x-kom hosting

wolna praca systemu, zwiechy przegladarki, trojan boot.mebroot

drapichrust
utworzono
utworzono (edytowane)

Witam,
od jakiegos czasu mialem problemy z trojanem boot.mebroot, niby juz go usunalem za pomoca dr. web'a ale nadal cos jest nie tak z komputerem, przegladarka czesto sie zwiesza, problemy z logowaniem do serwisow

[log]OTL logfile created on: 2009-10-08 12:04:27 - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Documents and Settings\B&K&B\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

767,04 Mb Total Physical Memory | 281,92 Mb Available Physical Memory | 36,75% Memory free
1,83 Gb Paging File | 1,29 Gb Available in Paging File | 70,67% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 1,72 Gb Free Space | 17,56% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 68,44 Gb Free Space | 91,83% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 575,56 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 288,31 Gb Total Space | 93,68 Gb Free Space | 32,49% Space Free | Partition Type: NTFS
Drive H: | 1,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
I: Drive not present or media not loaded

Computer Name: BANANOWA-856ED7
Current User Name: B&K&B
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2008-08-30 06:43:18 | 00,573,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-08-30 06:43:18 | 00,573,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2004-10-15 19:40:56 | 02,577,632 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Sygate\SPF\smc.exe
PRC - [2004-08-04 02:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-08-15 05:13:26 | 30,003,200 | R--- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
PRC - [2007-07-17 11:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007-06-18 15:10:32 | 00,271,360 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2009-09-22 18:09:58 | 00,869,688 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
PRC - [2009-06-01 16:03:10 | 00,447,728 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\DrWeb\SpIDerAgent.exe
PRC - [2009-06-30 22:10:28 | 00,644,336 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\DrWeb\spiderml.exe
PRC - [2009-08-17 17:47:50 | 00,231,840 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\DrWeb\spiderui.exe
PRC - [2004-08-04 00:55:54 | 01,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-09-19 03:03:58 | 00,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2009-08-17 17:47:50 | 00,231,328 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\DrWeb\spidernt.exe
PRC - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2008-09-19 07:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2007-07-17 11:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe
PRC - [2008-09-19 07:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008-09-19 07:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008-09-19 07:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008-09-19 07:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008-09-19 07:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2009-02-06 18:39:29 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2007-06-15 16:55:00 | 00,300,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009-09-11 17:56:54 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-08 12:03:31 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\B&K&B\Pulpit\OTL.exe
PRC - [2009-07-15 13:07:18 | 00,238,888 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-08-30 06:43:18 | 00,573,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009-09-22 18:09:58 | 00,869,688 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe -- (DrWebEngine [Auto | Running])
SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2004-08-04 02:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008-09-19 03:03:58 | 00,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3 [Auto | Running])
SRV - [2007-06-15 16:55:00 | 00,300,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Running])
SRV - [2004-10-15 19:40:56 | 02,577,632 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Sygate\SPF\smc.exe -- (SmcService [Auto | Running])
SRV - [2009-08-17 17:47:50 | 00,231,328 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\DrWeb\spidernt.exe -- (SPIDERNT [Auto | Running])
SRV - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running])
SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2004-09-27 04:45:55 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\B&K&B\Ustawienia lokalne\Temp\Amsmpu4p.sys -- (Amsmpu4p [On_Demand | Stopped])
DRV - [2008-08-30 08:56:04 | 03,300,864 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009-09-23 13:16:34 | 00,278,984 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])
DRV - [2009-09-21 14:47:30 | 00,105,080 | ---- | M] (Doctor Web, Ltd.) -- C:\WINDOWS\system32\drivers\dwprot.sys -- (DwProt [Boot | Running])
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2009-09-23 13:16:34 | 00,025,416 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])
DRV - [2008-02-14 08:12:00 | 01,389,056 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\monfilt.sys -- (monfilt [On_Demand | Running])
DRV - [2004-08-15 02:00:00 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2007-02-22 11:15:56 | 00,137,216 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcd.sys -- (nmwcd [On_Demand | Stopped])
DRV - [2007-02-22 11:15:14 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdc.sys -- (nmwcdc [On_Demand | Stopped])
DRV - [2007-02-22 11:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcj.sys -- (nmwcdcj [On_Demand | Stopped])
DRV - [2007-02-22 11:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcm.sys -- (nmwcdcm [On_Demand | Stopped])
DRV - [2007-02-28 11:00:06 | 00,023,217 | ---- | M] (INCA Internet Co., Ltd.) -- G:\l2 existance\system\npkcrypt.sys -- (npkcrypt [On_Demand | Stopped])
DRV - [2004-10-06 13:31:04 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008-09-25 15:51:42 | 00,115,328 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2004-07-17 13:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2009-08-17 17:47:48 | 00,306,464 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files\DrWeb\spider.sys -- (SPIDER [Auto | Running])
DRV - [2009-09-23 13:21:16 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2004-10-15 18:17:02 | 00,060,496 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys -- (Teefer [Boot | Running])
DRV - [2008-07-25 14:09:24 | 00,845,184 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\viahduaa.sys -- (VIAHdAudAddService [On_Demand | Running])
DRV - [2004-10-15 18:32:38 | 00,014,568 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys -- (wg3n [Auto | Running])
DRV - [2004-10-15 18:32:40 | 00,014,568 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys -- (wg4n [Auto | Running])
DRV - [2004-10-15 18:32:42 | 00,014,568 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys -- (wg5n [Auto | Running])
DRV - [2004-10-15 18:32:44 | 00,014,568 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys -- (wg6n [Auto | Running])
DRV - [2004-10-15 18:18:46 | 00,021,075 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wpsdrvnt.sys -- (wpsdrvnt [System | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-682003330-1708537768-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-682003330-1708537768-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/ie
IE - HKU\S-1-5-21-682003330-1708537768-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.entretieneteds.vze.com
IE - HKU\S-1-5-21-682003330-1708537768-725345543-1003\S-1-5-21-682003330-1708537768-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3789
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-08 00:09:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-14 20:22:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-17 16:31:19 | 00,000,000 | ---D | M]

[2009-06-30 21:52:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\mozilla\Extensions
[2009-06-30 21:52:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-10-07 14:55:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\mozilla\Firefox\Profiles\tfq0tlbu.default\extensions
[2009-09-08 11:17:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\mozilla\Firefox\Profiles\tfq0tlbu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-10-08 11:56:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-11 17:57:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-08-18 09:56:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-09-11 17:56:53 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-11 17:56:53 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009-09-11 17:56:57 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009-06-24 14:27:26 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-06-24 14:27:26 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-06-24 14:27:26 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-06-24 14:27:26 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-06-24 14:27:26 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-06-24 14:27:26 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-06-24 14:27:26 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [SmcService] C:\Program Files\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
O4 - HKLM..\Run: [SpIDerAgent] C:\Program Files\DrWeb\SpIDerAgent.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [SpIDerMail] C:\Program Files\DrWeb\spiderml.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [SpIDerNT] C:\Program Files\DrWeb\spiderui.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-682003330-1708537768-725345543-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-682003330-1708537768-725345543-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-682003330-1708537768-725345543-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-682003330-1708537768-725345543-1003..\Run: [Steam] G:\CounterStrike\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-1708537768-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-1708537768-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1708537768-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-1708537768-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-1708537768-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1708537768-725345543-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - G:\Ms Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Ms Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Ms Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\Ms Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe (Microgaming)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-30 21:14:01 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006-11-13 11:47:38 | 00,000,000 | R--D | M] - H:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2006-08-02 10:58:15 | 00,000,057 | R--- | M] () - H:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{33643780-a834-11de-a56c-00248cbcd36c}\Shell - "" = AutoRun
O33 - MountPoints2\{33643780-a834-11de-a56c-00248cbcd36c}\Shell\AutoRun\command - "" = H:\UbiAutorun.exe -- [2004-11-05 18:32:48 | 00,200,704 | R--- | M] (UBISOFT)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[3 C:\WINDOWS\*.tmp files]
[2009-09-17 12:45:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Boss Media
[2009-10-06 15:33:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Doctor Web
[2009-10-02 22:35:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009-09-17 16:28:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2009-10-02 22:35:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\B&K&B\Dane aplikacji\ipla
[2009-09-11 20:52:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\B&K&B\Dane aplikacji\Microgaming
[2009-09-17 12:45:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\B&K&B\Ustawienia lokalne\Dane aplikacji\Boss Media
[2009-09-17 16:28:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\B&K&B\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2009-09-17 16:30:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009-10-06 15:33:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Doctor Web
[2009-10-02 21:48:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009-09-23 13:28:19 | 00,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2009-10-06 15:33:07 | 00,000,000 | ---D | C] -- C:\Program Files\DrWeb
[2009-10-02 22:35:46 | 00,000,000 | ---D | C] -- C:\Program Files\ipla
[2009-09-20 12:16:43 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009-09-17 16:31:19 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009-09-17 16:30:32 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009-09-17 12:45:07 | 00,000,000 | ---D | C] -- C:\Program Files\ParadisePoker
[2009-09-24 18:36:07 | 00,000,000 | ---D | C] -- C:\Program Files\Replay Converter 3
[2009-10-02 21:48:35 | 00,000,000 | ---D | C] -- C:\Program Files\Sygate
[2009-10-08 12:03:07 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\B&K&B\Pulpit\OTL.exe
[2009-10-06 15:33:23 | 00,105,080 | ---- | C] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2009-10-02 21:48:40 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg6n.sys
[2009-10-02 21:48:40 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg5n.sys
[2009-10-02 21:48:40 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg4n.sys
[2009-10-02 21:48:39 | 00,060,496 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\Teefer.sys
[2009-10-02 21:48:39 | 00,021,075 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wpsdrvnt.sys
[2009-10-02 21:48:39 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg3n.sys
[2009-10-02 21:48:37 | 00,083,096 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\SSSensor.dll
[2009-09-24 18:36:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\Replay Converter 3
[2009-09-23 14:17:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\B&K&B\Moje dokumenty\THE SETTLERS - Rise of an Empire
[2009-09-23 13:16:32 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009-09-23 13:16:29 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009-09-21 13:48:38 | 00,208,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll
[2009-09-21 13:48:37 | 00,268,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009-09-21 13:48:37 | 00,027,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009-09-17 16:31:56 | 00,032,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2009-09-17 16:28:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2009-09-15 09:39:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\B&K&B\Pulpit\egzamin rachunkowosc
[2009-09-11 20:51:57 | 00,000,000 | ---D | C] -- C:\Microgaming

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009-10-08 12:03:31 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\B&K&B\Pulpit\OTL.exe
[2009-10-08 11:46:43 | 00,034,816 | ---- | M] () -- C:\Documents and Settings\B&K&B\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-08 11:46:13 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009-10-08 11:45:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-08 11:45:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-10-08 11:44:56 | 00,044,964 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2009-10-08 11:44:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-08 03:09:06 | 00,000,346 | ---- | M] () -- C:\WINDOWS\tasks\Dr.Web Update.job
[2009-10-06 15:33:18 | 00,000,288 | ---- | M] () -- C:\WINDOWS\tasks\Dr.Web Daily scan.job
[2009-10-06 15:33:11 | 00,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skaner Dr.Web.lnk
[2009-10-02 22:35:51 | 00,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2009-10-01 22:52:06 | 05,877,635 | ---- | M] () -- C:\Documents and Settings\B&K&B\Pulpit\David Guetta & Akon - Sexy Bitch [2156].mp3
[2009-10-01 15:52:08 | 00,026,366 | ---- | M] () -- C:\Documents and Settings\B&K&B\Pulpit\GMC kalkulacje.xlsx
[2009-09-30 19:43:56 | 00,000,379 | ---- | M] () -- C:\Documents and Settings\B&K&B\Pulpit\Skrót do FILMY NOWE.lnk
[2009-09-24 18:27:19 | 07,709,670 | ---- | M] () -- C:\Documents and Settings\B&K&B\Pulpit\sunrise.flv
[2009-09-23 13:51:40 | 00,000,566 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2009-09-23 13:28:23 | 00,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk
[2009-09-23 13:21:16 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-09-23 13:16:34 | 00,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-09-23 13:16:34 | 00,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-09-21 14:47:30 | 00,105,080 | ---- | M] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2009-09-18 12:58:01 | 00,000,350 | ---- | M] () -- C:\Documents and Settings\B&K&B\Pulpit\Skrót do FILMY.lnk
[2009-09-18 11:44:05 | 00,027,488 | ---- | M] () -- C:\Documents and Settings\B&K&B\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-09-18 11:43:30 | 00,149,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-09-17 12:45:11 | 00,000,698 | ---- | M] () -- C:\Documents and Settings\B&K&B\Pulpit\ParadisePoker.lnk
[2009-09-11 20:57:00 | 00,000,059 | ---- | M] () -- C:\WINDOWS\pp.enc
[2009-09-11 20:52:31 | 00,000,797 | ---- | M] () -- C:\Documents and Settings\B&K&B\Pulpit\Unibet Poker.lnk
[2009-09-11 00:06:49 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-06 15:33:18 | 00,000,288 | ---- | C] () -- C:\WINDOWS\tasks\Dr.Web Daily scan.job
[2009-10-06 15:33:16 | 00,000,346 | ---- | C] () -- C:\WINDOWS\tasks\Dr.Web Update.job
[2009-10-06 15:33:11 | 00,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skaner Dr.Web.lnk
[2009-10-02 22:35:51 | 00,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2009-10-01 22:51:05 | 05,877,635 | ---- | C] () -- C:\Documents and Settings\B&K&B\Pulpit\David Guetta & Akon - Sexy Bitch [2156].mp3
[2009-09-30 19:43:57 | 00,000,379 | ---- | C] () -- C:\Documents and Settings\B&K&B\Pulpit\Skrót do FILMY NOWE.lnk
[2009-09-24 18:38:27 | 00,003,046 | ---- | C] () -- C:\Documents and Settings\B&K&B\Dane aplikacji\ReplayConverterLog.log
[2009-09-24 18:24:52 | 07,709,670 | ---- | C] () -- C:\Documents and Settings\B&K&B\Pulpit\sunrise.flv
[2009-09-23 13:51:40 | 00,000,566 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2009-09-23 13:28:23 | 00,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk
[2009-09-23 13:21:15 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-09-23 13:16:34 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-09-23 13:16:34 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-09-18 12:58:03 | 00,000,350 | ---- | C] () -- C:\Documents and Settings\B&K&B\Pulpit\Skrót do FILMY.lnk
[2009-09-17 16:36:20 | 00,026,366 | ---- | C] () -- C:\Documents and Settings\B&K&B\Pulpit\GMC kalkulacje.xlsx
[2009-09-17 12:45:11 | 00,000,698 | ---- | C] () -- C:\Documents and Settings\B&K&B\Pulpit\ParadisePoker.lnk
[2009-09-11 20:57:00 | 00,000,059 | ---- | C] () -- C:\WINDOWS\pp.enc
[2009-09-11 20:52:31 | 00,000,797 | ---- | C] () -- C:\Documents and Settings\B&K&B\Pulpit\Unibet Poker.lnk
[2009-08-08 13:18:32 | 00,004,985 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ojvzdisj.xda
[2009-07-19 23:34:34 | 08,676,883 | ---- | C] () -- C:\WINDOWS\System32\mp3Media2.dll
[2009-07-12 19:05:04 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009-07-09 17:22:39 | 02,392,064 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll
[2009-07-09 17:22:39 | 00,215,040 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll
[2009-07-09 17:22:39 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\videocore.dll
[2009-07-09 17:22:38 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll
[2009-07-09 17:22:38 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll
[2009-07-09 17:22:31 | 00,128,512 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2009-07-06 21:27:29 | 00,034,816 | ---- | C] () -- C:\Documents and Settings\B&K&B\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-03 00:28:21 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2009-07-03 00:27:04 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009-07-03 00:27:03 | 00,246,784 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009-07-03 00:26:59 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009-07-03 00:26:52 | 00,148,480 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009-07-03 00:26:46 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2009-07-03 00:26:37 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009-07-03 00:26:32 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009-07-03 00:26:25 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009-07-03 00:26:20 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009-07-03 00:25:28 | 01,416,015 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2009-07-03 00:25:16 | 00,557,469 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009-07-03 00:25:12 | 00,146,098 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009-07-03 00:25:10 | 04,471,092 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009-07-03 00:24:26 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2009-07-03 00:24:24 | 00,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2009-07-03 00:24:22 | 00,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2009-07-03 00:24:20 | 00,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2009-07-03 00:24:18 | 00,486,400 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2009-07-03 00:24:12 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2009-07-03 00:24:09 | 00,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2009-07-03 00:24:04 | 02,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009-07-03 00:23:34 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009-07-03 00:23:26 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009-07-03 00:23:16 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009-07-03 00:23:15 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009-07-03 00:22:57 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009-07-02 22:41:25 | 00,217,088 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-07-02 22:41:25 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-06-30 23:04:31 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-06-30 21:44:47 | 00,027,488 | ---- | C] () -- C:\Documents and Settings\B&K&B\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-06-30 21:43:14 | 05,863,146 | -H-- | C] () -- C:\Documents and Settings\B&K&B\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-06-30 21:35:30 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-06-30 21:35:24 | 00,032,879 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-06-30 21:35:24 | 00,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009-06-30 21:20:55 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\B&K&B\Dane aplikacji\desktop.ini
[2007-03-29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2004-10-15 18:31:56 | 00,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll
[2004-10-06 13:31:38 | 00,000,522 | ---- | C] () -- C:\WINDOWS\win.ini
[2004-10-06 13:31:28 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004-07-17 13:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-10-06 15:33:07 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-06-30 21:44:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2009-09-17 12:45:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Boss Media
[2009-10-06 15:33:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Doctor Web
[2009-07-09 17:45:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-10-02 22:35:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009-08-04 10:21:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2009-06-30 22:01:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2009-07-09 18:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-10-02 22:35:54 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji
[2009-06-30 21:44:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\ATI
[2009-07-31 13:29:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\DMIDMSA
[2009-10-05 12:02:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\ipla
[2009-10-05 18:22:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\Microgaming
[2009-07-09 18:55:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\Nokia
[2009-07-30 17:39:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\Nowe Gadu-Gadu
[2009-07-01 11:12:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\OpenFM
[2009-07-09 18:55:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\PC Suite
[2009-08-31 12:38:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\teamspeak2
[2009-10-08 03:30:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\B&K&B\Dane aplikacji\uTorrent
[2009-06-30 23:04:31 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-06-30 21:19:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2009-06-30 21:18:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2009-06-30 23:04:31 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\postgres\Dane aplikacji
[2004-10-06 13:30:34 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-10-06 15:33:18 | 00,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\Dr.Web Daily scan.job
[2009-10-08 03:09:06 | 00,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\Dr.Web Update.job
[2009-10-08 11:45:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009-10-08 11:46:13 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:
[code]
:Processes
explorer.exe

:OTL
O32 - AutoRun File - [2006-11-13 11:47:38 | 00,000,000 | R--D | M] - H:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2006-08-02 10:58:15 | 00,000,057 | R--- | M] () - H:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{33643780-a834-11de-a56c-00248cbcd36c}\Shell - "" = AutoRun
O33 - MountPoints2\{33643780-a834-11de-a56c-00248cbcd36c}\Shell\AutoRun\command - "" = H:\UbiAutorun.exe -- [2004-11-05 18:32:48 | 00,200,704 | R--- | M] (UBISOFT)

:Files
C:\WINDOWS\tasks\WGASetup.job

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]
Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie.

Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

drapichrust
komentarz
komentarz

[log]Malwarebytes' Anti-Malware 1.41
Wersja bazy definicji: 2924
Windows 5.1.2600 Dodatek Service Pack 2

2009-10-08 13:35:38
mbam-log-2009-10-08 (13-35-38).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|G:\|)
Przeskanowane obiekty: 156840
Upłynęło: 15 minute(s), 9 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 0
Zainfekowane wartości rejestru: 0
Zainfekowane pliki rejestru: 1
Zainfekowane foldery: 0
Zainfekowane pliki: 1

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
(Nie wykryto groźnych plików)

Zainfekowane wartości rejestru:
(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
C:\WINDOWS\system32\videocore.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
[/log]

nadal są problemy z przeglądarką, nawet nie mogłem zapostować tej wiadomości, musiałem zrobić to z lapa

MarekM25
komentarz
komentarz

Wykonaj: http://www.forumpc.pl/index.php?showtopic=99152

drapichrust
komentarz
komentarz

sprawdzilem i wszystko jest ok.
ktos ma jeszcze jakies konstruktywne pomysly bo zaczynam powaznie rozwazac format..

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.