artega7 utworzono 20 marca 2010 utworzono 20 marca 2010 Mam problem, chciałem ściągnąć sobie program z Internetu, ale zamiast tego zainstalowało mi się jakieś „złośliwe oprogramowanie”, chodzi mi o to, że pojawiła się ikona na pulpicie, która odsyła mnie do jakiejś zagranicznej strony, ten program schował się pod ikoną internet Explorer. Próbowałem to przesunąć do kosza, włączyłem program antywirusowy, program do usuwania złośliwego oprogramowania, ale nic to nie dało. Proszę o pomoc, może miał ktoś z tym problem, dodam log z OTLa [log]OTL logfile created on: 2010-03-20 11:23:34 - Run 2 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Mateusz\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 023,00 Mb Total Physical Memory | 202,00 Mb Available Physical Memory | 20,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 390,63 Gb Total Space | 312,61 Gb Free Space | 80,03% Space Free | Partition Type: NTFS Drive D: | 390,63 Gb Total Space | 364,25 Gb Free Space | 93,25% Space Free | Partition Type: NTFS Drive E: | 390,63 Gb Total Space | 319,51 Gb Free Space | 81,79% Space Free | Partition Type: NTFS Drive F: | 225,38 Gb Total Space | 222,07 Gb Free Space | 98,53% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ARTEGA7 Current User Name: Mateusz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe PRC - [2010-03-17 12:26:12 | 000,319,192 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\spd.exe PRC - [2010-03-17 12:26:08 | 000,819,416 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\cfosspeed.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-02-03 09:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010-01-26 14:22:32 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe PRC - [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2010-01-13 23:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\Winamp\winampa.exe PRC - [2009-12-17 17:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-10-28 19:40:16 | 000,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009-08-31 17:07:34 | 011,391,592 | ---- | M] (GG Network S.A.) -- D:\Nowe Gadu-Gadu\gg.exe PRC - [2009-06-30 06:26:02 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2008-05-14 02:29:04 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe PRC - [2008-05-08 12:26:26 | 000,438,399 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe PRC - [2008-04-14 21:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-02-28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe PRC - [2008-02-27 11:22:58 | 000,494,088 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe PRC - [2008-02-27 10:29:50 | 000,910,088 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2008-02-27 10:24:52 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2008-02-27 10:24:48 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe PRC - [2008-02-27 10:22:46 | 002,611,368 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2007-09-04 13:52:08 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\IoctlSvc.exe PRC - [2006-09-01 14:57:48 | 000,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe PRC - [2006-07-21 09:56:38 | 016,261,632 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2006-06-01 10:22:00 | 000,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2006-04-26 07:29:50 | 000,237,568 | ---- | M] (Nokia) -- D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe PRC - [2006-04-11 16:52:14 | 001,409,024 | ---- | M] (Time Information Services Ltd.) -- D:\Nokia\Nokia PC Suite 6\PcSync2.exe PRC - [2006-03-23 14:23:54 | 000,471,040 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe PRC - [2003-12-22 07:38:42 | 000,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe PRC - [2003-09-16 04:19:24 | 000,237,568 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqtra08.exe PRC - [2003-08-04 16:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe PRC - [2002-07-11 23:22:58 | 000,176,128 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe PRC - [2001-11-14 03:03:12 | 000,090,112 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Onscreen Display\osd.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime MOD - [2008-04-14 21:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2002-06-19 08:39:14 | 000,053,248 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\Nhkdll.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-03-17 12:26:12 | 000,319,192 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS) SRV - [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$ACRONIS) SQL Server (ACRONIS) SRV - [2009-01-29 16:54:44 | 000,102,400 | ---- | M] (PacketVideo) [Auto | Stopped] -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia) SRV - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2008-11-24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2008-02-27 11:22:58 | 000,494,088 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService) SRV - [2008-02-27 10:24:48 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2004-01-05 13:04:56 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12) SRV - [2001-08-06 05:41:48 | 000,028,672 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe -- (nhksrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2010-03-17 12:26:18 | 000,974,040 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed) DRV - [2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-01-09 19:31:13 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2010-01-09 19:31:13 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2010-01-09 19:31:06 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2010-01-09 19:30:59 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman) DRV - [2009-12-30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-12-30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-12-30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-12-30 11:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-11-16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-06-18 20:50:12 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-06-17 12:17:30 | 000,043,488 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-06-18 02:00:00 | 000,286,592 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0560Vid.sys -- (V0560Vid) DRV - [2008-05-07 10:20:10 | 000,145,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt) DRV - [2008-04-30 08:43:42 | 000,160,768 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0560Afx.sys -- (V0560Afx) DRV - [2008-04-13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-01-15 16:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm) DRV - [2006-09-18 07:59:00 | 000,250,240 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2006-07-24 09:15:04 | 004,353,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-06-01 10:22:00 | 003,925,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv) DRV - [2003-08-04 12:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-12-20 08:02:12 | 000,006,656 | ---- | M] (Netropa Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Msikbd2k.sys -- (msikbd2k) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-15 12:25:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-16 10:58:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-10 17:36:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-03-19 23:05:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-15 12:25:11 | 000,000,000 | ---D | M] [2010-01-09 23:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions [2010-01-10 10:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\extensions [2010-01-10 10:27:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-17 20:37:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-02-16 12:22:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-03-18 18:40:49 | 000,380,712 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 13116 more lines... O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard) O4 - HKLM..\Run: [Live! Central] C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe (Netropa Corp.) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [WinampAgent] d:\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [Nowe Gadu-Gadu] d:\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe (Orb Networks) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [PcSync] D:\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\.DEFAULT..\RunOnce: [VF0560Inst] C:\WINDOWS\System32\V0560Pin.DLL (Creative Technology Ltd.) O4 - HKU\S-1-5-18..\RunOnce: [VF0560Inst] C:\WINDOWS\System32\V0560Pin.DLL (Creative Technology Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4B4513E2-43DF-4E57-9496-FCD37E9DFA64} http://cached.gamedesire.com/g_bin/pl/navy_2_0_0_33.cab (GameDesire Sea Battle) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245189401390 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://85.89.171.5/activex/AxisCamControl.cab (CamImage Class) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://asp.photoprintit.de/microsite/333333/defaults/activex/ips/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.35 217.113.224.36 O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-16 22:06:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-06-16 22:06:18 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-03-20 11:05:50 | 000,000,000 | ---D | C] -- C:\ComboFix [2010-03-20 01:18:07 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2010-03-19 23:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010-03-19 19:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Malwarebytes [2010-03-19 19:50:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-19 19:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-03-19 19:50:12 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-19 19:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-03-19 19:20:27 | 000,000,000 | R--D | C] -- C:\assembly [2010-03-19 15:14:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DivX [2010-03-19 13:28:40 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-03-19 13:27:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010-03-19 13:27:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010-03-19 13:27:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010-03-19 13:27:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010-03-19 13:26:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-03-19 13:25:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-03-19 01:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-03-19 01:02:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-03-19 00:02:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2010-03-18 22:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Browser [2010-03-18 10:09:26 | 000,974,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys [2010-03-18 10:09:26 | 000,334,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll [2010-03-18 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\cFosSpeed [2010-03-18 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy [2010-03-17 23:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory [2010-03-17 20:38:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-03-17 20:30:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\.dsig [2010-03-16 21:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\SYMBIAN [2010-03-15 23:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ovi [2010-03-15 23:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Ovi Suite [2010-03-15 14:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-03-15 14:23:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-03-15 14:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-03-15 14:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\NokiaAccount [2010-03-15 14:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Nokia [2010-03-15 12:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2010-03-15 12:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\Orb Networks [2010-03-15 12:36:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Moje obrazy [2010-03-15 12:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Nokia [2010-03-15 12:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic [2010-03-15 12:31:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization [2010-03-15 12:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies [2010-03-15 12:25:02 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [2010-03-15 12:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2010-03-15 12:24:27 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys [2010-03-15 12:24:26 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2010-03-15 12:24:25 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2010-03-15 12:24:24 | 000,022,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2010-03-15 12:24:23 | 000,660,480 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2010-03-15 12:24:23 | 000,018,048 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2010-03-15 12:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia [2010-03-15 12:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache [2010-03-11 18:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\ARTEGAPL [2010-02-24 22:13:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mateusz\Recent [2010-02-24 21:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010-02-20 14:27:39 | 000,105,088 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\av5flt.sys [2010-02-20 00:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\stonewall [2010-02-17 12:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-02-16 18:11:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\CHEMIA SKANY [2010-02-16 13:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ESET [2010-02-16 12:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-02-16 10:59:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs [2010-02-15 20:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2010-02-15 19:41:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com [2010-02-15 19:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com [2010-02-15 19:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2010-02-15 19:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2010-01-24 13:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client [2010-01-24 13:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2010-01-21 18:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\Allegro Image Resizer [2010-01-09 20:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Acronis [2009-12-02 12:27:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2009-06-17 21:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Sun [2009-06-17 21:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe [2009-06-17 09:00:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-06-16 22:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [6 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-03-20 11:21:42 | 000,000,245 | ---- | M] () -- C:\WINDOWS\Msiosd.ini [2010-03-20 11:21:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-20 11:18:46 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-03-20 11:03:33 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-03-20 11:02:50 | 003,895,562 | R--- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\ComboFix.exe [2010-03-20 11:02:12 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-20 11:01:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-03-20 11:00:41 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\Mateusz\NTUSER.DAT [2010-03-20 11:00:41 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mateusz\ntuser.ini [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2010-03-20 00:54:07 | 000,554,992 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-03-20 00:54:07 | 000,496,158 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-03-20 00:54:07 | 000,109,470 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-03-20 00:54:06 | 001,270,692 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-03-20 00:54:06 | 000,091,912 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-03-19 22:07:31 | 000,109,568 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-03-19 21:41:55 | 000,138,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-03-19 21:41:46 | 000,214,816 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010-03-19 19:50:18 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-19 13:28:42 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-03-19 13:11:04 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-03-18 23:52:54 | 070,225,670 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\kav9.0.0.736sch.zip [2010-03-18 22:00:36 | 000,001,389 | ---- | M] () -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\ĚÚѶQQ.lnk [2010-03-18 18:40:49 | 000,380,712 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-03-18 10:11:14 | 000,000,222 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\cFos Traffic Shaping.lnk [2010-03-18 10:03:46 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\xp-AntiSpy.lnk [2010-03-17 23:03:44 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Wolfenstein - Enemy Territory.lnk [2010-03-17 22:09:55 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-03-17 12:26:18 | 000,974,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys [2010-03-17 12:26:14 | 000,334,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll [2010-03-17 00:42:23 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\11.doc [2010-03-15 23:46:13 | 000,001,844 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Map Loader.lnk [2010-03-15 23:43:08 | 000,030,592 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-03-15 22:36:15 | 003,652,222 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWSA_1.0.0.133.rar [2010-03-15 14:28:21 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk [2010-03-15 14:21:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-03-15 14:21:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf [2010-03-15 14:21:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-03-15 14:21:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-03-15 14:17:00 | 000,156,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-15 12:37:20 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Orb.lnk [2010-03-15 12:33:01 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk [2010-03-15 12:30:45 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Photos.lnk [2010-03-15 12:27:22 | 000,001,788 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Suite.lnk [2010-03-12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe [2010-03-08 18:42:31 | 000,576,156 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Psiloc_FontMagnifier_NokiaPL.sisx [2010-03-08 09:26:59 | 000,105,088 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\av5flt.sys [2010-03-03 22:33:38 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC [2010-03-02 08:38:09 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2010-02-24 22:02:57 | 000,094,230 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\cc_20100224_220248.reg [2010-02-24 21:59:34 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\CCleaner.lnk [2010-02-20 12:20:58 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bind x.doc [2010-02-20 12:18:32 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\bindy.cfg [2010-02-20 01:15:05 | 000,000,087 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\etconfig.cfg [2010-02-20 00:18:12 | 000,160,293 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\stonewall.zip [2010-02-17 13:08:57 | 000,000,750 | ---- | M] () -- C:\WINDOWS\win.ini [2010-02-17 12:55:44 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Spybot - Search & Destroy.lnk [2010-02-16 23:29:39 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\Mateusz\.recently-used.xbel [2010-02-01 17:31:12 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Kopia OCHRONA.doc [2010-01-31 11:02:30 | 001,822,208 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Budowa komorki1.ppt [2010-01-30 16:38:00 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Na matematyce były 3 zadania.doc [2010-01-30 10:34:09 | 000,070,144 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\OCHRONA.doc [2010-01-29 17:19:51 | 116,920,419 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\ochrona___rodowiska_16_i_23.11.09_www.przeklej.pl.rar [2010-01-26 17:19:11 | 009,785,856 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\skany z chemii.doc [2010-01-25 20:40:20 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-01-25 16:14:45 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Szanowna Pani dr Alicja Zawadzka.doc [2010-01-24 13:45:23 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2010-01-23 11:27:58 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Proszę o pomoc w rozwiązaniu zadania.doc [2010-01-22 14:11:39 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Mam miejsce na Bilbord Reklamowy.doc [2010-01-21 18:26:06 | 000,018,786 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\1.2010-01-21.jpg [2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2010-01-20 14:29:28 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ochrona Środowiska_Tematy i pytania_2009.doc [2010-01-19 20:07:01 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWOLUCJONIZM pogląd.doc [2010-01-19 11:36:24 | 000,020,333 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\320[1].jpg [2010-01-19 11:35:34 | 000,033,087 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\416[1].jpg [2010-01-19 11:35:20 | 000,034,356 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\416[1].jpg [2010-01-19 11:34:54 | 000,022,187 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\320[1].jpg [6 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-03-19 19:50:18 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-19 13:28:42 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010-03-19 13:28:41 | 000,262,400 | ---- | C] () -- C:\cmldr [2010-03-19 13:27:19 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-03-19 13:27:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-03-19 13:27:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-03-19 13:27:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-03-19 13:27:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-03-19 13:24:44 | 003,895,562 | R--- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\ComboFix.exe [2010-03-18 23:52:37 | 070,225,670 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\kav9.0.0.736sch.zip [2010-03-18 22:00:36 | 000,001,389 | ---- | C] () -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\ĚÚѶQQ.lnk [2010-03-18 10:11:14 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\cFos Traffic Shaping.lnk [2010-03-18 10:03:46 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\xp-AntiSpy.lnk [2010-03-17 23:03:44 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Wolfenstein - Enemy Territory.lnk [2010-03-17 00:42:22 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\11.doc [2010-03-15 23:46:13 | 000,001,844 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Map Loader.lnk [2010-03-15 22:36:10 | 003,652,222 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWSA_1.0.0.133.rar [2010-03-15 14:21:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf [2010-03-15 14:21:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-03-15 14:16:15 | 000,091,672 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-03-15 12:37:20 | 000,000,839 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Orb.lnk [2010-03-15 12:36:16 | 000,001,855 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk [2010-03-15 12:33:01 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk [2010-03-15 12:30:45 | 000,001,845 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Photos.lnk [2010-03-15 12:27:21 | 000,001,788 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Suite.lnk [2010-03-11 10:10:02 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010-03-08 18:42:29 | 000,576,156 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Psiloc_FontMagnifier_NokiaPL.sisx [2010-02-24 22:02:52 | 000,094,230 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\cc_20100224_220248.reg [2010-02-24 21:59:34 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\CCleaner.lnk [2010-02-20 01:33:40 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bind x.doc [2010-02-20 01:13:39 | 000,000,087 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\etconfig.cfg [2010-02-20 01:09:18 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\bindy.cfg [2010-02-20 00:18:06 | 000,160,293 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\stonewall.zip [2010-02-17 13:14:10 | 000,008,627 | ---- | C] () -- C:\WINDOWS\System32\PAV_FOG.OPC [2010-02-17 12:55:44 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Spybot - Search & Destroy.lnk [2010-02-16 23:29:39 | 000,000,881 | ---- | C] () -- C:\Documents and Settings\Mateusz\.recently-used.xbel [2010-02-01 17:16:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Kopia OCHRONA.doc [2010-01-31 11:02:21 | 001,822,208 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Budowa komorki1.ppt [2010-01-30 16:38:00 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Na matematyce były 3 zadania.doc [2010-01-30 10:34:07 | 000,070,144 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\OCHRONA.doc [2010-01-29 14:37:24 | 116,920,419 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\ochrona___rodowiska_16_i_23.11.09_www.przeklej.pl.rar [2010-01-25 14:37:11 | 009,785,856 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\skany z chemii.doc [2010-01-24 13:43:44 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2010-01-23 11:27:57 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Proszę o pomoc w rozwiązaniu zadania.doc [2010-01-22 14:11:38 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Mam miejsce na Bilbord Reklamowy.doc [2010-01-21 18:56:29 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Szanowna Pani dr Alicja Zawadzka.doc [2010-01-21 18:23:31 | 000,018,786 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\1.2010-01-21.jpg [2010-01-20 14:29:27 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ochrona Środowiska_Tematy i pytania_2009.doc [2010-01-19 20:07:00 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWOLUCJONIZM pogląd.doc [2010-01-19 11:36:33 | 000,020,333 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\320[1].jpg [2010-01-19 11:35:54 | 000,033,087 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\416[1].jpg [2010-01-19 11:35:26 | 000,034,356 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\416[1].jpg [2010-01-19 11:35:00 | 000,022,187 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\320[1].jpg [2009-10-06 20:10:36 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys [2009-09-02 23:04:20 | 000,018,053 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\NMM-MetaData.db [2009-06-23 09:27:29 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-06-19 07:54:50 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-06-17 21:46:21 | 000,000,010 | ---- | C] () -- C:\Program Files\eula.txt [2009-06-17 19:32:38 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-06-17 19:30:49 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-06-17 19:30:47 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-06-17 19:30:47 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-06-17 19:30:46 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-06-17 19:30:45 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-06-17 19:30:45 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-06-17 19:01:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-06-17 19:01:00 | 000,109,568 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-17 14:02:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2009-06-17 14:02:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll [2009-06-17 14:02:14 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Msiosd.ini [2009-06-17 12:04:10 | 000,027,184 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2009-06-16 22:23:28 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys [2009-06-16 22:19:45 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-06-01 10:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-06-01 10:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-06-01 10:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-06-01 10:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-06-01 10:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-06-01 10:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006-06-01 10:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2005-12-07 11:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2004-01-05 13:04:58 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [color=#E56717]========== LOP Check ==========[/color] [2010-01-08 19:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Acronis [2010-03-19 01:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2009-06-18 21:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-06-17 13:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2010-02-16 12:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-03-15 14:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-01-08 17:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-03-15 14:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-03-15 12:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic [2009-11-10 10:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-03-15 14:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2010-03-15 12:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache [2010-03-15 14:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-01-10 00:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Acronis [2009-06-18 22:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite [2010-03-15 22:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Datalayer [2010-01-13 16:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2009-06-23 11:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GetRightToGo [2009-08-11 21:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\gtk-2.0 [2010-01-08 17:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\ipla [2010-03-19 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia [2010-03-15 23:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Ovi Suite [2009-06-23 10:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu [2009-11-10 10:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM [2010-03-15 23:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite [2010-01-24 14:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client [2010-03-20 11:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent [2010-03-09 20:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\VSO [2010-01-09 20:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Acronis [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-16 22:06:42 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-06-16 22:01:54 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010-03-19 13:28:42 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2004-08-04 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr [2010-03-20 11:21:36 | 000,024,192 | ---- | M] () -- C:\ComboFix.txt [2009-06-16 22:06:42 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-06-16 22:19:49 | 000,000,090 | ---- | M] () -- C:\csb.log [2009-06-16 22:06:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-16 20:32:40 | 000,011,298 | ---- | M] () -- C:\mksbasel.cpp.log [2009-06-16 22:06:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2009-06-17 08:24:23 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-03-20 11:01:22 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys [2009-06-16 22:19:49 | 000,000,347 | ---- | M] () -- C:\RHDSetup.log [2009-10-06 20:13:24 | 000,000,086 | ---- | M] () -- C:\Setup.log [2009-10-06 20:11:06 | 000,000,159 | ---- | M] () -- C:\SetupLCVI.log [2009-10-06 20:04:10 | 000,000,159 | ---- | M] () -- C:\SetupLCVU.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report >[/log]
Psycholandia komentarz 20 marca 2010 komentarz 20 marca 2010 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [quote]:Processes explorer.exe :OTL O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.) :Files C:\WINDOWS\QTFont.qfn :Commands [emptytemp] [start explorer] [Reboot][/quote] Pobierz: http://www.freedrweb.pl/livecd.php nagraj na płytę, reset kompa, podczas uruchamiania wciskaj F11, odpali się program i wykona skanowanie. Wszystko co znajdzie usuń.
artega7 komentarz 22 marca 2010 Autor komentarz 22 marca 2010 Wszystko zrobiłem jak trzeba, ale nic nie dało, program znalazł coś, ale to, co chciałem nie usunęło, próbowałem też usunąć to za pomącą specjalnych programów do usuwania plików, które nie chcą się usunąć, ale też nic nie dało. Daje nowe znowu logi po przeprowadzeniu tych procesów. [log]OTL logfile created on: 2010-03-22 12:04:00 - Run 4 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Mateusz\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 023,00 Mb Total Physical Memory | 431,00 Mb Available Physical Memory | 42,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 390,63 Gb Total Space | 296,98 Gb Free Space | 76,03% Space Free | Partition Type: NTFS Drive D: | 390,63 Gb Total Space | 379,19 Gb Free Space | 97,07% Space Free | Partition Type: NTFS Drive E: | 390,63 Gb Total Space | 319,51 Gb Free Space | 81,79% Space Free | Partition Type: NTFS Drive F: | 225,38 Gb Total Space | 222,07 Gb Free Space | 98,53% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ARTEGA7 Current User Name: Mateusz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe PRC - [2010-03-17 12:26:12 | 000,319,192 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\spd.exe PRC - [2010-03-17 12:26:08 | 000,819,416 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\cfosspeed.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-02-03 09:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010-01-26 14:22:32 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe PRC - [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2010-01-13 23:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\Winamp\winampa.exe PRC - [2009-12-17 17:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-10-28 19:40:16 | 000,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009-08-31 17:07:34 | 011,391,592 | ---- | M] (GG Network S.A.) -- D:\Nowe Gadu-Gadu\gg.exe PRC - [2009-08-31 15:56:26 | 000,077,824 | ---- | M] () -- D:\Nowe Gadu-Gadu\spellchecker_gg.exe PRC - [2009-06-30 06:26:02 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe PRC - [2009-03-08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2008-05-14 02:29:04 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe PRC - [2008-05-08 12:26:26 | 000,438,399 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe PRC - [2008-04-14 21:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-02-28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe PRC - [2008-02-27 11:22:58 | 000,494,088 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe PRC - [2008-02-27 10:29:50 | 000,910,088 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2008-02-27 10:24:52 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2008-02-27 10:24:48 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe PRC - [2008-02-27 10:22:46 | 002,611,368 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2007-09-04 13:52:08 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\IoctlSvc.exe PRC - [2006-09-01 14:57:48 | 000,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe PRC - [2006-07-21 09:56:38 | 016,261,632 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2006-06-01 10:22:00 | 000,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2006-04-26 07:29:50 | 000,237,568 | ---- | M] (Nokia) -- D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe PRC - [2006-04-11 16:52:14 | 001,409,024 | ---- | M] (Time Information Services Ltd.) -- D:\Nokia\Nokia PC Suite 6\PcSync2.exe PRC - [2006-03-23 14:23:54 | 000,471,040 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe PRC - [2003-12-22 07:38:42 | 000,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe PRC - [2003-09-16 04:19:24 | 000,237,568 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqtra08.exe PRC - [2003-08-04 16:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe PRC - [2002-08-06 23:28:38 | 000,110,592 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe PRC - [2002-07-11 23:22:58 | 000,176,128 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe PRC - [2001-11-14 03:03:12 | 000,090,112 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Onscreen Display\osd.exe PRC - [2001-08-06 05:41:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime MOD - [2008-04-14 21:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2002-06-19 08:39:14 | 000,053,248 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\Nhkdll.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-03-17 12:26:12 | 000,319,192 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS) SRV - [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$ACRONIS) SQL Server (ACRONIS) SRV - [2009-01-29 16:54:44 | 000,102,400 | ---- | M] (PacketVideo) [Auto | Stopped] -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia) SRV - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2008-11-24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2008-02-27 11:22:58 | 000,494,088 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService) SRV - [2008-02-27 10:24:48 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2004-01-05 13:04:56 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12) SRV - [2001-08-06 05:41:48 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe -- (nhksrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-03-17 12:26:18 | 000,974,040 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed) DRV - [2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-01-09 19:31:13 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2010-01-09 19:31:13 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2010-01-09 19:31:06 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2010-01-09 19:30:59 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman) DRV - [2009-12-30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-12-30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-12-30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-12-30 11:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-11-16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-06-18 20:50:12 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-06-17 12:17:30 | 000,043,488 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-06-18 02:00:00 | 000,286,592 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0560Vid.sys -- (V0560Vid) DRV - [2008-05-07 10:20:10 | 000,145,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt) DRV - [2008-04-30 08:43:42 | 000,160,768 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0560Afx.sys -- (V0560Afx) DRV - [2008-04-13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-01-15 16:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm) DRV - [2006-09-18 07:59:00 | 000,250,240 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2006-07-24 09:15:04 | 004,353,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-06-01 10:22:00 | 003,925,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv) DRV - [2003-08-04 12:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-12-20 08:02:12 | 000,006,656 | ---- | M] (Netropa Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Msikbd2k.sys -- (msikbd2k) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-15 12:25:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-16 10:58:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-10 17:36:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-03-19 23:05:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-15 12:25:11 | 000,000,000 | ---D | M] [2010-01-09 23:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions [2010-01-10 10:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\extensions [2010-01-10 10:27:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-17 20:37:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-02-16 12:22:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-03-18 18:40:49 | 000,380,712 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 13116 more lines... O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard) O4 - HKLM..\Run: [Live! Central] C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe (Netropa Corp.) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [WinampAgent] d:\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [Nowe Gadu-Gadu] d:\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe (Orb Networks) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [PcSync] D:\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\.DEFAULT..\RunOnce: [VF0560Inst] C:\WINDOWS\System32\V0560Pin.DLL (Creative Technology Ltd.) O4 - HKU\S-1-5-18..\RunOnce: [VF0560Inst] C:\WINDOWS\System32\V0560Pin.DLL (Creative Technology Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4B4513E2-43DF-4E57-9496-FCD37E9DFA64} http://cached.gamedesire.com/g_bin/pl/navy_2_0_0_33.cab (GameDesire Sea Battle) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245189401390 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://85.89.171.5/activex/AxisCamControl.cab (CamImage Class) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://asp.photoprintit.de/microsite/333333/defaults/activex/ips/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.35 217.113.224.36 O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-16 22:06:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-03-21 11:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\JRTwine Software [2010-03-21 11:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-03-21 11:28:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Desktopicon [2010-03-21 11:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2010-03-21 11:24:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\program [2010-03-21 11:22:03 | 000,000,000 | ---D | C] -- C:\!KillBox [2010-03-20 17:12:08 | 000,000,000 | ---D | C] -- C:\_OTL [2010-03-20 12:02:28 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-03-20 11:05:50 | 000,000,000 | ---D | C] -- C:\ComboFix [2010-03-20 01:18:07 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2010-03-19 23:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010-03-19 19:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Malwarebytes [2010-03-19 19:50:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-19 19:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-03-19 19:50:12 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-19 19:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-03-19 19:20:27 | 000,000,000 | R--D | C] -- C:\assembly [2010-03-19 15:14:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DivX [2010-03-19 13:28:40 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-03-19 13:27:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010-03-19 13:27:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010-03-19 13:27:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010-03-19 13:27:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010-03-19 13:26:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-03-19 13:25:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-03-19 01:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-03-19 01:02:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-03-19 00:02:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2010-03-18 22:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Browser [2010-03-18 10:09:26 | 000,974,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys [2010-03-18 10:09:26 | 000,334,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll [2010-03-18 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\cFosSpeed [2010-03-18 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy [2010-03-17 23:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory [2010-03-17 20:38:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-03-17 20:30:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\.dsig [2010-03-16 21:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\SYMBIAN [2010-03-15 23:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ovi [2010-03-15 23:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Ovi Suite [2010-03-15 14:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-03-15 14:23:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-03-15 14:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-03-15 14:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\NokiaAccount [2010-03-15 14:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Nokia [2010-03-15 12:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2010-03-15 12:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\Orb Networks [2010-03-15 12:36:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Moje obrazy [2010-03-15 12:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Nokia [2010-03-15 12:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic [2010-03-15 12:31:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization [2010-03-15 12:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies [2010-03-15 12:25:02 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [2010-03-15 12:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2010-03-15 12:24:27 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys [2010-03-15 12:24:26 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2010-03-15 12:24:25 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2010-03-15 12:24:24 | 000,022,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2010-03-15 12:24:23 | 000,660,480 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2010-03-15 12:24:23 | 000,018,048 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2010-03-15 12:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia [2010-03-15 12:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache [2010-03-11 18:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\ARTEGAPL [2010-02-24 22:13:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mateusz\Recent [2010-02-24 21:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010-02-20 14:27:39 | 000,105,088 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\av5flt.sys [2010-02-20 00:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\stonewall [2010-02-17 12:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-02-16 18:11:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\CHEMIA SKANY [2010-02-16 13:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ESET [2010-02-16 12:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-02-16 10:59:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs [2010-02-15 20:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2010-02-15 19:41:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com [2010-02-15 19:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com [2010-02-15 19:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2010-02-15 19:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2010-01-24 13:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client [2010-01-24 13:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2010-01-21 18:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\Allegro Image Resizer [2010-01-09 20:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Acronis [2009-12-02 12:27:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2009-06-17 21:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Sun [2009-06-17 21:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe [2009-06-17 09:00:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-06-16 22:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [6 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-03-22 11:37:39 | 000,138,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-03-22 11:37:15 | 000,214,816 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010-03-22 11:34:09 | 000,180,402 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\4B6Y1L.mp3 [2010-03-22 11:27:20 | 000,000,245 | ---- | M] () -- C:\WINDOWS\Msiosd.ini [2010-03-22 11:26:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-22 11:25:44 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-03-22 11:25:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-22 11:25:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-03-22 06:31:37 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mateusz\ntuser.ini [2010-03-22 06:31:36 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\Mateusz\NTUSER.DAT [2010-03-21 23:07:34 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-03-21 12:18:32 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ja tez to zauważyłem.doc [2010-03-20 11:18:46 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-03-20 11:02:50 | 003,895,562 | R--- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\ComboFix.exe [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2010-03-20 00:54:07 | 000,554,992 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-03-20 00:54:07 | 000,496,158 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-03-20 00:54:07 | 000,109,470 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-03-20 00:54:06 | 001,270,692 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-03-20 00:54:06 | 000,091,912 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-03-19 19:50:18 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-19 13:28:42 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-03-19 13:11:04 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-03-18 22:00:36 | 000,001,389 | ---- | M] () -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\ĚÚѶQQ.lnk [2010-03-18 18:40:49 | 000,380,712 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-03-18 10:11:14 | 000,000,222 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\cFos Traffic Shaping.lnk [2010-03-18 10:03:46 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\xp-AntiSpy.lnk [2010-03-17 23:03:44 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Wolfenstein - Enemy Territory.lnk [2010-03-17 22:09:55 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-03-17 12:26:18 | 000,974,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys [2010-03-17 12:26:14 | 000,334,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll [2010-03-17 00:42:23 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\11.doc [2010-03-15 23:46:13 | 000,001,844 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Map Loader.lnk [2010-03-15 23:43:08 | 000,030,592 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-03-15 22:36:15 | 003,652,222 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWSA_1.0.0.133.rar [2010-03-15 14:28:21 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk [2010-03-15 14:21:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-03-15 14:21:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf [2010-03-15 14:21:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-03-15 14:21:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-03-15 14:17:00 | 000,156,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-15 12:37:20 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Orb.lnk [2010-03-15 12:33:01 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk [2010-03-15 12:30:45 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Photos.lnk [2010-03-15 12:27:22 | 000,001,788 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Suite.lnk [2010-03-12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe [2010-03-08 18:42:31 | 000,576,156 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Psiloc_FontMagnifier_NokiaPL.sisx [2010-03-08 09:26:59 | 000,105,088 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\av5flt.sys [2010-03-03 22:33:38 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC [2010-02-24 22:02:57 | 000,094,230 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\cc_20100224_220248.reg [2010-02-24 21:59:34 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\CCleaner.lnk [2010-02-20 12:20:58 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bind x.doc [2010-02-20 12:18:32 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\bindy.cfg [2010-02-20 01:15:05 | 000,000,087 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\etconfig.cfg [2010-02-20 00:18:12 | 000,160,293 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\stonewall.zip [2010-02-17 13:08:57 | 000,000,750 | ---- | M] () -- C:\WINDOWS\win.ini [2010-02-17 12:55:44 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Spybot - Search & Destroy.lnk [2010-02-16 23:29:39 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\Mateusz\.recently-used.xbel [2010-02-01 17:31:12 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Kopia OCHRONA.doc [2010-01-31 11:02:30 | 001,822,208 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Budowa komorki1.ppt [2010-01-30 16:38:00 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Na matematyce były 3 zadania.doc [2010-01-30 10:34:09 | 000,070,144 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\OCHRONA.doc [2010-01-29 17:19:51 | 116,920,419 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\ochrona___rodowiska_16_i_23.11.09_www.przeklej.pl.rar [2010-01-26 17:19:11 | 009,785,856 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\skany z chemii.doc [2010-01-25 20:40:20 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-01-25 16:14:45 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Szanowna Pani dr Alicja Zawadzka.doc [2010-01-24 13:45:23 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2010-01-23 11:27:58 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Proszę o pomoc w rozwiązaniu zadania.doc [2010-01-22 14:11:39 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Mam miejsce na Bilbord Reklamowy.doc [2010-01-21 18:26:06 | 000,018,786 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\1.2010-01-21.jpg [2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [6 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-03-22 11:34:08 | 000,180,402 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\4B6Y1L.mp3 [2010-03-21 12:18:31 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ja tez to zauważyłem.doc [2010-03-21 11:45:35 | 001,736,704 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\DeleteFXPFilesInstall.exe [2010-03-19 19:50:18 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-19 13:28:42 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010-03-19 13:28:41 | 000,262,400 | ---- | C] () -- C:\cmldr [2010-03-19 13:27:19 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-03-19 13:27:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-03-19 13:27:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-03-19 13:27:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-03-19 13:27:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-03-19 13:24:44 | 003,895,562 | R--- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\ComboFix.exe [2010-03-18 22:00:36 | 000,001,389 | ---- | C] () -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\ĚÚѶQQ.lnk [2010-03-18 10:11:14 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\cFos Traffic Shaping.lnk [2010-03-18 10:03:46 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\xp-AntiSpy.lnk [2010-03-17 23:03:44 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Wolfenstein - Enemy Territory.lnk [2010-03-17 00:42:22 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\11.doc [2010-03-15 23:46:13 | 000,001,844 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Map Loader.lnk [2010-03-15 22:36:10 | 003,652,222 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWSA_1.0.0.133.rar [2010-03-15 14:21:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf [2010-03-15 14:21:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-03-15 14:16:15 | 000,091,672 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-03-15 12:37:20 | 000,000,839 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Orb.lnk [2010-03-15 12:36:16 | 000,001,855 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk [2010-03-15 12:33:01 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk [2010-03-15 12:30:45 | 000,001,845 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Photos.lnk [2010-03-15 12:27:21 | 000,001,788 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Suite.lnk [2010-03-11 10:10:02 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010-03-08 18:42:29 | 000,576,156 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Psiloc_FontMagnifier_NokiaPL.sisx [2010-02-24 22:02:52 | 000,094,230 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\cc_20100224_220248.reg [2010-02-24 21:59:34 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\CCleaner.lnk [2010-02-20 01:33:40 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bind x.doc [2010-02-20 01:13:39 | 000,000,087 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\etconfig.cfg [2010-02-20 01:09:18 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\bindy.cfg [2010-02-20 00:18:06 | 000,160,293 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\stonewall.zip [2010-02-17 13:14:10 | 000,008,627 | ---- | C] () -- C:\WINDOWS\System32\PAV_FOG.OPC [2010-02-17 12:55:44 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Spybot - Search & Destroy.lnk [2010-02-16 23:29:39 | 000,000,881 | ---- | C] () -- C:\Documents and Settings\Mateusz\.recently-used.xbel [2010-02-01 17:16:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Kopia OCHRONA.doc [2010-01-31 11:02:21 | 001,822,208 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Budowa komorki1.ppt [2010-01-30 16:38:00 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Na matematyce były 3 zadania.doc [2010-01-30 10:34:07 | 000,070,144 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\OCHRONA.doc [2010-01-29 14:37:24 | 116,920,419 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\ochrona___rodowiska_16_i_23.11.09_www.przeklej.pl.rar [2010-01-25 14:37:11 | 009,785,856 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\skany z chemii.doc [2010-01-24 13:43:44 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2010-01-23 11:27:57 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Proszę o pomoc w rozwiązaniu zadania.doc [2010-01-22 14:11:38 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Mam miejsce na Bilbord Reklamowy.doc [2010-01-21 18:56:29 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Szanowna Pani dr Alicja Zawadzka.doc [2010-01-21 18:23:31 | 000,018,786 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\1.2010-01-21.jpg [2009-10-06 20:10:36 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys [2009-09-02 23:04:20 | 000,018,053 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\NMM-MetaData.db [2009-06-23 09:27:29 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-06-19 07:54:50 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-06-18 20:50:12 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-06-17 21:46:21 | 000,000,010 | ---- | C] () -- C:\Program Files\eula.txt [2009-06-17 19:32:38 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-06-17 19:30:49 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-06-17 19:30:47 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-06-17 19:30:47 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-06-17 19:30:46 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-06-17 19:30:45 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-06-17 19:30:45 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-06-17 19:01:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-06-17 19:01:00 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-17 14:02:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2009-06-17 14:02:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll [2009-06-17 14:02:14 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Msiosd.ini [2009-06-17 12:04:10 | 000,027,184 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2009-06-16 22:23:28 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys [2009-06-16 22:19:45 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-06-01 10:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-06-01 10:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-06-01 10:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-06-01 10:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-06-01 10:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-06-01 10:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006-06-01 10:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2005-12-07 11:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2004-01-05 13:04:58 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [color=#E56717]========== LOP Check ==========[/color] [2010-01-08 19:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Acronis [2010-03-19 01:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2009-06-18 21:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-06-17 13:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2010-02-16 12:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-03-15 14:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-01-08 17:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-03-15 14:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-03-15 12:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic [2009-11-10 10:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-03-15 14:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2010-03-15 12:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache [2010-03-15 14:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-01-10 00:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Acronis [2009-06-18 22:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite [2010-03-15 22:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Datalayer [2010-03-21 11:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Desktopicon [2010-01-13 16:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2009-06-23 11:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GetRightToGo [2009-08-11 21:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\gtk-2.0 [2010-03-21 17:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\ipla [2010-03-19 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia [2010-03-15 23:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Ovi Suite [2009-06-23 10:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu [2009-11-10 10:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM [2010-03-15 23:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite [2010-01-24 14:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client [2010-03-22 11:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent [2010-03-09 20:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\VSO [2010-01-09 20:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Acronis [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log]
artega7 komentarz 22 marca 2010 Autor komentarz 22 marca 2010 To już nie wiem co z tym zrobić, ten odsyłacz nadal jest i nie da sie usunąć, moze mi ktoś coś poradzi
Psycholandia komentarz 22 marca 2010 komentarz 22 marca 2010 Daj loga z Combofixa: http://www.forumpc.pl/index.php?showtopic=153621
artega7 komentarz 22 marca 2010 Autor komentarz 22 marca 2010 Ten złośliwy plik ma nazwę internet exploer i znajduje się na pulpicie log z combofixa [log]ComboFix 10-03-21.04 - Mateusz 2010-03-22 16:08:04.5.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.349 [GMT 1:00] Uruchomiony z: c:\documents and settings\Mateusz\Pulpit\ComboFix.exe AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Mateusz\Dane aplikacji\Desktopicon c:\documents and settings\Mateusz\Dane aplikacji\Desktopicon\eBay.ico c:\documents and settings\Mateusz\Dane aplikacji\Desktopicon\uninst.exe . ((((((((((((((((((((((((( Pliki utworzone od 2010-02-22 do 2010-03-22 ))))))))))))))))))))))))))))))) . 2010-03-22 14:14 . 2010-03-22 14:14 -------- d-----w- c:\program files\FreeTime 2010-03-22 14:06 . 2010-03-22 14:06 -------- d-----w- c:\program files\Video Converter for Nokia Smartphones 2010-03-22 13:35 . 2010-03-22 13:35 -------- d-----w- c:\program files\Lonely Cat Games 2010-03-21 10:46 . 2010-03-21 10:46 -------- d-----w- c:\program files\JRTwine Software 2010-03-21 10:45 . 2010-03-21 10:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-03-21 10:28 . 2010-03-22 15:02 -------- d-----w- c:\program files\Unlocker 2010-03-21 10:22 . 2010-03-21 10:22 -------- d-----w- C:\!KillBox 2010-03-20 16:12 . 2010-03-20 16:12 -------- d-----w- C:\_OTL 2010-03-19 22:05 . 2010-03-19 22:05 -------- d-----w- c:\program files\ESET 2010-03-19 18:50 . 2010-03-19 18:50 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Malwarebytes 2010-03-19 18:50 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-19 18:50 . 2010-03-19 18:50 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes 2010-03-19 18:50 . 2010-03-19 18:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-19 18:50 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-19 18:20 . 2010-03-19 18:20 -------- d-----r- C:\assembly 2010-03-19 14:14 . 2010-03-19 14:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DivX 2010-03-19 00:02 . 2010-03-19 00:02 -------- d-----w- c:\program files\Alwil Software 2010-03-19 00:02 . 2010-03-19 00:02 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Alwil Software 2010-03-18 23:02 . 2010-03-18 23:02 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab 2010-03-18 21:00 . 2010-03-18 21:03 -------- d-----w- c:\program files\Browser 2010-03-18 09:09 . 2010-03-22 15:14 -------- d-----w- c:\program files\cFosSpeed 2010-03-18 09:09 . 2010-03-17 11:26 974040 ----a-w- c:\windows\system32\drivers\cfosspeed.sys 2010-03-18 09:09 . 2010-03-17 11:26 334040 ----a-w- c:\windows\system32\cfosspeed.dll 2010-03-18 09:03 . 2010-03-18 09:03 -------- d-----w- c:\program files\xp-AntiSpy 2010-03-17 22:03 . 2010-03-17 22:10 -------- d-----w- c:\program files\Wolfenstein - Enemy Territory 2010-03-17 19:37 . 2010-03-17 19:37 503808 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-659f3100-n\msvcp71.dll 2010-03-17 19:37 . 2010-03-17 19:37 499712 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-659f3100-n\jmc.dll 2010-03-17 19:37 . 2010-03-17 19:37 348160 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-659f3100-n\msvcr71.dll 2010-03-17 19:37 . 2010-03-17 19:37 61440 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-57638374-n\decora-sse.dll 2010-03-17 19:37 . 2010-03-17 19:37 12800 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-57638374-n\decora-d3d.dll 2010-03-17 19:30 . 2010-03-17 19:30 -------- d-----w- c:\documents and settings\Mateusz\.dsig 2010-03-15 22:11 . 2010-03-15 22:11 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Nokia Ovi Suite 2010-03-15 13:27 . 2010-03-15 13:26 34819744 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}\NokiaSoftwareUpdaterSetup_2.4.6PL.exe 2010-03-15 13:26 . 2010-03-15 13:26 3351812 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}\Installer\CommonCustomActions\msxml6Exec.exe 2010-03-15 13:26 . 2010-03-15 13:26 36864 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}\Installer\CommonCustomActions\Sleep.exe 2010-03-15 13:26 . 2010-03-15 13:26 3203453 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}\Installer\CommonCustomActions\vcredistExec.exe 2010-03-15 13:26 . 2010-03-15 13:26 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Installations 2010-03-15 13:23 . 2010-03-15 13:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Nokia 2010-03-15 13:21 . 2008-04-13 23:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys 2010-03-15 13:21 . 2008-04-13 23:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys 2010-03-15 13:21 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll 2010-03-15 13:18 . 2010-03-22 15:06 -------- d-----w- c:\documents and settings\Mateusz\Ustawienia lokalne\Dane aplikacji\NokiaAccount 2010-03-15 13:18 . 2010-03-15 13:18 -------- d-----w- c:\documents and settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Nokia 2010-03-15 13:16 . 2010-03-22 15:01 91672 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2010-03-15 11:37 . 2010-03-15 13:17 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OrbNetworks 2010-03-15 11:37 . 2010-03-15 11:37 -------- d-----w- c:\program files\Orb Networks 2010-03-15 11:33 . 2010-03-15 22:46 -------- d-----w- c:\documents and settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Nokia 2010-03-15 11:32 . 2010-03-15 11:32 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NokiaMusic 2010-03-15 11:31 . 2010-03-22 13:33 -------- d-----w- c:\windows\Globalization 2010-03-15 11:30 . 2010-03-15 11:30 -------- d-----w- c:\program files\Common Files\muvee Technologies 2010-03-15 11:25 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2010-03-15 11:24 . 2010-03-15 11:24 -------- d-----w- c:\program files\PC Connectivity Solution 2010-03-15 11:24 . 2009-12-30 10:25 137344 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys 2010-03-15 11:24 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys 2010-03-15 11:24 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys 2010-03-15 11:24 . 2009-12-30 10:30 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys 2010-03-15 11:24 . 2010-01-21 13:53 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys 2010-03-15 11:24 . 2009-12-30 10:30 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll 2010-03-15 11:24 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll 2010-03-15 11:24 . 2010-03-15 22:46 -------- d-----w- c:\program files\Nokia 2010-03-15 11:22 . 2010-03-15 11:22 12212040 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe 2010-03-15 11:22 . 2010-03-15 11:22 13930312 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe 2010-03-15 11:22 . 2010-03-15 11:22 77824 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe 2010-03-15 11:22 . 2010-03-15 11:22 61440 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx86.exe 2010-03-15 11:22 . 2010-03-15 11:22 58880 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx64.exe 2010-03-15 11:22 . 2010-03-15 11:22 50000 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe 2010-03-15 11:22 . 2010-03-15 11:22 98366952 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_11_update.exe 2010-03-15 11:22 . 2010-03-15 11:22 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache 2010-03-10 16:35 . 2010-03-10 16:35 152576 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll 2010-03-10 16:35 . 2010-03-10 16:35 79488 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll 2010-03-10 16:34 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2010-02-24 20:59 . 2010-02-24 20:59 -------- d-----w- c:\program files\CCleaner . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-22 15:15 . 2009-10-28 18:39 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\uTorrent 2010-03-22 14:37 . 2009-06-17 09:53 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Winamp 2010-03-22 13:27 . 2004-08-04 12:00 555336 ----a-w- c:\windows\system32\perfh015.dat 2010-03-22 13:27 . 2004-08-04 12:00 109690 ----a-w- c:\windows\system32\perfc015.dat 2010-03-22 13:06 . 2009-06-23 08:27 138328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-03-22 13:05 . 2009-06-23 08:27 214816 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-03-21 16:29 . 2009-06-23 10:43 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\ipla 2010-03-19 21:57 . 2009-06-17 12:25 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2010-03-19 12:52 . 2009-06-17 12:11 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Nokia 2010-03-19 07:43 . 2009-12-15 12:54 -------- d-----w- c:\program files\Google 2010-03-17 21:38 . 2009-06-23 08:54 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2010-03-17 21:19 . 2009-09-24 14:10 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Skype 2010-03-17 21:10 . 2009-09-24 14:19 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\skypePM 2010-03-17 19:38 . 2009-06-17 12:22 -------- d-----w- c:\program files\Common Files\Java 2010-03-17 19:37 . 2009-06-17 12:22 -------- d-----w- c:\program files\Java 2010-03-15 22:43 . 2009-06-16 21:48 30592 ----a-w- c:\documents and settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-03-15 22:09 . 2009-06-17 12:09 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\PC Suite 2010-03-15 21:52 . 2009-07-03 21:47 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Datalayer 2010-03-15 13:21 . 2010-03-15 13:21 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2010-03-15 13:21 . 2010-03-15 13:21 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2010-03-15 13:17 . 2009-06-17 12:09 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\PC Suite 2010-03-15 11:30 . 2009-06-17 12:09 -------- d-----w- c:\program files\Common Files\Nokia 2010-03-15 11:25 . 2009-06-17 12:10 -------- d-----w- c:\program files\DIFX 2010-03-15 11:24 . 2009-06-17 12:09 -------- d-----w- c:\program files\Common Files\PCSuite 2010-03-09 19:24 . 2009-10-06 19:12 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Creative 2010-03-09 19:24 . 2009-06-23 10:32 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\VSO 2010-03-08 15:26 . 2010-02-15 19:48 -------- d-----w- c:\program files\Panda Security 2010-03-08 15:26 . 2009-06-16 21:18 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-03-08 08:26 . 2010-02-20 13:27 105088 ----a-w- c:\windows\system32\drivers\av5flt.sys 2010-02-17 12:04 . 2010-02-17 11:55 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-02-16 11:38 . 2010-02-16 11:38 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET 2010-02-16 11:18 . 2010-02-15 18:41 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-02-15 18:42 . 2010-02-15 18:42 52224 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll 2010-02-15 18:42 . 2010-02-15 18:42 117760 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2010-02-15 18:41 . 2010-02-15 18:41 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SUPERAntiSpyware.com 2010-02-15 18:41 . 2010-02-15 18:41 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com 2010-02-15 18:19 . 2010-02-15 18:06 -------- d-----w- c:\program files\SkanerOnline 2010-02-15 17:17 . 2009-06-19 06:55 -------- d-----w- c:\program files\Common Files\Adobe 2010-01-24 13:00 . 2010-01-24 12:43 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\TS3Client 2010-01-24 12:43 . 2010-01-24 12:43 -------- d-----w- c:\program files\TeamSpeak 3 Client 2010-01-21 17:20 . 2010-01-21 17:20 -------- d-----w- c:\program files\Allegro Image Resizer 2010-01-13 15:20 . 2010-01-13 15:20 54272 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\GanymedeNet\Online Games\Common\ielauncher.exe 2010-01-13 15:20 . 2010-01-13 15:20 4 ----a-w- c:\windows\system32\proc625010911.bin 2010-01-09 22:33 . 2010-01-09 22:33 0 ----a-w- c:\windows\nsreg.dat 2010-01-09 18:31 . 2010-01-09 18:31 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2010-01-09 18:31 . 2009-12-02 11:33 441760 ----a-w- c:\windows\system32\drivers\timntr.sys 2010-01-09 18:31 . 2010-01-09 18:31 129248 ----a-w- c:\windows\system32\drivers\snapman.sys 2010-01-09 18:30 . 2010-01-09 18:30 368480 ----a-w- c:\windows\system32\drivers\tdrpman.sys 2009-12-31 16:50 . 2004-08-04 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-30 10:30 . 2009-06-17 12:09 91136 ----a-w- c:\windows\system32\nmwcdcls.dll 2009-06-24 07:42 . 2009-06-17 20:46 10 ----a-w- c:\program files\eula.txt . ((((((((((((((((((((((((((((( SnapShot@2010-03-19_12.34.57 ))))))))))))))))))))))))))))))))))))))))) . + 2010-03-22 15:02 . 2010-03-22 15:02 16384 c:\windows\Temp\Perflib_Perfdata_688.dat + 2004-08-04 12:00 . 2010-03-22 13:27 92048 c:\windows\system32\perfc009.dat - 2004-08-04 12:00 . 2010-03-17 19:37 92048 c:\windows\system32\perfc009.dat + 2009-11-16 08:06 . 2009-11-16 08:06 96408 c:\windows\system32\drivers\epfwtdir.sys + 2010-03-19 22:06 . 2010-03-19 22:06 10134 c:\windows\Installer\{1871FE54-36AA-478F-B374-A46BA54474CC}\callmsi.exe + 2010-03-21 10:46 . 2010-03-21 10:46 5120 c:\windows\Installer\{D3E29D5A-B772-4578-9075-4272569504E2}\IconCA8CA8DE.exe + 2004-08-04 12:00 . 2010-03-22 13:27 496294 c:\windows\system32\perfh009.dat - 2004-08-04 12:00 . 2010-03-17 19:37 496294 c:\windows\system32\perfh009.dat + 2009-11-16 08:03 . 2009-11-16 08:03 108792 c:\windows\system32\drivers\ehdrv.sys + 2009-11-16 07:56 . 2009-11-16 07:56 116520 c:\windows\system32\drivers\eamon.sys + 2010-03-21 10:46 . 2010-03-21 10:46 854016 c:\windows\Installer\70a51.msi + 2010-03-19 22:06 . 2010-03-19 22:06 101480 c:\windows\Installer\{1871FE54-36AA-478F-B374-A46BA54474CC}\egui.exe + 2010-03-19 22:05 . 2010-03-19 22:06 1139200 c:\windows\Installer\5e0b6.msi . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136] "PcSync"="d:\nokia\Nokia PC Suite 6\PcSync2.exe" [2006-04-11 1409024] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 95536] "Nowe Gadu-Gadu"="d:\nowe gadu-gadu\gg.exe" [2009-08-31 11391592] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-28 289072] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-02-24 385928] "Orb"="c:\program files\Orb Networks\Orb\bin\OrbTray.exe" [2008-05-14 507904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632] "SkyTel"="SkyTel.EXE" [2006-05-16 2879488] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560] "nwiz"="nwiz.exe" [2006-06-01 1519616] "NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "MULTIMEDIA KEYBOARD"="c:\program files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-07-11 176128] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 54576] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664] "Live! Central"="c:\program files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe" [2008-05-08 438399] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-02-27 2611368] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-02-27 910088] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-02-27 140568] "Adobe Reader Speed Launcher"="d:\adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "WinampAgent"="d:\winamp\winampa.exe" [2010-01-13 37888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672] "cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2010-03-17 819416] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "VF0560Inst"="c:\windows\system32\V0560Pin.dll" [2008-06-02 40960] c:\documents and settings\Mateusz\Menu Start\Programy\Autostart\ ·éăQQ.lnk - c:\windows\system32\wscript.exe [2004-8-4 155648] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ HP Digital Imaging Monitor.lnk - c:\program files\HP\digital imaging\bin\hpqtra08.exe [2003-9-16 237568] Microsoft Office.lnk - d:\microsoft office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"= "d:\\Nowe Gadu-Gadu\\gg.exe"= "d:\\eMule\\emule.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"= "c:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"= "c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"= "c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"= "c:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe"= "c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4662:TCP"= 4662:TCP:eMule "4672:UDP"= 4672:UDP:eMule R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-11-16 108792] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-11-16 96408] R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2009-06-17 6656] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960] R2 MSSQL$ACRONIS;SQL Server (ACRONIS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2009-10-06 145952] R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [2009-10-06 31616] R3 V0560Afx;Creative Camera VF0560 Audio Effects Driver;c:\windows\system32\drivers\V0560Afx.sys [2009-10-06 160768] R3 V0560Vid;Creative Live! Cam Optia AF Driver;c:\windows\system32\drivers\V0560Vid.sys [2009-10-06 286592] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-06-18 721904] S2 nhksrv;Netropa NHK Server;c:\program files\Netropa\Multimedia Keyboard\nhksrv.exe [2009-06-17 28672] S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-03-15 137344] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.onet.pl/ IE: E&ksport do programu Microsoft Excel - d:\micros~1\Office10\EXCEL.EXE/3000 IE: Funkcja Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html DPF: {4B4513E2-43DF-4E57-9496-FCD37E9DFA64} - hxxp://cached.gamedesire.com/g_bin/pl/navy_2_0_0_33.cab FF - ProfilePath - c:\documents and settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.onet.pl/ FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll FF - plugin: d:\adobe\Reader 9.0\Reader\browser\nppdf32.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - USUNIĘTO PUSTE WPISY - - - - HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe AddRemove-eBay Icon - c:\documents and settings\Mateusz\Dane aplikacji\Desktopicon\uninst.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-22 16:14 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e1,cc,6d,5c,3f,d1,1e,44,bc,e7,01,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e1,cc,6d,5c,3f,d1,1e,44,bc,e7,01,\ . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'lsass.exe'(1368) c:\windows\system32\relog_ap.dll . Czas ukończenia: 2010-03-22 16:17:03 ComboFix-quarantined-files.txt 2010-03-22 15:17 ComboFix2.txt 2010-03-20 10:21 ComboFix3.txt 2010-03-20 00:12 ComboFix4.txt 2010-03-19 12:45 ComboFix5.txt 2010-03-22 15:06 Przed: 317 464 178 688 bajtów wolnych Po: 318 516 023 296 bajtów wolnych - - End Of File - - 33DBF6AF02B8AC31D2E87F8AEA440D66[/log]
Psycholandia komentarz 22 marca 2010 komentarz 22 marca 2010 Jest czysto. Plik przeskanuj tu: http://www.virustotal.com/pl/ i daj wynik.
artega7 komentarz 23 marca 2010 Autor komentarz 23 marca 2010 Nie mogę tego przeskanować, ponieważ program tego nie widzi, miałem ten sam problem jak chciałem go usunąć specjalnymi programami.
Psycholandia komentarz 23 marca 2010 komentarz 23 marca 2010 Spróbuj usunąć plik za pomocą tego: [u][b][url="http://www.programosy.pl/program,pocket-killbox.html"]KLIK[/url][/b][/u] log wygląda na czysty, więc to nie wina wirusów.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.