Iska utworzono 15 października 2009 utworzono 15 października 2009 Po jakimś czasie wiesza mi się system, poza tym firewall dziwnie się zachowuje. Logi z otl [log]OTL logfile created on: 2009-10-15 21:32:27 - Run 3 OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\RaV\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 75,66% Memory free 3,85 Gb Paging File | 3,37 Gb Available in Paging File | 87,71% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,65 Gb Total Space | 2,46 Gb Free Space | 16,80% Space Free | Partition Type: NTFS Drive D: | 59,87 Gb Total Space | 6,22 Gb Free Space | 10,38% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: RAFA Current User Name: RaV Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-10-15 21:31:50 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RaV\Pulpit\OTL.exe PRC - [2009-09-12 15:59:17 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-08-17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-05-03 14:21:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-04-29 04:04:44 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe PRC - [2009-02-16 00:10:22 | 02,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe PRC - [2009-02-16 00:10:22 | 00,981,384 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2008-12-18 14:32:52 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2008-12-18 13:19:44 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2008-04-05 01:10:02 | 00,500,224 | ---- | M] (Eugene Gavrilov) -- C:\WINDOWS\System32\kxmixer.exe PRC - [2007-05-10 16:36:56 | 02,111,176 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2006-10-19 13:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-01-19 16:54:34 | 00,925,696 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-08-17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2009-08-17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2009-08-17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running]) SRV - [2009-08-17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2009-06-18 17:14:00 | 03,132,844 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des -- (npggsvc [On_Demand | Stopped]) SRV - [2009-05-03 14:21:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2009-04-29 04:04:44 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2009-04-28 21:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2009-02-16 00:10:22 | 02,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running]) SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2006-12-23 17:54:04 | 00,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped]) SRV - [2006-10-19 13:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running]) SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-08-17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2009-08-17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running]) DRV - [2009-08-17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2009-08-17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running]) DRV - [2009-08-17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2009-08-17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running]) DRV - [2009-07-21 16:11:58 | 00,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped]) DRV - [2009-07-21 16:11:58 | 00,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggflt.sys -- (ggflt [On_Demand | Stopped]) DRV - [2009-04-29 05:30:44 | 03,643,904 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2009-02-16 00:10:26 | 00,353,672 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant [Auto | Running]) DRV - [2008-11-17 02:24:00 | 00,051,688 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running]) DRV - [2008-09-17 14:14:00 | 00,027,672 | R--- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\DRIVERS\ENTECH.SYS -- (ENTECH [On_Demand | Stopped]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2008-04-14 18:03:40 | 00,031,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wceusbsh.sys -- (wceusbsh [System | Stopped]) DRV - [2008-04-13 20:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped]) DRV - [2008-04-13 20:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running]) DRV - [2008-04-13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running]) DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2008-04-05 01:10:02 | 00,568,320 | ---- | M] (Eugene Gavrilov) -- C:\WINDOWS\System32\drivers\kx.sys -- (kxwdmdrv [On_Demand | Running]) DRV - [2007-08-29 21:41:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\l151x86.sys -- (AtcL001 [On_Demand | Running]) DRV - [2007-06-25 11:43:38 | 00,098,344 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117obex.sys -- (s117obex [On_Demand | Stopped]) DRV - [2007-06-25 11:43:36 | 00,108,456 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mdm.sys -- (s117mdm [On_Demand | Stopped]) DRV - [2007-06-25 11:43:36 | 00,100,264 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mgmt.sys -- (s117mgmt [On_Demand | Stopped]) DRV - [2007-06-25 11:43:36 | 00,098,856 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117unic.sys -- (s117unic [On_Demand | Stopped]) DRV - [2007-06-25 11:43:36 | 00,022,952 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117nd5.sys -- (s117nd5 [On_Demand | Stopped]) DRV - [2007-06-25 11:43:26 | 00,014,888 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117mdfl.sys -- (s117mdfl [On_Demand | Stopped]) DRV - [2007-06-25 11:43:22 | 00,082,984 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s117bus.sys -- (s117bus [On_Demand | Stopped]) DRV - [2006-01-18 14:09:40 | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys -- (ZDPSp50 [On_Demand | Running]) DRV - [2005-12-22 14:45:18 | 00,402,432 | ---- | M] (ZyDAS Technology Corporation) -- C:\WINDOWS\System32\DRIVERS\WlanBZXP.sys -- (SG762_XP [On_Demand | Running]) DRV - [2004-12-13 23:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [Boot | Stopped]) DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running]) DRV - [2004-08-04 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2001-08-17 22:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Running]) DRV - [2001-08-17 21:53:42 | 00,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\loop.sys -- (msloop [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://annihilation.pl/ IE - HKU\S-1-5-21-299502267-1547161642-839522115-1003\S-1-5-21-299502267-1547161642-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.onet.pl" FF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.6.1A FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.85 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:4.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-05-03 14:21:04 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-09 08:20:02 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-12 15:59:24 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-12 15:59:24 | 00,000,000 | ---D | M] [2009-05-01 18:18:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Extensions [2009-05-01 18:18:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-10-15 20:27:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions [2009-08-10 08:57:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-08-04 21:42:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2009-10-12 18:18:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2009-10-12 18:18:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033} [2009-10-11 22:53:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\mozilla\Firefox\Profiles\q5qskjo3.default\extensions\amin.eft_Shutdown@gmail.com [2009-10-15 20:27:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-09-12 15:59:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-05-03 14:21:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-09-12 15:59:15 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-12 15:59:15 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2009-05-03 14:21:03 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-09-12 15:59:19 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2004-12-14 02:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2008-09-10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2008-09-10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009-08-08 20:30:05 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-08-08 20:30:05 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-08 20:30:05 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-08-08 20:30:05 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-08-08 20:30:05 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-08-08 20:30:05 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-08-08 20:30:05 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe (Eugene Gavrilov) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKU\S-1-5-21-299502267-1547161642-839522115-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.exe ( ) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-299502267-1547161642-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-05-01 17:30:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-10-11 12:42:02 | 00,000,000 | ---D | C] -- C:\Program Files\SAGEM [2009-10-11 12:42:48 | 00,000,000 | ---D | C] -- C:\Program Files\SAGEM WiFi manager [2009-10-15 21:31:47 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\RaV\Pulpit\OTL.exe [2009-10-14 21:49:04 | 02,146,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2009-10-14 21:49:03 | 02,067,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2009-10-14 21:49:03 | 02,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2009-10-11 12:42:49 | 00,031,744 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\ZDPSp50a64.sys [2009-10-11 12:42:49 | 00,029,184 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\BRGSp50a64.sys [2009-10-11 12:42:49 | 00,020,608 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\BRGSp50.sys [2009-10-11 12:42:49 | 00,017,664 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\ZDPSp50.sys [2009-10-11 12:40:45 | 00,493,440 | ---- | C] (ZyDAS Technology Corporation) -- C:\WINDOWS\System32\drivers\WlanBZ64.SYS [2009-10-11 12:40:45 | 00,402,432 | ---- | C] (ZyDAS Technology Corporation) -- C:\WINDOWS\System32\drivers\WlanBZXP.sys [2009-10-11 12:39:51 | 00,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32N50.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [7 C:\WINDOWS\*.tmp files] [2009-10-15 21:31:50 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RaV\Pulpit\OTL.exe [2009-10-15 21:27:15 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-10-15 21:26:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-15 21:26:31 | 00,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2009-10-15 21:26:31 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-10-15 21:25:20 | 04,279,050 | -H-- | M] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-15 21:21:26 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2009-10-14 22:17:21 | 01,042,454 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-10-14 22:17:21 | 00,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-10-14 22:17:21 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-10-14 22:17:21 | 00,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-10-14 22:17:21 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-10-14 22:15:19 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-10-14 21:49:04 | 00,145,408 | ---- | M] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-11 12:42:44 | 00,001,465 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk [2009-10-02 20:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-09-25 07:37:34 | 00,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll [2009-09-25 07:37:34 | 00,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2009-09-25 07:37:33 | 01,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shdocvw.dll [2009-09-25 07:37:33 | 01,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll [2009-09-25 07:37:33 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon.dll [2009-09-25 07:37:33 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2009-09-25 07:37:32 | 03,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll [2009-09-25 07:37:32 | 03,091,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2009-09-25 07:37:30 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2009-09-25 07:37:30 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll [2009-09-25 07:20:34 | 00,370,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2009-09-20 12:22:28 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-09-19 12:35:47 | 00,350,192 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2009-09-16 15:33:08 | 00,025,978 | ---- | M] () -- C:\WINDOWS\DIIUnin.dat [2009-09-16 14:52:59 | 00,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll [2009-09-16 14:52:59 | 00,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll [2009-09-16 14:52:59 | 00,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-11 12:42:44 | 00,001,465 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk [2009-10-11 12:39:51 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll [2009-08-05 16:28:35 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-07-31 22:58:12 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-07-31 22:58:05 | 00,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll [2009-07-28 19:38:29 | 00,018,216 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-07-28 12:55:10 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2009-07-15 10:16:52 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\RaV\Dane aplikacji\Smiley.ico [2009-06-07 08:58:24 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2009-05-27 08:42:52 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-05-18 20:11:07 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\mswocx.dll [2009-05-15 15:02:47 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2009-05-15 15:02:47 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2009-05-15 15:02:47 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2009-05-09 13:41:39 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2009-05-09 13:40:28 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2009-05-09 13:40:27 | 00,246,784 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll [2009-05-09 13:40:25 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2009-05-09 13:40:24 | 00,148,480 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2009-05-09 13:40:22 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll [2009-05-09 13:40:21 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2009-05-09 13:40:20 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2009-05-09 13:40:18 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2009-05-09 13:40:18 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2009-05-09 13:39:48 | 01,416,015 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll [2009-05-09 13:39:37 | 00,557,469 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2009-05-09 13:39:32 | 00,146,098 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2009-05-09 13:39:30 | 04,471,092 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2009-05-09 13:38:55 | 00,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2009-05-09 13:38:55 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2009-05-09 13:38:53 | 00,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2009-05-09 13:38:52 | 00,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2009-05-09 13:38:50 | 00,486,400 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2009-05-09 13:38:46 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2009-05-09 13:38:44 | 00,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2009-05-09 13:38:41 | 02,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2009-05-09 13:38:22 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2009-05-09 13:38:20 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2009-05-09 13:38:13 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2009-05-09 13:38:11 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2009-05-09 13:37:56 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2009-05-09 13:32:48 | 00,145,408 | ---- | C] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-05-01 19:21:13 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-05-01 17:43:34 | 04,279,050 | -H-- | C] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-05-01 17:37:02 | 00,018,460 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2009-05-01 17:36:26 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009-05-01 17:36:20 | 00,014,280 | ---- | C] () -- C:\Documents and Settings\RaV\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-05-01 17:36:10 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-05-01 17:34:45 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\RaV\Dane aplikacji\desktop.ini [2007-11-26 21:56:28 | 00,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2004-08-04 12:00:00 | 00,000,777 | ---- | C] () -- C:\WINDOWS\win.ini [2004-08-04 12:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== LOP Check ==========[/color] [2009-10-11 11:51:12 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-06-07 10:07:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI [2009-05-26 10:46:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard [2009-09-01 19:06:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2009-05-01 18:28:03 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2009-09-04 21:21:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground [2009-08-21 19:17:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-09-13 15:41:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited [2009-05-01 19:21:13 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-05-01 17:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-05-01 17:33:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2009-09-06 19:35:14 | 00,000,000 | R--D | M] -- C:\Documents and Settings\RaV\Dane aplikacji [2009-05-27 08:45:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Ahead [2009-06-07 10:07:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\ATI [2009-05-19 17:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Edytor Mapek Margonem [2009-05-17 16:00:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Gadu-Gadu [2009-09-19 17:15:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\gtk-2.0 [2009-05-04 09:10:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\MargonemMapki [2009-05-02 12:21:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Nowe Gadu-Gadu [2009-08-19 16:04:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\SecondLife [2009-09-06 19:35:14 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\SecuROM [2009-06-29 09:07:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Tibia [2009-06-18 09:03:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\TibiaTestserver [2009-06-24 21:03:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RaV\Dane aplikacji\Ventrilo [2004-08-04 12:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-10-15 21:26:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 303 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B @Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E41EAF13 < End of report > [/log]
Psycholandia komentarz 15 października 2009 komentarz 15 października 2009 Log jest czysty, uruchom ponownie OTL i kliknij na CleanUP. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware) Firewalla przeinstaluj i wykonaj optymalizację: http://www.forumpc.pl/index.php?showtopic=17478
Iska komentarz 15 października 2009 Autor komentarz 15 października 2009 malware [log]Malwarebytes' Anti-Malware 1.41 Wersja bazy definicji: 2968 Windows 5.1.2600 Dodatek Service Pack 3 2009-10-15 22:45:58 mbam-log-2009-10-15 (22-45-58).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowane obiekty: 202875 Upłynęło: 1 hour(s), 0 minute(s), 26 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 0 Zainfekowane wartości rejestru: 0 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 2 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: (Nie wykryto groźnych plików) Zainfekowane wartości rejestru: (Nie wykryto groźnych plików) Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: D:\Benchmarki\super_pi_mod-1.5\super_pi_mod.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully. D:\Starcraft\scbw0_112.exe (Backdoor.Hupigon) -> Quarantined and deleted successfully. [/log]
Psycholandia komentarz 15 października 2009 komentarz 15 października 2009 Czy zachowanie komputera uległo poprawie?
Iska komentarz 16 października 2009 Autor komentarz 16 października 2009 Nie zawiesza się już system ale zone alarm nadal szwankuje
MarekM25 komentarz 16 października 2009 komentarz 16 października 2009 Dokładniej co się dzieje z FireWallem?
Iska komentarz 16 października 2009 Autor komentarz 16 października 2009 Po próbie odpalenia go z tray'a wyświetla się puste okno.
Psycholandia komentarz 16 października 2009 komentarz 16 października 2009 Próbowałeś przeinstalować? Może usuń, przeczyść komputer i rejestr Ccleanerem i spróbuj zainstalować.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.