x-kom hosting

Dziwne zachowanie systemu

Iska
utworzono
utworzono

Po jakimś czasie wiesza mi się system, poza tym firewall dziwnie się zachowuje.
Logi z otl
[log]OTL logfile created on: 2009-10-15 21:32:27 - Run 3
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\RaV\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 75,66% Memory free
3,85 Gb Paging File | 3,37 Gb Available in Paging File | 87,71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 2,46 Gb Free Space | 16,80% Space Free | Partition Type: NTFS
Drive D: | 59,87 Gb Total Space | 6,22 Gb Free Space | 10,38% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RAFA
Current User Name: RaV
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-10-15 21:31:50 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RaV\Pulpit\OTL.exe
PRC - [2009-09-12 15:59:17 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-08-17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-05-03 14:21:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-04-29 04:04:44 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2009-02-16 00:10:22 | 02,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe
PRC - [2009-02-16 00:10:22 | 00,981,384 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008-12-18 14:32:52 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2008-12-18 13:19:44 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-04-05 01:10:02 | 00,500,224 | ---- | M] (Eugene Gavrilov) -- C:\WINDOWS\System32\kxmixer.exe
PRC - [2007-05-10 16:36:56 | 02,111,176 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2006-10-19 13:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006-01-19 16:54:34 | 00,925,696 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009-06-18 17:14:00 | 03,132,844 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des -- (npggsvc [On_Demand | Stopped])
SRV - [2009-05-03 14:21:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009-04-29 04:04:44 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2009-04-28 21:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009-02-16 00:10:22 | 02,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006-12-23 17:54:04 | 00,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2006-10-19 13:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2009-07-21 16:11:58 | 00,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped])
DRV - [2009-07-21 16:11:58 | 00,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggflt.sys -- (ggflt [On_Demand | Stopped])
DRV - [2009-04-29 05:30:44 | 03,643,904 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009-02-16 00:10:26 | 00,353,672 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant [Auto | Running])
DRV - [2008-11-17 02:24:00 | 00,051,688 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
DRV - [2008-09-17 14:14:00 | 00,027,672 | R--- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\DRIVERS\ENTECH.SYS -- (ENTECH [On_Demand | Stopped])
DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008-04-14 18:03:40 | 00,031,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wceusbsh.sys -- (wceusbsh [System | Stopped])
DRV - [2008-04-13 20:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped])
DRV - [2008-04-13 20:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2008-04-13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-04-05 01:10:02 | 00,568,320 | ---- | M] (Eugene Gavrilov) -- C:\WINDOWS\System32\drivers\kx.sys -- (kxwdmdrv [On_Demand | Running])
DRV - [2007-08-29 21:41:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\l151x86.sys -- (AtcL001 [On_Demand | Running])
DRV - [2007-06-25 11:43:38 | 00,098,344 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117obex.sys -- (s117obex [On_Demand | Stopped])
DRV - [2007-06-25 11:43:36 | 00,108,456 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mdm.sys -- (s117mdm [On_Demand | Stopped])
DRV - [2007-06-25 11:43:36 | 00,100,264 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mgmt.sys -- (s117mgmt [On_Demand | Stopped])
DRV - [2007-06-25 11:43:36 | 00,098,856 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117unic.sys -- (s117unic [On_Demand | Stopped])
DRV - [2007-06-25 11:43:36 | 00,022,952 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117nd5.sys -- (s117nd5 [On_Demand | Stopped])
DRV - [2007-06-25 11:43:26 | 00,014,888 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mdfl.sys -- (s117mdfl [On_Demand | Stopped])
DRV - [2007-06-25 11:43:22 | 00,082,984 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117bus.sys -- (s117bus [On_Demand | Stopped])
DRV - [2006-01-18 14:09:40 | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys -- (ZDPSp50 [On_Demand | Running])
DRV - [2005-12-22 14:45:18 | 00,402,432 | ---- | M] (ZyDAS Technology Corporation) -- C:\WINDOWS\System32\DRIVERS\WlanBZXP.sys -- (SG762_XP [On_Demand | Running])
DRV - [2004-12-13 23:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [Boot | Stopped])
DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2004-08-04 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2001-08-17 22:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Running])
DRV - [2001-08-17 21:53:42 | 00,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\loop.sys -- (msloop [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://annihilation.pl/
IE - HKU\S-1-5-21-299502267-1547161642-839522115-1003\S-1-5-21-299502267-1547161642-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.onet.pl"
FF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.6.1A
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.85
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:4.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-05-03 14:21:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-09 08:20:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-12 15:59:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-12 15:59:24 | 00,000,000 | ---D | M]

[2009-05-01 18:18:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Extensions
[2009-05-01 18:18:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-10-15 20:27:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions
[2009-08-10 08:57:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-08-04 21:42:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009-10-12 18:18:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009-10-12 18:18:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2009-10-11 22:53:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\amin.eft_Shutdown@gmail.com
[2009-10-15 20:27:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-12 15:59:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-05-03 14:21:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-09-12 15:59:15 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-12 15:59:15 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009-05-03 14:21:03 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009-09-12 15:59:19 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2004-12-14 02:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008-09-10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2008-09-10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009-08-08 20:30:05 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-08-08 20:30:05 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-08-08 20:30:05 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-08-08 20:30:05 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-08-08 20:30:05 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-08-08 20:30:05 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-08-08 20:30:05 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe (Eugene Gavrilov)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-299502267-1547161642-839522115-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.exe ( )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-05-01 17:30:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-10-11 12:42:02 | 00,000,000 | ---D | C] -- C:\Program Files\SAGEM
[2009-10-11 12:42:48 | 00,000,000 | ---D | C] -- C:\Program Files\SAGEM WiFi manager
[2009-10-15 21:31:47 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\RaV\Pulpit\OTL.exe
[2009-10-14 21:49:04 | 02,146,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009-10-14 21:49:03 | 02,067,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009-10-14 21:49:03 | 02,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009-10-11 12:42:49 | 00,031,744 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\ZDPSp50a64.sys
[2009-10-11 12:42:49 | 00,029,184 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\BRGSp50a64.sys
[2009-10-11 12:42:49 | 00,020,608 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\BRGSp50.sys
[2009-10-11 12:42:49 | 00,017,664 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\ZDPSp50.sys
[2009-10-11 12:40:45 | 00,493,440 | ---- | C] (ZyDAS Technology Corporation) -- C:\WINDOWS\System32\drivers\WlanBZ64.SYS
[2009-10-11 12:40:45 | 00,402,432 | ---- | C] (ZyDAS Technology Corporation) -- C:\WINDOWS\System32\drivers\WlanBZXP.sys
[2009-10-11 12:39:51 | 00,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32N50.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009-10-15 21:31:50 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RaV\Pulpit\OTL.exe
[2009-10-15 21:27:15 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-10-15 21:26:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-15 21:26:31 | 00,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2009-10-15 21:26:31 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-15 21:25:20 | 04,279,050 | -H-- | M] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-10-15 21:21:26 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2009-10-14 22:17:21 | 01,042,454 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-10-14 22:17:21 | 00,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-10-14 22:17:21 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-10-14 22:17:21 | 00,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-10-14 22:17:21 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-10-14 22:15:19 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-10-14 21:49:04 | 00,145,408 | ---- | M] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-11 12:42:44 | 00,001,465 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk
[2009-10-02 20:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009-09-25 07:37:34 | 00,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll
[2009-09-25 07:37:34 | 00,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009-09-25 07:37:33 | 01,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shdocvw.dll
[2009-09-25 07:37:33 | 01,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009-09-25 07:37:33 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon.dll
[2009-09-25 07:37:33 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009-09-25 07:37:32 | 03,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009-09-25 07:37:32 | 03,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009-09-25 07:37:30 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009-09-25 07:37:30 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2009-09-25 07:20:34 | 00,370,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009-09-20 12:22:28 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-19 12:35:47 | 00,350,192 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009-09-16 15:33:08 | 00,025,978 | ---- | M] () -- C:\WINDOWS\DIIUnin.dat
[2009-09-16 14:52:59 | 00,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009-09-16 14:52:59 | 00,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2009-09-16 14:52:59 | 00,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-11 12:42:44 | 00,001,465 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk
[2009-10-11 12:39:51 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll
[2009-08-05 16:28:35 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-07-31 22:58:12 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-31 22:58:05 | 00,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll
[2009-07-28 19:38:29 | 00,018,216 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-07-28 12:55:10 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2009-07-15 10:16:52 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\RaV\Dane aplikacji\Smiley.ico
[2009-06-07 08:58:24 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-05-27 08:42:52 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-05-18 20:11:07 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\mswocx.dll
[2009-05-15 15:02:47 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009-05-15 15:02:47 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009-05-15 15:02:47 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009-05-09 13:41:39 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2009-05-09 13:40:28 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009-05-09 13:40:27 | 00,246,784 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009-05-09 13:40:25 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009-05-09 13:40:24 | 00,148,480 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009-05-09 13:40:22 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2009-05-09 13:40:21 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009-05-09 13:40:20 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009-05-09 13:40:18 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009-05-09 13:40:18 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009-05-09 13:39:48 | 01,416,015 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2009-05-09 13:39:37 | 00,557,469 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009-05-09 13:39:32 | 00,146,098 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009-05-09 13:39:30 | 04,471,092 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009-05-09 13:38:55 | 00,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2009-05-09 13:38:55 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2009-05-09 13:38:53 | 00,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2009-05-09 13:38:52 | 00,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2009-05-09 13:38:50 | 00,486,400 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2009-05-09 13:38:46 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2009-05-09 13:38:44 | 00,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2009-05-09 13:38:41 | 02,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009-05-09 13:38:22 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009-05-09 13:38:20 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009-05-09 13:38:13 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009-05-09 13:38:11 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009-05-09 13:37:56 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009-05-09 13:32:48 | 00,145,408 | ---- | C] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-05-01 19:21:13 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-05-01 17:43:34 | 04,279,050 | -H-- | C] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-05-01 17:37:02 | 00,018,460 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009-05-01 17:36:26 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-05-01 17:36:20 | 00,014,280 | ---- | C] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-05-01 17:36:10 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009-05-01 17:34:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\RaV\Dane aplikacji\desktop.ini
[2007-11-26 21:56:28 | 00,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2004-08-04 12:00:00 | 00,000,777 | ---- | C] () -- C:\WINDOWS\win.ini
[2004-08-04 12:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-10-11 11:51:12 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2009-06-07 10:07:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2009-05-26 10:46:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard
[2009-09-01 19:06:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2009-05-01 18:28:03 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2009-09-04 21:21:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
[2009-08-21 19:17:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-09-13 15:41:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2009-05-01 19:21:13 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2009-05-01 17:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2009-05-01 17:33:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2009-09-06 19:35:14 | 00,000,000 | R--D | M] -- C:\Documents and Settings\RaV\Dane aplikacji
[2009-05-27 08:45:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Ahead
[2009-06-07 10:07:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\ATI
[2009-05-19 17:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Edytor Mapek Margonem
[2009-05-17 16:00:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Gadu-Gadu
[2009-09-19 17:15:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\gtk-2.0
[2009-05-04 09:10:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\MargonemMapki
[2009-05-02 12:21:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-19 16:04:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\SecondLife
[2009-09-06 19:35:14 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\SecuROM
[2009-06-29 09:07:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Tibia
[2009-06-18 09:03:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\TibiaTestserver
[2009-06-24 21:03:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Ventrilo
[2004-08-04 12:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-10-15 21:26:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
@Alternate Data Stream - 303 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E41EAF13
< End of report >
[/log]

Psycholandia
komentarz
komentarz

Log jest czysty, uruchom ponownie OTL i kliknij na CleanUP.
Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
Firewalla przeinstaluj i wykonaj optymalizację: http://www.forumpc.pl/index.php?showtopic=17478

Iska
komentarz
komentarz

malware
[log]Malwarebytes' Anti-Malware 1.41
Wersja bazy definicji: 2968
Windows 5.1.2600 Dodatek Service Pack 3

2009-10-15 22:45:58
mbam-log-2009-10-15 (22-45-58).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowane obiekty: 202875
Upłynęło: 1 hour(s), 0 minute(s), 26 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 0
Zainfekowane wartości rejestru: 0
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 0
Zainfekowane pliki: 2

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
(Nie wykryto groźnych plików)

Zainfekowane wartości rejestru:
(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:
(Nie wykryto groźnych plików)

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
D:\Benchmarki\super_pi_mod-1.5\super_pi_mod.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
D:\Starcraft\scbw0_112.exe (Backdoor.Hupigon) -> Quarantined and deleted successfully.
[/log]

Psycholandia
komentarz
komentarz

Czy zachowanie komputera uległo poprawie?

Iska
komentarz
komentarz

Nie zawiesza się już system ale zone alarm nadal szwankuje

MarekM25
komentarz
komentarz

Dokładniej co się dzieje z FireWallem?

Iska
komentarz
komentarz

Po próbie odpalenia go z tray'a wyświetla się puste okno.

Psycholandia
komentarz
komentarz

Próbowałeś przeinstalować?
Może usuń, przeczyść komputer i rejestr Ccleanerem i spróbuj zainstalować.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.