21:04:18 | 00,000,000 | ---D | M] [2009-02-06 13:40:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Extensions [2009-02-06 13:40:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-09-02 17:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions [2009-06-15 21:14:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66} [2009-08-20 16:30:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2009-08-19 16:28:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-07-20 14:57:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2009-08-19 16:28:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\pl@dictionaries.addons.mozilla.org [2009-03-16 19:53:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\mozilla\Firefox\Profiles\qgikqgi2.default\extensions\SignPlugin@bph.pl [2009-09-02 17:45:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-08-16 21:04:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-04-26 13:56:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009-04-27 10:47:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-08-16 21:04:04 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-08-16 21:04:04 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-03-09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2003-01-13 17:08:06 | 00,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\mozilla firefox\plugins\npjp2.dll [2009-08-16 21:04:11 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2003-07-15 07:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2004-12-14 03:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2008-09-10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2004-11-08 21:01:50 | 00,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2008-09-10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009-08-16 21:04:13 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-08-16 21:04:13 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-16 21:04:13 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-08-16 21:04:13 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-08-16 21:04:13 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-08-16 21:04:13 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-08-16 21:04:13 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (316342 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 10878 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll (Google Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll () O3 - HKU\s-1-5-21-448539723-573735546-839522115-1003\..\Toolbar\WebBrowser: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\s-1-5-21-448539723-573735546-839522115-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team) O4 - HKU\s-1-5-21-448539723-573735546-839522115-1003..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.) O4 - HKU\s-1-5-21-448539723-573735546-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\s-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\s-1-5-19_classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\s-1-5-20_classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\s-1-5-21-448539723-573735546-839522115-1003_classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\FLV Player\MDIEEx.dll (Tomato) O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\FLV Player\MDIEEx.dll (Tomato) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll (Google Inc.) O9 - Extra Button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\FLV Player\MDIEEx.dll (Tomato) O9 - Extra 'Tools' menuitem : Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\FLV Player\MDIEEx.dll (Tomato) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\.DEFAULT\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-18\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\s-1-5-21-448539723-573735546-839522115-1003\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.63.129.30 84.201.208.218 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-02-06 13:06:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-03-20 17:42:25 | 00,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008-05-19 18:42:26 | 00,000,051 | R--- | M] () - G:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2008-11-20 12:52:53 | 01,444,112 | R--- | M] () - G:\Autorun.exe -- [ UDF ] O33 - MountPoints2\{955fefc1-6cbc-11de-be7d-00508d745470}\Shell - "" = AutoRun O33 - MountPoints2\{955fefc1-6cbc-11de-be7d-00508d745470}\Shell\autorun\command - "" = G:\autorun.exe -- [2008-11-20 12:52:53 | 01,444,112 | R--- | M] () O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found ========== Files/Folders - Created Within 30 Days ========== [2015-08-24 19:41:23 | 00,000,787 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\EVEREST Ultimate Edition.lnk [2009-09-02 21:51:30 | 00,000,000 | ---D | C] -- C:\_OTL [2009-09-02 21:49:51 | 00,027,001 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\alert.JPG [2009-09-02 18:33:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Moje dokumenty\gothic3 [2009-09-02 18:33:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Moje dokumenty\Gothic3ForsakenGods [2009-09-02 18:32:34 | 00,000,563 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\Gothic 3 - Zmierzch Bogów.lnk [2009-09-02 18:24:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Dane aplikacji\InstallShield [2009-09-02 17:45:45 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mati\Pulpit\OTL.exe [2009-09-01 16:49:56 | 00,098,457 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\DSC01679.JPG [2009-08-24 20:01:53 | 05,292,054 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\komp.bmp [2009-08-24 19:40:58 | 09,880,664 | ---- | C] (Lavalys, Inc. ) -- C:\Documents and Settings\Mati\Pulpit\everestultimate502.exe [2009-08-20 22:04:36 | 00,014,433 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\Grace_(NAPiSY-110514).NS.zip [2009-08-20 14:09:51 | 04,244,198 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\zaproszenie2.bmp [2009-08-20 13:07:59 | 04,244,198 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\zaproszenie1.bmp [2009-08-20 12:36:18 | 00,013,930 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\szlaczek2.jpg [2009-08-20 12:31:48 | 00,023,142 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\img-thing.jpg [2009-08-20 12:26:36 | 00,002,539 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\Microsoft Office Word 2003.lnk [2009-08-19 13:40:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2009-08-19 13:39:50 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009-08-17 11:53:12 | 00,043,520 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\asi podreczniki.doc [2009-08-17 10:46:00 | 00,342,475 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\cuban-tree-frog-081709-xl.jpg [2009-08-13 20:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-08-13 20:55:40 | 00,001,914 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2009-08-13 20:55:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Moje dokumenty\DAEMON Tools Lite [2009-08-13 20:55:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Dane aplikacji\DAEMON Tools Lite [2009-08-10 16:51:36 | 00,000,499 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\Resume AOL Safety and Security Center Download.lnk [2009-08-10 16:51:31 | 00,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini [2009-08-10 16:51:30 | 00,001,635 | -H-- | C] () -- C:\IPH.PH [2009-08-10 16:50:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Pulpit\AOL 9.0 [2009-08-07 21:55:53 | 00,317,571 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\screen2.jpg [2009-08-07 21:55:34 | 05,292,054 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\screen.bmp [2009-08-04 23:39:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Pulpit\Nowy folder (4) [2009-08-04 23:36:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mati\Pulpit\Nowy folder [2009-08-04 22:22:47 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Mati\Pulpit\PODZIĘKOWANIE ZA SOLIDARNOŚĆ Z OJCEM ŚWIĘTYM.msg [2009-08-02 19:31:54 | 00,048,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\83c51d05.sys [2009-07-31 13:26:52 | 00,000,482 | ---- | C] () -- C:\WINDOWS\mamba.ini [2009-07-27 19:55:38 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll [2009-07-20 14:28:52 | 00,000,123 | ---- | C] () -- C:\WINDOWS\Winchat.ini [2009-04-07 18:25:07 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-03-06 21:05:44 | 00,000,761 | ---- | C] () -- C:\WINDOWS\m3jp2k.ini [2009-03-06 21:05:44 | 00,000,702 | ---- | C] () -- C:\WINDOWS\mmtvmj.ini [2009-03-06 21:05:43 | 00,000,714 | ---- | C] () -- C:\WINDOWS\m3jpeg.ini [2009-03-06 21:05:40 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2009-03-06 21:05:39 | 00,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-03-06 21:05:37 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-02-09 21:24:45 | 00,000,717 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2009-02-07 21:20:57 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-02-06 17:00:48 | 00,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009-02-06 16:47:25 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-02-06 15:37:04 | 00,000,568 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2009-02-06 13:50:02 | 00,102,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\FWDRV.SYS [2009-02-06 13:44:45 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-01-15 09:19:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-01-15 09:19:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-01-15 09:19:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-01-15 09:19:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2004-08-04 02:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-07-17 13:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004-04-30 09:37:02 | 00,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojubus.sys [2004-04-30 09:33:00 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojuscsi.sys [2003-04-08 12:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-09-29 01:00:00 | 00,009,415 | ---- | C] () -- C:\WINDOWS\system.ini [2002-09-29 01:00:00 | 00,001,045 | ---- | C] () -- C:\WINDOWS\win.ini ========== Files - Modified Within 30 Days ========== [2015-08-24 19:41:23 | 00,000,787 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\EVEREST Ultimate Edition.lnk [2015-08-24 19:41:09 | 09,880,664 | ---- | M] (Lavalys, Inc. ) -- C:\Documents and Settings\Mati\Pulpit\everestultimate502.exe [2009-09-02 22:04:23 | 00,048,896 | ---- | M] () -- C:\WINDOWS\System32\drivers\83c51d05.sys [2009-09-02 21:59:25 | 00,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-09-02 21:59:17 | 00,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009-09-02 21:59:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-09-02 21:59:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-09-02 21:50:46 | 00,000,568 | ---- | M] () -- C:\WINDOWS\WINCMD.INI [2009-09-02 21:49:51 | 00,027,001 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\alert.JPG [2009-09-02 21:05:07 | 00,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009-09-02 18:35:42 | 00,070,272 | ---- | M] () -- C:\Documents and Settings\Mati\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-09-02 18:32:34 | 00,000,563 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\Gothic 3 - Zmierzch Bogów.lnk [2009-09-02 17:45:44 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mati\Pulpit\OTL.exe [2009-09-02 09:11:01 | 00,277,352 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-09-01 20:46:13 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Mati\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-01 16:50:55 | 00,098,457 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\DSC01679.JPG [2009-08-27 21:27:09 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009-08-26 20:19:55 | 00,008,890 | ---- | M] () -- C:\WINDOWS\System32\quicktime.qtp [2009-08-24 20:01:54 | 05,292,054 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\komp.bmp [2009-08-22 20:26:30 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-08-20 22:04:32 | 00,014,433 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\Grace_(NAPiSY-110514).NS.zip [2009-08-20 14:09:51 | 04,244,198 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\zaproszenie2.bmp [2009-08-20 13:08:00 | 04,244,198 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\zaproszenie1.bmp [2009-08-20 12:36:18 | 00,013,930 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\szlaczek2.jpg [2009-08-20 12:31:48 | 00,023,142 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\img-thing.jpg [2009-08-20 12:26:41 | 00,002,539 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\Microsoft Office Word 2003.lnk [2009-08-18 15:04:58 | 00,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-08-17 18:10:20 | 01,279,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-08-17 18:06:54 | 00,093,392 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-08-17 18:02:50 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-08-17 11:53:12 | 00,043,520 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\asi podreczniki.doc [2009-08-17 10:46:00 | 00,342,475 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\cuban-tree-frog-081709-xl.jpg [2009-08-16 21:25:58 | 00,009,415 | ---- | M] () -- C:\WINDOWS\system.ini [2009-08-16 21:25:58 | 00,001,045 | ---- | M] () -- C:\WINDOWS\win.ini [2009-08-16 21:25:58 | 00,000,425 | RHS- | M] () -- C:\boot.ini [2009-08-15 19:30:13 | 00,409,600 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2009-08-15 19:30:13 | 00,114,688 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2009-08-15 18:59:38 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-08-13 21:28:52 | 00,001,914 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2009-08-12 21:40:26 | 03,209,422 | -H-- | M] () -- C:\Documents and Settings\Mati\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-08-11 18:28:43 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-08-10 16:52:29 | 00,001,635 | -H-- | M] () -- C:\IPH.PH [2009-08-10 16:52:02 | 00,000,499 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\Resume AOL Safety and Security Center Download.lnk [2009-08-10 16:51:31 | 00,000,030 | ---- | M] () -- C:\WINDOWS\atid.ini [2009-08-07 21:56:04 | 00,000,717 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini [2009-08-07 21:55:53 | 00,317,571 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\screen2.jpg [2009-08-07 21:55:35 | 05,292,054 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\screen.bmp [2009-08-05 00:39:26 | 00,000,255 | ---- | M] () -- C:\Documents and Settings\Mati\Dane aplikacji\burnaware.ini [2009-08-04 22:22:47 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Mati\Pulpit\PODZIĘKOWANIE ZA SOLIDARNOŚĆ Z OJCEM ŚWIĘTYM.msg ========== LOP Check ========== [2009-08-13 21:28:53 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Aga\Dane aplikacji [2009-08-12 19:45:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\BESTplayer [2009-08-13 21:19:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\Canneverbe_Limited [2009-02-07 17:09:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\CyberLink [2009-08-13 21:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\DAEMON Tools Lite [2009-02-09 23:51:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\Gadu-Gadu [2009-08-19 13:27:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\gtk-2.0 [2009-07-09 22:41:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\ipla [2009-02-08 20:25:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\Samsung [2009-07-21 16:44:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Aga\Dane aplikacji\SpeedSim [2009-08-19 13:40:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-02-06 16:24:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink [2009-08-13 20:57:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-05-14 18:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-02-24 23:24:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2009-07-09 17:37:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2009-07-09 17:36:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-02-06 16:00:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2009-06-19 20:08:57 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Asia\Dane aplikacji [2009-03-26 15:18:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\BESTplayer [2009-02-12 20:57:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\CyberLink [2009-02-07 19:16:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\Gadu-Gadu [2009-06-20 13:27:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\gtk-2.0 [2009-05-06 21:17:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Asia\Dane aplikacji\Samsung [2009-02-06 13:48:43 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-02-06 13:10:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-09-02 18:24:09 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Mati\Dane aplikacji [2009-07-14 13:33:14 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\Mati\Dane aplikacji\.# [2009-02-06 15:56:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\AD ON Multimedia [2009-06-28 18:35:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Ashampoo [2009-06-28 14:49:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Astroburn [2009-08-17 12:19:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\BESTplayer [2009-06-28 18:35:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Canneverbe_Limited [2009-02-11 20:35:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\CyberLink [2009-08-13 20:57:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\DAEMON Tools Lite [2009-07-09 17:46:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\DAEMON Tools Pro [2009-06-28 14:33:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Download Manager [2009-02-24 23:57:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\FileZilla [2009-02-14 16:18:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Gadu-Gadu [2009-08-20 13:00:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\gtk-2.0 [2009-02-10 12:37:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\HateML [2009-02-06 16:53:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\MyPhoneExplorer [2009-02-25 00:50:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Publish Providers [2009-02-08 21:15:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Samsung [2009-02-24 23:32:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Sony [2009-02-24 23:13:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Sony Setup [2009-07-24 23:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\SpeedSim [2009-05-25 11:03:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Thinstall [2009-08-23 21:32:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Tlen.pl [2009-06-10 08:35:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mati\Dane aplikacji\Tomato [2009-02-06 13:09:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2009-07-16 20:58:02 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Rodzice\Dane aplikacji [2002-09-29 01:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-09-02 21:59:17 | 00,001,032 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2009-09-02 21:05:07 | 00,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2009-09-02 21:59:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8FF81EB0 @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A9662AE0 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86 < End of report > W załączniku jest alert z avasta. Czy ktoś zna lepszy i darmowy antivirus i firewall?? Obecnie korzystam z kerio w wersji 2.xx bo jest darmowy.
Gość komentarz 3 września 2009 komentarz 3 września 2009 OTL jednak nie dał sobie z nim rady. Użyj ComboFixa i wklej z niego log. .
dudeck komentarz 3 września 2009 Autor komentarz 3 września 2009 Log do sprawdzenia ComboFix 09-09-03.02 - Mati 2009-09-03 22:09.3.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1023.652 [GMT 2:00]Uruchomiony z: c:\documents and settings\Mati\Pulpit\ComboFix.exeAV: avast! antivirus 4.8.1351 [VPS 090903-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\$recycle.bin\S-1-5-21-2673517765-265959944-4259492378-1000c:\documents and settings\Aga\Dane aplikacji\wiaserva.logc:\documents and settings\Mati\Dane aplikacji\.#c:\documents and settings\Mati\Dane aplikacji\.#\MBX@CAC@3C4140.###c:\documents and settings\Mati\Dane aplikacji\.#\MBX@CAC@3C4170.###c:\documents and settings\Mati\Dane aplikacji\.#\MBX@CAC@3C41A0.###c:\windows\system32\drivers\83c51d05.sysc:\windows\system32\ieuinit.inf.((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Service_83c51d05((((((((((((((((((((((((( Pliki utworzone od 2009-08-03 do 2009-09-03 ))))))))))))))))))))))))))))))).2009-09-02 19:51 . 2009-09-02 19:51 -------- d-----w- C:\_OTL2009-09-02 16:24 . 2009-09-02 16:24 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\InstallShield2009-08-19 11:40 . 2009-08-19 11:40 -------- d-----w- c:\documents and settings\Aga\Ustawienia lokalne\Dane aplikacji\Microsoft Help2009-08-19 11:40 . 2009-09-03 09:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help2009-08-19 11:39 . 2009-08-19 11:39 -------- d--h--r- C:\MSOCache2009-08-13 19:28 . 2009-08-13 19:28 -------- d-----w- c:\documents and settings\Aga\Dane aplikacji\DAEMON Tools Lite2009-08-13 19:19 . 2009-08-13 19:19 -------- d-----w- c:\documents and settings\Aga\Dane aplikacji\Canneverbe_Limited2009-08-13 18:57 . 2009-08-13 18:57 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite2009-08-13 18:55 . 2009-08-13 18:57 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\DAEMON Tools Lite.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2015-08-24 17:41 . 2009-02-06 13:55 -------- d-----w- c:\program files\Lavalys2009-09-02 16:35 . 2009-02-06 14:28 70272 ----a-w- c:\documents and settings\Mati\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-09-02 16:24 . 2009-02-06 11:22 -------- d--h--w- c:\program files\InstallShield Installation Information2009-08-23 19:32 . 2009-02-06 14:00 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\Tlen.pl2009-08-22 20:27 . 2009-02-20 15:35 70272 ----a-w- c:\documents and settings\Aga\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-08-20 11:00 . 2009-02-10 10:36 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\gtk-2.02009-08-19 11:44 . 2009-02-06 11:43 -------- d-----w- c:\program files\Microsoft Works2009-08-19 11:27 . 2009-04-04 10:15 -------- d-----w- c:\documents and settings\Aga\Dane aplikacji\gtk-2.02009-08-17 16:10 . 2009-02-06 12:27 1279456 ----a-w- c:\windows\system32\aswBoot.exe2009-08-17 16:06 . 2009-02-06 12:27 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys2009-08-17 16:06 . 2009-02-06 12:27 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys2009-08-17 16:05 . 2009-02-06 12:27 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys2009-08-17 16:05 . 2009-02-06 12:27 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2009-08-17 16:04 . 2009-02-06 12:27 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys2009-08-17 16:04 . 2009-02-06 12:27 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys2009-08-17 16:03 . 2009-02-06 12:27 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys2009-08-17 16:02 . 2009-02-06 12:27 97480 ----a-w- c:\windows\system32\AvastSS.scr2009-08-17 10:19 . 2009-02-06 12:37 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\BESTplayer2009-08-15 17:30 . 2009-04-11 20:16 409600 ----a-w- c:\windows\system32\wrap_oal.dll2009-08-15 17:30 . 2009-02-06 11:21 114688 ----a-w- c:\windows\system32\OpenAL32.dll2009-08-13 18:55 . 2009-06-28 12:48 -------- d-----w- c:\program files\Astroburn Toolbar2009-08-13 18:14 . 2008-06-29 08:07 -------- d-----w- c:\program files\Disney2009-08-12 17:45 . 2009-02-12 16:43 -------- d-----w- c:\documents and settings\Aga\Dane aplikacji\BESTplayer2009-07-27 17:55 . 2009-07-27 17:55 -------- d-----w- c:\program files\Morgan2009-07-26 18:39 . 2009-07-26 18:38 -------- d-----w- c:\program files\SE Pro Tools™2009-07-26 07:32 . 2009-04-14 17:21 65800 ----a-w- c:\documents and settings\Rodzice\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-07-24 21:33 . 2009-07-24 21:33 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\SpeedSim2009-07-22 20:33 . 2009-07-22 20:32 -------- d-----w- c:\program files\AquaMark32009-07-21 14:44 . 2009-07-21 14:43 -------- d-----w- c:\documents and settings\Aga\Dane aplikacji\SpeedSim2009-07-20 12:29 . 2009-07-20 12:29 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\nView_Profiles2009-07-18 18:05 . 2009-02-24 22:02 -------- d-----w- c:\program files\Google2009-07-16 18:58 . 2009-07-16 18:58 -------- d-----w- c:\documents and settings\Rodzice\Dane aplikacji\AdobeUM2009-07-14 11:33 . 2009-07-14 11:33 -------- d-----w- c:\program files\Common Files\SWF Studio2009-07-11 07:21 . 2009-07-11 07:21 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\Malwarebytes2009-07-11 07:21 . 2009-07-11 07:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2009-07-11 07:21 . 2009-07-11 07:21 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes2009-07-10 10:10 . 2009-06-10 06:33 -------- d-----w- c:\program files\Free Offers from Freeze.com2009-07-10 09:27 . 2009-07-10 09:27 -------- d-----w- c:\program files\Trend Micro2009-07-10 09:16 . 2009-07-10 09:01 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy2009-07-10 09:02 . 2009-07-10 09:01 -------- d-----w- c:\program files\Spybot - Search & Destroy2009-07-09 20:44 . 2009-05-07 14:57 65800 ----a-w- c:\documents and settings\Asia\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-07-09 20:41 . 2009-05-02 08:35 -------- d-----w- c:\documents and settings\Aga\Dane aplikacji\ipla2009-07-09 19:57 . 2009-07-09 19:25 -------- d-----w- c:\program files\Microsoft Studio2009-07-09 19:35 . 2009-07-09 19:35 -------- d-----w- c:\program files\Microsoft WSE2009-07-09 19:13 . 2009-04-07 16:27 -------- d-----w- c:\program files\Alcohol Soft2009-07-09 15:56 . 2009-04-07 16:25 721904 ----a-w- c:\windows\system32\drivers\sptd.sys2009-07-09 15:46 . 2009-07-09 15:46 -------- d-----w- c:\documents and settings\Mati\Dane aplikacji\DAEMON Tools Pro2009-07-09 15:37 . 2009-06-28 10:59 -------- d-----w- c:\program files\DAP2009-07-09 15:37 . 2009-06-28 10:59 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SpeedBit2009-07-09 15:36 . 2009-02-06 13:56 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP2009-07-07 18:37 . 2009-05-02 09:11 664 ----a-w- c:\windows\system32\d3d9caps.dat2009-06-17 09:27 . 2009-07-11 07:21 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2009-06-17 09:27 . 2009-07-11 07:21 19096 ----a-w- c:\windows\system32\drivers\mbam.sys2009-06-14 18:06 . 2009-07-09 19:25 142336 ----a-w- c:\windows\system32\issch.exe.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{EFEED92A-A33D-4873-BA8F-32BAA631E54D}"= "c:\program files\Astroburn Toolbar\ABToolbar.dll" [2009-02-19 925696][HKEY_CLASSES_ROOT\clsid\{efeed92a-a33d-4873-ba8f-32baa631e54d}][HKEY_CLASSES_ROOT\ABToolbar.ToolBandObj.1][HKEY_CLASSES_ROOT\TypeLib\{142EECD7-B6CA-4e29-AE5D-A4798EF4FD7F}][HKEY_CLASSES_ROOT\ABToolbar.ToolBandObj][HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]"{EFEED92A-A33D-4873-BA8F-32BAA631E54D}"= "c:\program files\Astroburn Toolbar\ABToolbar.dll" [2009-02-19 925696][HKEY_CLASSES_ROOT\clsid\{efeed92a-a33d-4873-ba8f-32baa631e54d}][HKEY_CLASSES_ROOT\ABToolbar.ToolBandObj.1][HKEY_CLASSES_ROOT\TypeLib\{142EECD7-B6CA-4e29-AE5D-A4798EF4FD7F}][HKEY_CLASSES_ROOT\ABToolbar.ToolBandObj][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Komunikator"="c:\program files\Tlen.pl\tlen.exe" [2009-01-17 5853672]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" [2009-04-24 203416][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 131072]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]"QuickTime Task"="c:\windows\system32\qttask.exe" [2009-03-06 98304]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-01-15 1657376][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360][HKLM\~\startupfolder\C:^Documents and Settings^All Users^Application Data^Microsoft^Shortcuts^Adobe Reader Speed Launch.lnk]path=c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\Adobe Reader Speed Launch.lnkbackup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup[HKLM\~\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^adobe reader speed launch.lnk]path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnkbackup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup[HKEY_LOCAL_MACHINE\software\microsoft\security center]"UpdatesDisableNotify"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Tlen.pl\\tlen.exe"=R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-02-06 114768]R1 fwdrv;Kerio Personal Firewall Driver;c:\windows\system32\drivers\FWDRV.SYS [2009-02-06 102912]R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-12-10 24636]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-06 20560]R3 ip100xp;IC Plus IP100 10/100 Fast Ethernet Adapter NT Driver;c:\windows\system32\drivers\ipfnd51.sys [2009-02-06 26624]S2 gupdate1c996cb8a1ea944;Google Update Service (gupdate1c996cb8a1ea944);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-25 133104][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{955fefc1-6cbc-11de-be7d-00508d745470}]\Shell\AutoRun\command - G:\autorun.exe.Zawartość folderu 'Zaplanowane zadania'2009-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-24 22:02]2009-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-24 22:02]..------- Skan uzupełniający -------.uStart Page = hxxp://www.google.pl/IE: Download Video on This Page - c:\program files\Tomato\FLV Player\MDIEEx.dll/211IE: Download Video This Links To - c:\program files\Tomato\FLV Player\MDIEEx.dll/212IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: {{11F19C45-9675-488A-A8E0-8E8234DC245D} - res://c:\program files\Tomato\FLV Player\MDIEEx.dll/211FF - ProfilePath - c:\documents and settings\Mati\Dane aplikacji\Mozilla\Firefox\Profiles\qgikqgi2.default\FF - prefs.js: browser.search.selectedEngine - Astroburn SearchFF - prefs.js: browser.startup.homepage - hxxp://www.google.plFF - component: c:\program files\Google\Google Gears\Firefox\lib\ff35\gears.dllFF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-09-03 22:21Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'explorer.exe'(1588)c:\windows\system32\msi.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\program files\Ahead\InCD\InCDsrv.exec:\program files\Alwil Software\Avast4\aswUpdSv.exec:\program files\Alwil Software\Avast4\ashServ.exec:\program files\Java\jre6\bin\jqs.exec:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\program files\Google\Update\1.2.183.7\GoogleCrashHandler.exec:\xampp\mysql\bin\mysqld.exec:\program files\CDBurnerXP\NMSAccessU.exec:\windows\system32\nvsvc32.exec:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exec:\windows\system32\wdfmgr.exec:\windows\system32\wscntfy.exec:\windows\system32\rundll32.exe.**************************************************************************.Czas ukończenia: 2009-09-03 22:26 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt 2009-09-03 20:25Przed: 1 660 149 760 bajtów wolnychPo: 3 617 480 704 bajtów wolnych198
MarekM25 komentarz 4 września 2009 komentarz 4 września 2009 Combofix usunął co trzeba. Posprzątaj po narzędziach używając: OTCleanIT 1
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.