monik123 utworzono 6 lutego 2010 utworzono 6 lutego 2010 (edytowane) Witam. Niestety od pewnego czasu nie mogę wchodzić na strony, na które trzeba się zalogować (Gmail, Facebook czy też nawet grafik pracowniczy, który jest niezbędny). Wyskakuje mi morderczy błąd "Błąd 102 (net::ERR_CONNECTION_REFUSED)". Usunięto wszystkie pliki cookie, jednak to nic nie dało. Próbowałam przeskanować system Avastem, jednak po kilku minutach skanowania komputer mi się całkowicie wyłączył i przez jakieś kilka godzin nie mogłam go ponownie uruchomić, bo znów padał, gdy tylko miałam się zalogować na konto. Problem dość uciążliwy, ponieważ nawet nie mogę sprawdzić e-mail z potrzebnymi rzeczami! Jakaś rada na zwalczenie prawdopodobnego robala, bo co to może być innego niż wirus?
asmodeuszz komentarz 6 lutego 2010 komentarz 6 lutego 2010 Wrzuć logi OTL i przenoszę do działu Bezpieczeństwo.
monik123 komentarz 6 lutego 2010 Autor komentarz 6 lutego 2010 (edytowane) Wrzucam cały, jaki mi wyskoczył: [log]OTL logfile created on: 2010-02-06 16:51:53 - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Monika\Documents\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 013,00 Mb Total Physical Memory | 184,00 Mb Available Physical Memory | 18,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 32,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 51,14 Gb Total Space | 5,66 Gb Free Space | 11,07% Space Free | Partition Type: NTFS Drive D: | 50,89 Gb Total Space | 37,16 Gb Free Space | 73,02% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MONIKA-PC Current User Name: Monika Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-02-06 16:50:27 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Documents\Downloads\OTL.exe PRC - [2010-01-21 08:24:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2009-11-03 18:18:33 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Monika\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe PRC - [2009-08-07 03:24:04 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe PRC - [2009-08-03 21:25:50 | 000,249,856 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\blueconnect\DataCardMonitor.exe PRC - [2009-06-15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-05-24 16:32:49 | 000,133,104 | ---- | M] (Google Inc.) -- C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe PRC - [2009-03-03 02:59:26 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2008-10-29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-09-10 16:40:06 | 000,289,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2008-09-10 16:39:48 | 000,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2008-09-10 15:50:26 | 000,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008-08-29 09:18:44 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008-05-16 00:19:31 | 000,079,224 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2008-05-16 00:19:24 | 000,144,760 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2008-05-16 00:19:00 | 000,247,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2008-05-16 00:16:59 | 000,349,560 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2008-05-16 00:06:57 | 000,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2008-01-29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe PRC - [2008-01-09 17:31:55 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2008-01-02 17:07:04 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe PRC - [2008-01-02 17:07:02 | 000,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe PRC - [2008-01-02 17:06:58 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe PRC - [2008-01-02 17:06:52 | 000,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe PRC - [2007-11-16 19:56:44 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\service\st330service.exe PRC - [2007-11-16 19:56:42 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe PRC - [2007-11-13 16:01:37 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Monika\AppData\Local\Temp\RtkBtMnt.exe PRC - [2007-09-12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2007-08-16 13:14:43 | 002,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2007-07-24 11:21:26 | 000,450,560 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2007-07-06 04:06:00 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007-06-27 10:15:34 | 000,752,136 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2007-06-13 11:23:54 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe PRC - [2007-06-06 09:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe PRC - [2007-06-06 09:06:44 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe PRC - [2007-05-24 13:38:22 | 000,206,952 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe PRC - [2007-05-22 14:00:04 | 000,753,664 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe PRC - [2007-05-22 14:00:02 | 000,135,168 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe PRC - [2007-05-22 07:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe PRC - [2007-05-10 13:05:36 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe PRC - [2007-04-25 15:34:30 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe PRC - [2007-04-25 15:33:36 | 000,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe PRC - [2007-03-21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007-03-21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007-03-14 09:52:30 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe PRC - [2007-02-13 06:26:50 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe PRC - [2007-02-09 06:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe PRC - [2007-01-30 06:23:52 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe PRC - [2007-01-23 14:48:12 | 000,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2007-01-17 10:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-11-24 11:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe PRC - [2006-11-21 05:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2006-11-21 05:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe PRC - [2006-11-02 13:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2006-11-02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2006-11-02 13:35:32 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2006-11-02 13:35:32 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2006-11-02 13:34:48 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2006-11-02 13:34:46 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2006-11-02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2006-11-02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2006-11-02 10:45:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2006-11-02 10:45:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskmgr.exe PRC - [2006-11-02 10:45:48 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2006-11-02 10:45:46 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2006-11-02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2006-11-02 10:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2006-11-02 10:45:21 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2006-11-02 10:45:04 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2006-11-02 10:45:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2006-11-02 10:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-02-06 16:50:27 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Documents\Downloads\OTL.exe MOD - [2007-05-22 14:00:04 | 000,090,112 | ---- | M] (acer) -- C:\Windows\System32\eNetHook.dll MOD - [2006-11-02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2008-09-10 16:39:48 | 000,536,872 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2008-09-10 15:50:26 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008-08-29 09:18:44 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008-05-16 00:19:24 | 000,144,760 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2008-05-16 00:19:00 | 000,247,160 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2008-05-16 00:16:59 | 000,349,560 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2008-05-16 00:06:57 | 000,017,272 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2008-03-21 16:16:37 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2008-01-29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service) SRV - [2007-11-16 19:56:44 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files\Thomson\ST330\service\st330service.exe -- (st330service) SRV - [2007-09-12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2007-09-12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2007-08-16 13:04:35 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-06-13 11:23:54 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService) SRV - [2007-05-22 14:00:02 | 000,135,168 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service) SRV - [2007-05-10 13:05:36 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService) SRV - [2007-04-25 15:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service) SRV - [2007-03-21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2007-03-14 09:52:30 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService) SRV - [2007-02-13 06:26:50 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService) SRV - [2007-01-30 06:23:52 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService) SRV - [2007-01-23 14:48:12 | 000,266,343 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS) SRV - [2007-01-17 10:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2006-11-24 11:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) SRV - [2006-11-21 05:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex) SRV - [2006-11-21 05:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2006-11-21 05:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2006-11-21 05:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2006-11-21 05:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore) SRV - [2006-11-21 05:42:52 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) SRV - [2006-11-21 05:42:12 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc) SRV - [2006-11-02 13:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006-10-26 18:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006-10-26 12:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2008-09-10 15:45:18 | 000,032,000 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL) DRV - [2008-06-12 12:44:44 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2008-05-16 00:20:32 | 000,078,416 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2008-05-16 00:18:00 | 000,050,768 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2008-05-16 00:16:06 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2008-05-16 00:15:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2008-05-16 00:14:11 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2008-04-17 12:12:54 | 000,015,464 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2008-02-13 17:18:22 | 000,261,680 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20080214.003\IDSvix86.sys -- (IDSvix86) DRV - [2008-01-21 10:00:00 | 000,895,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080214.003\NAVEX15.SYS -- (NAVEX15) DRV - [2008-01-21 10:00:00 | 000,082,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080214.003\NAVENG.SYS -- (NAVENG) DRV - [2008-01-18 10:00:00 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2008-01-02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2007-11-30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2007-11-30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2007-11-30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2007-11-16 19:56:43 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stppp.sys -- (stppp) DRV - [2007-11-16 19:56:43 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\st330.sys -- (ST330) DRV - [2007-11-16 19:56:43 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stbus.sys -- (STBUS) DRV - [2007-10-30 19:55:44 | 000,037,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV) DRV - [2007-10-30 19:55:38 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2007-10-30 19:55:34 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2007-10-30 19:55:28 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS) DRV - [2007-10-30 19:55:20 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW) DRV - [2007-10-30 19:55:14 | 000,012,848 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS) DRV - [2007-08-16 13:23:39 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2007-08-02 15:17:26 | 001,749,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2007-07-10 02:59:00 | 001,792,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-06-21 12:16:40 | 000,691,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX) DRV - [2007-06-14 03:33:26 | 000,154,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007-06-05 09:57:48 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2007-04-29 23:45:18 | 002,219,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Sterownik karty Intel(R) DRV - [2007-04-26 10:19:26 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2007-04-26 10:18:04 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2007-04-26 10:17:54 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2007-04-25 15:34:44 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ) DRV - [2007-04-25 15:34:40 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk) DRV - [2007-04-25 15:34:38 | 000,020,776 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter) DRV - [2007-03-21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-03-21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2007-03-07 09:26:50 | 000,032,256 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2007-02-24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007-01-30 06:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007-01-23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006-12-22 20:05:34 | 000,449,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb) DRV - [2006-12-07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15) DRV - [2006-11-21 05:45:36 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2006-11-02 16:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2006-11-02 14:29:38 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr) DRV - [2006-11-02 14:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO) DRV - [2006-11-02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006-11-02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006-11-02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006-11-02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006-11-02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006-11-02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006-11-02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006-11-02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006-11-02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006-11-02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006-11-02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006-11-02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006-11-02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006-11-02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006-11-02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006-11-02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006-11-02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Sterownik karty Intel(R) DRV - [2006-11-02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006-11-02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006-06-19 07:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.intl.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data] IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://www.google.com IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data] IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tattoodle.com?tid=0 IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\S-1-5-21-809953430-2815619426-962852944-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-809953430-2815619426-962852944-1000\S-1-5-21-809953430-2815619426-962852944-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 FF - prefs.js..extensions.enabledItems: {47e5a66c-0e35-11dc-8314-0800200c9a66}:3.0.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-07 20:49:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-07 20:49:47 | 000,000,000 | ---D | M] [2008-10-10 20:53:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions [2010-02-03 19:51:12 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\jw06jorc.default\extensions [2009-03-24 15:42:04 | 000,000,000 | ---D | M] (Aquatint Redone) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\jw06jorc.default\extensions\{47e5a66c-0e35-11dc-8314-0800200c9a66} [2009-03-24 15:38:37 | 000,002,438 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\FireFox\Profiles\jw06jorc.default\searchplugins\album-cover-artorg.xml [2009-03-24 15:39:43 | 000,001,976 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\Mozilla\FireFox\Profiles\jw06jorc.default\searchplugins\rapidshare-google-arama.xml [2010-01-16 16:19:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-01-07 20:49:30 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-07 20:49:31 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-07 20:49:31 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-07 20:49:31 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-07 20:49:31 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-07 20:49:31 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST) O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (Make The Web Better, LLC) O2 - BHO: (no name) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - No CLSID value found. O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation) O3 - HKU\S-1-5-21-809953430-2815619426-962852944-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O4 - HKLM..\Run: [Acer Tour] File not found O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium) O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation) O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd File not found O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.) O4 - HKU\S-1-5-18..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-809953430-2815619426-962852944-1000..\Run: [Acer Tour Reminder] File not found O4 - HKU\S-1-5-21-809953430-2815619426-962852944-1000..\Run: [Google Update] C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKU\S-1-5-21-809953430-2815619426-962852944-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control) O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\Monika\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Monika\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{336bf8f7-6eb5-11dd-99c8-001c265947c2}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe -- File not found O33 - MountPoints2\{336bf8f7-6eb5-11dd-99c8-001c265947c2}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe -- File not found O33 - MountPoints2\{5e217710-806a-11de-bedf-f6a10315b7e8}\Shell - "" = AutoRun O33 - MountPoints2\{5e217710-806a-11de-bedf-f6a10315b7e8}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{631f6f52-a813-11dd-97e8-806e6f6e6963}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe -- File not found O33 - MountPoints2\{631f6f52-a813-11dd-97e8-806e6f6e6963}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhx32.exe -- File not found O33 - MountPoints2\{bf3b8f00-3fca-11de-8043-90051525ff69}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2006-11-02 12:18:47 | 000,000,000 | ---D | M] NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-01-22 14:51:10 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010-01-22 14:51:03 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010-01-22 14:51:01 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010-01-22 14:51:01 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010-01-22 14:50:59 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010-01-22 14:50:58 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010-01-22 14:50:57 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010-01-22 14:50:57 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2010-01-22 14:50:56 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll [2010-01-22 14:50:56 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010-01-22 14:50:55 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010-01-22 14:50:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010-01-22 14:50:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010-01-22 14:50:54 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010-01-22 14:50:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010-01-22 14:50:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010-01-22 14:50:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010-01-17 12:24:17 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Nowy folder [2010-01-16 16:16:56 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-01-13 16:46:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010-01-13 16:46:14 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-01-13 16:46:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2010-01-13 16:46:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2007-11-13 21:45:49 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [2007-11-13 21:45:49 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll [2007-08-16 20:53:46 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll [2007-08-16 13:33:47 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-02-06 16:57:15 | 002,621,440 | -HS- | M] () -- C:\Users\Monika\NTUSER.DAT [2010-02-06 16:23:04 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-809953430-2815619426-962852944-1000UA.job [2010-02-06 16:00:40 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-02-06 16:00:30 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-02-06 16:00:30 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-02-06 16:00:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-02-06 16:00:03 | 1063,264,256 | -HS- | M] () -- C:\hiberfil.sys [2010-02-05 15:24:08 | 000,002,051 | ---- | M] () -- C:\Users\Monika\Desktop\Google Chrome.lnk [2010-02-03 22:23:51 | 003,337,718 | -H-- | M] () -- C:\Users\Monika\AppData\Local\IconCache.db [2010-02-03 20:44:33 | 000,043,082 | ---- | M] () -- C:\Users\Monika\Untitled 2.png [2010-02-01 18:23:05 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-809953430-2815619426-962852944-1000Core.job [2010-01-29 23:34:29 | 000,035,197 | ---- | M] () -- C:\Users\Monika\Untitled 1.png [2010-01-29 23:34:15 | 000,033,501 | ---- | M] () -- C:\Users\Monika\kawar.png [2010-01-29 23:15:25 | 000,079,439 | ---- | M] () -- C:\Users\Monika\walen.png [2010-01-29 20:46:11 | 000,000,490 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Monika.job [2010-01-29 17:53:29 | 001,440,054 | ---- | M] () -- C:\Users\Monika\Untitled 2.bmp [2010-01-18 12:12:55 | 000,306,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-02-05 15:24:08 | 000,002,051 | ---- | C] () -- C:\Users\Monika\Desktop\Google Chrome.lnk [2010-01-31 17:53:03 | 000,043,082 | ---- | C] () -- C:\Users\Monika\Untitled 2.png [2010-01-29 23:34:28 | 000,035,197 | ---- | C] () -- C:\Users\Monika\Untitled 1.png [2010-01-29 23:34:13 | 000,033,501 | ---- | C] () -- C:\Users\Monika\kawar.png [2010-01-29 23:15:23 | 000,079,439 | ---- | C] () -- C:\Users\Monika\walen.png [2010-01-29 17:53:28 | 001,440,054 | ---- | C] () -- C:\Users\Monika\Untitled 2.bmp [2008-06-06 18:42:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008-02-03 15:15:04 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2008-01-02 16:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll [2008-01-02 16:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll [2008-01-02 16:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll [2008-01-02 16:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll [2007-12-16 18:24:27 | 000,035,840 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-12-02 14:08:19 | 000,000,680 | ---- | C] () -- C:\Users\Monika\AppData\Local\d3d9caps.dat [2007-11-14 07:39:23 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI [2007-11-14 07:39:08 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI [2007-11-13 21:45:49 | 001,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys [2007-11-13 21:45:49 | 000,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys [2007-11-13 21:45:49 | 000,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini [2007-11-13 21:45:49 | 000,000,131 | ---- | C] () -- C:\Windows\PidList.ini [2007-08-16 23:57:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2007-08-16 20:55:28 | 000,000,115 | ---- | C] () -- C:\Windows\Alaunch.ini [2007-08-16 20:54:03 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll [2007-08-16 20:54:03 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1280.dll [2007-08-16 20:53:46 | 001,749,376 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2007-08-16 20:53:46 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2007-08-16 13:41:21 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll [2007-08-16 13:34:48 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2007-08-16 13:34:48 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2007-08-16 13:33:42 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2007-08-16 12:44:17 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007-04-25 15:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll [2007-04-25 15:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll [2007-04-25 15:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll [2007-04-25 15:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll [2007-04-25 15:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll [2007-04-25 15:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll [2006-12-25 14:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001-12-26 14:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001-09-03 21:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001-07-30 14:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001-07-23 20:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [color=#E56717]========== LOP Check ==========[/color] [2008-12-19 15:52:14 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Fit3DLive [2007-11-16 21:22:09 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Gadu-Gadu [2008-12-06 18:08:48 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\NME Alerts [2008-11-09 20:20:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu [2009-02-05 23:26:12 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Red Kawa [2009-06-25 19:03:38 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\uTorrent [2009-04-13 22:49:31 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Zoner [2010-02-03 22:25:33 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2007-08-16 13:36:53 | 000,003,380 | ---- | M] () -- C:\-20070816.log [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2006-11-02 10:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr [2007-08-16 20:56:29 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-02-06 16:00:03 | 1063,264,256 | -HS- | M] () -- C:\hiberfil.sys [2005-08-16 08:49:12 | 000,040,960 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\junction.exe [2006-11-29 16:35:22 | 000,000,512 | ---- | M] () -- C:\MDR.iss [2010-02-06 16:00:01 | 1377,189,888 | -HS- | M] () -- C:\pagefile.sys [2007-08-16 12:40:14 | 000,000,420 | ---- | M] () -- C:\RHDSetup.log [2007-11-20 11:11:54 | 000,000,159 | ---- | M] () -- C:\Setup.log [2007-11-13 16:00:31 | 001,680,112 | ---- | M] () -- C:\vcredist_x86.log [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:B203B914 @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:0A73A758 @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:375A40C3 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:94188BC6 @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:798A3728 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:30A9E86A @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:AA9519A6 @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:3B3A35EC < End of report > [/log] Wyciągnęło mi również jakieś ikony na pulpit: [attachment=9857:ik.png] Przy okazji mam odmowę dostępu do Muzyki, Obrazów i Wideo w Dokumentach po tym skanowaniu... + wyłączył mi się kilkakrotnie.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.