luka92 utworzono 30 lipca 2010 utworzono 30 lipca 2010 (edytowane) Witam Chciałbym się dowiedzieć czy będą jakieś komplikacje jeśli antywirus usunął mi wyżej wymieniony plik? Jeśli tak to jak to naprawić? Z góry dziękuje za odpowiedz [color="#ff0000"]//przenoszę do subforum Logi do sprawdzenia //raaz [/color]
Sohei komentarz 31 lipca 2010 komentarz 31 lipca 2010 nie ma komplikacji gdyż jest to wirus. Wrzuć logi z programów: [url=http://oldtimer.geekstogo.com/OTL.exe][b][color=blue]OTL[/color][/b][/url] Ustaw [b]Processes[/b] i [b]Modules[/b] na [b]All[/b] a w [b]Custom Scans/Fixes[/b] wklej: [quote]netsvcs msconfig safebootminimal safebootnetwork %systemdrive%\*.*[/quote] [url=http://images.malwareremoval.com/random/RSIT.exe][b][color=blue]RSIT[/color][/b][/url] [url=http://www.gmer.net/][b][color=blue]Gmer[/color][/b][/url] GMER, zakładka Rootkit/Malware, klikasz Szukaj, po skanie Kopiuj lub Zapisz.
luka92 komentarz 31 lipca 2010 Autor komentarz 31 lipca 2010 A to z każdego z tych programów masz wrzucić log? [log]OTL logfile created on: 2010-07-31 12:11:31 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\ChOpOkI\Downloads Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 25,60 Gb Total Space | 3,48 Gb Free Space | 13,60% Space Free | Partition Type: NTFS Drive D: | 88,89 Gb Total Space | 47,44 Gb Free Space | 53,37% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 1,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 6,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS I: Drive not present or media not loaded Drive Z: | 465,75 Gb Total Space | 294,28 Gb Free Space | 63,18% Space Free | Partition Type: NTFS Computer Name: LUKAPC Current User Name: ChOpOkI Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-07-31 12:10:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ChOpOkI\Downloads\OTL.exe PRC - [2010-07-23 00:02:16 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Users\ChOpOkI\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010-07-22 01:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-07-21 15:14:38 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-06-20 04:04:47 | 000,035,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe PRC - [2010-06-13 12:04:44 | 000,988,632 | ---- | M] (Crystal Dew World) -- C:\Program Files\CrystalDiskInfo\DiskInfo.exe PRC - [2010-06-03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010-05-15 20:16:58 | 000,557,056 | ---- | M] (BitLeader) -- C:\Program Files\lg_fwupdate\fwupdate.exe PRC - [2010-03-20 13:50:48 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\ChOpOkI\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe PRC - [2010-03-13 06:54:28 | 008,546,848 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-02-03 06:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2010-02-03 06:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010-02-03 00:25:08 | 000,389,120 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe PRC - [2010-02-03 00:24:26 | 000,385,024 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009-04-22 18:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009-04-22 18:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2009-04-11 00:28:16 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 00:28:10 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009-04-11 00:28:08 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2009-04-11 00:28:06 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-04-11 00:28:06 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 00:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2009-04-11 00:28:00 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 00:28:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 00:27:50 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 00:27:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-01-27 22:37:24 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2009-01-27 22:30:20 | 002,387,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe PRC - [2008-02-28 17:39:08 | 002,049,320 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\NBHGui.exe PRC - [2008-02-28 17:39:08 | 000,053,032 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe PRC - [2008-02-28 17:38:58 | 001,440,552 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe PRC - [2008-01-19 00:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008-01-19 00:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:16 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-19 00:33:16 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2008-01-19 00:33:06 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2007-09-28 14:32:40 | 000,318,976 | ---- | M] (BySoft) -- C:\Program Files\BySoft FreeRAM\FreeRAM.exe PRC - [2007-05-14 04:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2007-01-02 21:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2006-12-10 21:52:38 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-12-10 21:51:08 | 000,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2006-09-28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006-05-24 08:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkASv2K.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-07-31 12:10:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ChOpOkI\Downloads\OTL.exe MOD - [2010-02-03 00:24:58 | 000,245,760 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraGH.dll MOD - [2010-02-03 00:24:30 | 000,208,896 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDMH.dll MOD - [2009-04-11 00:28:26 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2009-04-11 00:28:26 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 00:28:26 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 00:28:26 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 00:28:26 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 00:28:26 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-04-11 00:28:26 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-04-11 00:28:26 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 00:28:26 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 00:28:26 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 00:28:26 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-04-11 00:28:26 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 00:28:26 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 00:28:24 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2009-04-11 00:28:24 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 00:28:24 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 00:28:24 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 00:28:24 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 00:28:24 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 00:28:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 00:28:22 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 00:28:22 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 00:28:22 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 00:28:22 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 00:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 00:28:20 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 00:28:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 00:28:18 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 00:28:18 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 00:27:50 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-04-11 00:27:14 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-04-11 00:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008-01-19 00:37:14 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-19 00:36:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-19 00:36:48 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-19 00:36:36 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-19 00:35:58 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-19 00:34:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2008-01-19 00:34:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2008-01-19 00:33:54 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-19 00:33:46 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2008-01-19 00:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-02-03 06:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2008-02-28 17:39:08 | 000,053,032 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv) SRV - [2008-02-28 17:38:58 | 001,440,552 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe -- (InCDsrvR) SRV - [2008-01-19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2006-09-28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006-05-24 08:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkASv2K.exe -- (StkASSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\DualCoreCenter\RushTop.sys -- (RushTopDevice2) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mtk.sys -- (MTK) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys -- (DualCoreCenter) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ChOpOkI\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\GIGABYTE\atBIOS\ATIToolNew\atidgllk.sys -- (atidgllk) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\AmdLLD.sys -- (AmdLLD) DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-06-28 22:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-03-28 12:34:10 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-03-28 12:34:10 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-03-20 13:54:20 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-03-13 06:45:36 | 003,036,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010-02-23 11:51:14 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv) DRV - [2010-02-23 11:51:14 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010-02-03 06:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag) DRV - [2010-02-03 05:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010-01-28 16:33:28 | 000,097,792 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-11-29 02:38:27 | 000,094,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\sXe Injected\ddsxei.sys -- (ddsxeiservice) DRV - [2009-04-10 22:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2009-03-27 02:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132) DRV - [2009-02-09 03:32:16 | 000,022,328 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2008-08-06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-28 15:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008-02-28 17:38:58 | 000,040,360 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm) DRV - [2008-02-28 17:38:48 | 000,128,424 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2008-02-28 17:38:48 | 000,038,952 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007-12-14 09:21:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 4\LU4\FlashSys.sys -- (FLASHSYS) DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006-09-27 05:01:36 | 000,241,628 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkAMini.sys -- (StkAMini) DRV - [2006-08-02 08:44:04 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkScan.sys -- (StkScan) DRV - [2002-01-12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PortTalk.sys -- (PortTalk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found. O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [DelReg] C:\Program Files\MSI\DualCoreCenter\DelReg.exe File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe (Nero AG) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [BySoft FreeRAM] C:\Program Files\BySoft FreeRAM\FreeRAM.exe (BySoft) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [Grid] C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe () O4 - HKCU..\Run: [Halo2] C:\Windows\System32\sshnas21.DLL File not found O4 - HKCU..\Run: [HDD Observer] C:\Program Files\HDD Observer\HDD Observer.exe File not found O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD) O4 - HKCU..\Run: [XA5RJ9EADJ] C:\Users\ChOpOkI\AppData\Local\Temp\Zdx.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\ChOpOkI\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\ChOpOkI\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1ac6f5d0-46fe-11df-bc84-0024212c6963}\Shell\AutoRun\command - "" = SEVEBOMBA/gasgas.exe O33 - MountPoints2\{1ac6f5d0-46fe-11df-bc84-0024212c6963}\Shell\open\command - "" = SEVEBOMBA/gasgas.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-07-31 12:11:41 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-26 21:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\sXe Injected [2010-07-26 17:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVIConverter [2010-07-26 14:05:49 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\Documents\EA Games [2010-07-26 13:51:52 | 000,000,000 | ---D | C] -- C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP [2010-07-26 13:32:07 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\Documents\Disney Interactive Studios [2010-07-26 01:30:47 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\Application Data [2010-07-26 01:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\iOrgSoft [2010-07-26 00:48:03 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\AppData\Roaming\Broad Intelligence [2010-07-21 15:14:37 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\AppData\Local\PunkBuster [2010-07-02 14:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [2010-07-01 22:37:29 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\Documents\Electronic Arts [2010-07-01 22:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE [2010-07-01 13:19:09 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\Documents\Test Drive Unlimited [2010-07-01 13:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Test Drive Unlimited [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-07-31 12:12:30 | 003,145,728 | -HS- | M] () -- C:\Users\ChOpOkI\NTUSER.DAT [2010-07-31 12:08:16 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempef2952.html [2010-07-31 12:08:16 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempvZ2952.html [2010-07-31 12:07:42 | 000,000,366 | ---- | M] () -- C:\Windows\lgfwup.ini [2010-07-31 12:07:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-07-31 12:07:10 | 000,006,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-07-31 12:07:10 | 000,006,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-07-31 12:07:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-07-31 12:07:01 | 2146,623,488 | -HS- | M] () -- C:\hiberfil.sys [2010-07-31 00:51:05 | 000,524,288 | -HS- | M] () -- C:\Users\ChOpOkI\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms [2010-07-31 00:51:05 | 000,065,536 | -HS- | M] () -- C:\Users\ChOpOkI\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf [2010-07-31 00:50:55 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempWh2072.html [2010-07-31 00:50:55 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempQr2072.html [2010-07-31 00:50:50 | 003,568,787 | -H-- | M] () -- C:\Users\ChOpOkI\AppData\Local\IconCache.db [2010-07-30 23:55:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1761140026-1881255608-711954670-1000UA.job [2010-07-30 22:55:38 | 000,002,052 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\Google Chrome.lnk [2010-07-30 15:20:56 | 000,000,478 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ChOpOkI.job [2010-07-30 12:55:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1761140026-1881255608-711954670-1000Core.job [2010-07-29 20:34:13 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010-07-29 20:34:12 | 000,032,768 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-29 01:19:14 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempxK2972.html [2010-07-29 01:19:14 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempyf2972.html [2010-07-28 00:19:18 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempVh1284.html [2010-07-28 00:19:18 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempmS1284.html [2010-07-27 16:48:28 | 000,004,317 | ---- | M] () -- C:\Users\ChOpOkI\Documents\ax_files.xml [2010-07-27 16:21:56 | 000,000,631 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Wymarzone Podróże.lnk [2010-07-27 16:04:45 | 000,000,649 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Kariera.lnk [2010-07-27 14:26:48 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempaC2652.html [2010-07-27 14:26:48 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempLQ2652.html [2010-07-27 00:21:17 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempTV3012.html [2010-07-27 00:21:17 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempyQ3012.html [2010-07-26 23:53:45 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempkp1816.html [2010-07-26 23:53:45 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempHz1816.html [2010-07-26 23:27:26 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-07-26 23:27:26 | 000,661,818 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-07-26 23:27:26 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-07-26 23:27:26 | 000,126,702 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-07-26 23:27:26 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-07-26 21:08:46 | 000,000,852 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\sXe Injected.lnk [2010-07-26 20:56:02 | 000,000,686 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\Counter Strike 1.6 Non Steam.lnk [2010-07-26 20:56:02 | 000,000,662 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\Dedicated Server.lnk [2010-07-26 20:54:00 | 000,000,457 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk [2010-07-26 20:52:40 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempVu1408.html [2010-07-26 13:27:54 | 000,000,675 | ---- | M] () -- C:\Users\Public\Desktop\Split Second.lnk [2010-07-26 01:48:20 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempRW3952.html [2010-07-26 01:48:20 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempjC3952.html [2010-07-26 00:43:15 | 000,000,503 | ---- | M] () -- C:\Windows\win.ini [2010-07-26 00:31:45 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempcK3624.html [2010-07-26 00:31:45 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TemplF3624.html [2010-07-25 19:29:47 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempse3584.html [2010-07-25 19:29:47 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempjZ3584.html [2010-07-21 15:14:50 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-07-20 13:02:18 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-07-18 20:04:55 | 000,001,432 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\DivX Movies.lnk [2010-07-18 20:04:36 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010-07-17 14:11:51 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempOO3864.html [2010-07-17 14:11:51 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempoa3864.html [2010-07-08 11:54:24 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempFy3632.html [2010-07-08 11:54:24 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempYy3632.html [2010-07-05 15:53:52 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempIc3032.html [2010-07-05 15:53:52 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempaC3032.html [2010-07-02 16:58:13 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempkT1116.html [2010-07-02 16:58:13 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempaX1116.html [2010-07-01 22:35:28 | 000,000,609 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-07-31 12:08:16 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\Tempef2952.html [2010-07-31 12:08:16 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempvZ2952.html [2010-07-30 13:25:42 | 001,839,104 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\mt410.iso [2010-07-30 12:02:21 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempWh2072.html [2010-07-30 12:02:21 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempQr2072.html [2010-07-29 20:46:23 | 062,236,656 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\motherloadsetup.exe [2010-07-28 12:18:04 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempxK2972.html [2010-07-28 12:18:04 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\Tempyf2972.html [2010-07-27 16:21:56 | 000,000,631 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Wymarzone Podróże.lnk [2010-07-27 16:04:45 | 000,000,649 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Kariera.lnk [2010-07-27 15:24:42 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempVh1284.html [2010-07-27 15:24:42 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempmS1284.html [2010-07-27 12:07:22 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempaC2652.html [2010-07-27 12:07:22 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempLQ2652.html [2010-07-26 23:57:24 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempTV3012.html [2010-07-26 23:57:24 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempyQ3012.html [2010-07-26 21:22:48 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\Tempkp1816.html [2010-07-26 21:22:48 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempHz1816.html [2010-07-26 21:08:46 | 000,000,852 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\sXe Injected.lnk [2010-07-26 20:56:02 | 000,000,686 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\Counter Strike 1.6 Non Steam.lnk [2010-07-26 20:56:02 | 000,000,662 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\Dedicated Server.lnk [2010-07-26 20:54:00 | 000,000,457 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk [2010-07-26 13:27:54 | 000,000,675 | ---- | C] () -- C:\Users\Public\Desktop\Split Second.lnk [2010-07-26 12:52:09 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempVu1408.html [2010-07-26 00:41:15 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempRW3952.html [2010-07-26 00:41:15 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempjC3952.html [2010-07-26 00:31:15 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempcK3624.html [2010-07-26 00:31:15 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TemplF3624.html [2010-07-25 18:31:03 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\Tempse3584.html [2010-07-25 18:31:03 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempjZ3584.html [2010-07-21 15:14:50 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-07-21 15:14:43 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010-07-21 15:14:38 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010-07-20 13:01:16 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-07-17 14:11:37 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempOO3864.html [2010-07-17 14:11:37 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\Tempoa3864.html [2010-07-08 11:52:23 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempYy3632.html [2010-07-08 11:52:21 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempFy3632.html [2010-07-05 13:05:13 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempIc3032.html [2010-07-05 13:05:13 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempaC3032.html [2010-07-02 16:29:00 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempkT1116.html [2010-07-02 16:29:00 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempaX1116.html [2010-07-01 22:35:28 | 000,000,609 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk [2010-05-16 11:48:02 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-05-16 11:48:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2010-05-15 20:31:45 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010-05-15 20:16:16 | 000,000,366 | ---- | C] () -- C:\Windows\lgfwup.ini [2010-05-15 13:40:35 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2010-05-15 13:40:34 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2010-05-15 13:40:34 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2010-05-06 16:01:59 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2010-04-06 21:33:09 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-03-28 12:34:10 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-03-28 12:34:10 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-03-20 13:54:20 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-03-20 00:15:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-03-19 23:51:37 | 000,000,753 | ---- | C] () -- C:\Windows\ATICIM.INI [2010-03-19 22:11:21 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2010-02-03 05:22:36 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007-11-14 06:57:54 | 000,223,744 | ---- | C] () -- C:\Windows\System32\b4fm.dll [2006-11-02 14:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005-01-16 11:49:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2005-01-16 11:47:48 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2002-10-06 22:42:57 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll [2002-10-05 03:04:25 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2002-10-05 03:04:24 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2002-10-05 03:04:17 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys < End of report >[/log] [color="#FF0000"]//Logi wstawiamy w tag [log][/log]!! //Sohei[/color]Więc jak z tym logiem co jest źle? i sorki nie wiedziałem o tym że trzeba w tag
Sohei komentarz 31 lipca 2010 komentarz 31 lipca 2010 Wklejasz to do OTL i run fix. [code]:Processes Explorer.exe :OTL O4 - HKCU..\Run: [XA5RJ9EADJ] C:\Users\ChOpOkI\AppData\Local\Temp\Zdx.exe File not found O4 - HKCU..\Run: [Halo2] C:\Windows\System32\sshnas21.DLL File not found O33 - MountPoints2\{1ac6f5d0-46fe-11df-bc84-0024212c6963}\Shell\AutoRun\command - "" = SEVEBOMBA/gasgas.exe O33 - MountPoints2\{1ac6f5d0-46fe-11df-bc84-0024212c6963}\Shell\open\command - "" = SEVEBOMBA/gasgas.exe [2010-07-29 01:19:14 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempxK2972.html [2010-07-29 01:19:14 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempyf2972.html [2010-07-28 00:19:18 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempVh1284.html [2010-07-28 00:19:18 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempmS1284.html [2010-07-27 14:26:48 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempaC2652.html [2010-07-27 14:26:48 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempLQ2652.html [2010-07-27 00:21:17 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempTV3012.html [2010-07-27 00:21:17 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempyQ3012.html [2010-07-26 23:53:45 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempkp1816.html [2010-07-26 23:53:45 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempHz1816.html [2010-07-26 20:52:40 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempVu1408.html [2010-07-26 01:48:20 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempRW3952.html [2010-07-26 01:48:20 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempjC3952.html [2010-07-26 00:31:45 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempcK3624.html [2010-07-26 00:31:45 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TemplF3624.html [2010-07-25 19:29:47 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempse3584.html [2010-07-25 19:29:47 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempjZ3584.html [2010-07-17 14:11:51 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempOO3864.html [2010-07-17 14:11:51 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\Tempoa3864.html [2010-07-08 11:54:24 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempFy3632.html [2010-07-08 11:54:24 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempYy3632.html [2010-07-05 15:53:52 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempIc3032.html [2010-07-05 15:53:52 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempaC3032.html [2010-07-02 16:58:13 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempkT1116.html [2010-07-02 16:58:13 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempaX1116.html :files C:\Windows\System32\sshnas21.DLL C:\Users\ChOpOkI\AppData\Local\Temp\Zdx.exe C:\Users\ChOpOkI\AppData\Local\Tempef2952.html C:\Users\ChOpOkI\AppData\Local\TempvZ2952.html C:\Users\ChOpOkI\AppData\Local\TempWh2072.htm C:\Users\ChOpOkI\AppData\Local\TempQr2072.html :Commands [emptytemp] [start explorer] [Reboot][/code] Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url] Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url] Co znajda usun po czym daj logi z usuwania + nowy log OTL
luka92 komentarz 1 sierpnia 2010 Autor komentarz 1 sierpnia 2010 (edytowane) Dr Web nic nie wykrył ale log jest za długi żeby go wstawić MBAM wykrył dwa problemy i usunął [log]Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 4052 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 2010-08-01 00:34:54 mbam-log-2010-08-01 (00-34-54).txt Typ skanowania: Pełne skanowanie (C:\|Z:\|) Przeskanowano obiektów: 229897 Upłynęło: 33 minut(y), 24 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 2 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 0 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: (Nie znaleziono zagrożeń) [/log] OTL log [log]OTL logfile created on: 2010-08-01 14:01:14 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\ChOpOkI\Downloads Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 25,60 Gb Total Space | 5,56 Gb Free Space | 21,73% Space Free | Partition Type: NTFS Drive D: | 88,89 Gb Total Space | 47,52 Gb Free Space | 53,46% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 1,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 6,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS I: Drive not present or media not loaded Drive Z: | 465,75 Gb Total Space | 294,28 Gb Free Space | 63,18% Space Free | Partition Type: NTFS Computer Name: LUKAPC Current User Name: ChOpOkI Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-07-31 22:57:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ChOpOkI\Downloads\OTL.exe PRC - [2010-07-23 00:02:16 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Users\ChOpOkI\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010-07-22 01:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-07-21 15:14:38 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-06-13 12:04:44 | 000,988,632 | ---- | M] (Crystal Dew World) -- C:\Program Files\CrystalDiskInfo\DiskInfo.exe PRC - [2010-06-03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010-05-15 20:16:58 | 000,557,056 | ---- | M] (BitLeader) -- C:\Program Files\lg_fwupdate\fwupdate.exe PRC - [2010-03-20 13:50:48 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\ChOpOkI\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe PRC - [2010-03-13 06:54:28 | 008,546,848 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-02-03 06:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2010-02-03 06:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010-02-03 00:25:08 | 000,389,120 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe PRC - [2010-02-03 00:24:26 | 000,385,024 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009-04-22 18:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009-04-22 18:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2009-04-11 00:28:16 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 00:28:10 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009-04-11 00:28:08 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2009-04-11 00:28:06 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-04-11 00:28:06 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 00:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2009-04-11 00:28:00 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 00:28:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 00:27:50 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 00:27:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-01-27 22:37:24 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2009-01-27 22:30:20 | 002,387,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe PRC - [2008-02-28 17:39:08 | 002,049,320 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\NBHGui.exe PRC - [2008-02-28 17:39:08 | 000,053,032 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe PRC - [2008-02-28 17:38:58 | 001,440,552 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe PRC - [2008-01-19 00:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008-01-19 00:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-19 00:33:20 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe PRC - [2008-01-19 00:33:16 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-19 00:33:16 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2008-01-19 00:33:06 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2007-09-28 14:32:40 | 000,318,976 | ---- | M] (BySoft) -- C:\Program Files\BySoft FreeRAM\FreeRAM.exe PRC - [2007-05-14 04:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2007-01-02 21:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2006-12-10 21:52:38 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-12-10 21:51:08 | 000,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2006-09-28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006-05-24 08:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkASv2K.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-07-31 22:57:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ChOpOkI\Downloads\OTL.exe MOD - [2010-02-03 00:24:58 | 000,245,760 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraGH.dll MOD - [2010-02-03 00:24:30 | 000,208,896 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDMH.dll MOD - [2009-04-11 00:28:26 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2009-04-11 00:28:26 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 00:28:26 | 001,167,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2009-04-11 00:28:26 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 00:28:26 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 00:28:26 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 00:28:26 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-04-11 00:28:26 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-04-11 00:28:26 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 00:28:26 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 00:28:26 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 00:28:26 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-04-11 00:28:26 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 00:28:26 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 00:28:24 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2009-04-11 00:28:24 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 00:28:24 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 00:28:24 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 00:28:24 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 00:28:24 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 00:28:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 00:28:22 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 00:28:22 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 00:28:22 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 00:28:22 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 00:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 00:28:20 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 00:28:20 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2009-04-11 00:28:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 00:28:18 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 00:28:18 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 00:27:50 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-04-11 00:27:14 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-04-11 00:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008-01-19 00:37:14 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-19 00:36:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-19 00:36:48 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-19 00:36:36 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-19 00:35:58 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-19 00:34:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2008-01-19 00:34:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2008-01-19 00:33:54 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-19 00:33:46 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2008-01-19 00:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-02-03 06:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2008-02-28 17:39:08 | 000,053,032 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv) SRV - [2008-02-28 17:38:58 | 001,440,552 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe -- (InCDsrvR) SRV - [2008-01-19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2006-09-28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006-05-24 08:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkASv2K.exe -- (StkASSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\DualCoreCenter\RushTop.sys -- (RushTopDevice2) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mtk.sys -- (MTK) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO) DRV - File not found [File_System | Unknown | Running] -- -- (DwProt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys -- (DualCoreCenter) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ChOpOkI\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\GIGABYTE\atBIOS\ATIToolNew\atidgllk.sys -- (atidgllk) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\AmdLLD.sys -- (AmdLLD) DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-06-28 22:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-03-28 12:34:10 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-03-28 12:34:10 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-03-20 13:54:20 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-03-13 06:45:36 | 003,036,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010-02-23 11:51:14 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv) DRV - [2010-02-23 11:51:14 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010-02-03 06:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag) DRV - [2010-02-03 05:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010-01-28 16:33:28 | 000,097,792 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-11-29 02:38:27 | 000,094,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\sXe Injected\ddsxei.sys -- (ddsxeiservice) DRV - [2009-04-10 22:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2009-03-27 02:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132) DRV - [2009-02-09 03:32:16 | 000,022,328 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2008-08-06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-28 15:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008-02-28 17:38:58 | 000,040,360 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm) DRV - [2008-02-28 17:38:48 | 000,128,424 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2008-02-28 17:38:48 | 000,038,952 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007-12-14 09:21:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 4\LU4\FlashSys.sys -- (FLASHSYS) DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006-09-27 05:01:36 | 000,241,628 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkAMini.sys -- (StkAMini) DRV - [2006-08-02 08:44:04 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkScan.sys -- (StkScan) DRV - [2002-01-12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PortTalk.sys -- (PortTalk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found. O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [DelReg] C:\Program Files\MSI\DualCoreCenter\DelReg.exe File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe (Nero AG) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [BySoft FreeRAM] C:\Program Files\BySoft FreeRAM\FreeRAM.exe (BySoft) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [Grid] C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe () O4 - HKCU..\Run: [HDD Observer] C:\Program Files\HDD Observer\HDD Observer.exe File not found O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\ChOpOkI\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\ChOpOkI\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{57253830-9c8b-11df-9c84-0024212c6963}\Shell\AutoRun\command - "" = I:\Toshiba\Launcher\start.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - File not found SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-07-31 23:03:29 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\DoctorWeb [2010-07-31 22:58:09 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-31 19:51:38 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\AppData\Roaming\Malwarebytes [2010-07-31 19:51:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010-07-31 19:51:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010-07-31 19:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-07-31 19:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-07-26 21:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\sXe Injected [2010-07-26 17:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVIConverter [2010-07-26 14:05:49 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\Documents\EA Games [2010-07-26 13:32:07 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\Documents\Disney Interactive Studios [2010-07-26 01:30:47 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\Application Data [2010-07-26 01:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\iOrgSoft [2010-07-26 00:48:03 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\AppData\Roaming\Broad Intelligence [2010-07-21 15:14:37 | 000,000,000 | ---D | C] -- C:\Users\ChOpOkI\AppData\Local\PunkBuster [2010-07-02 14:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-08-01 14:02:34 | 003,145,728 | -HS- | M] () -- C:\Users\ChOpOkI\NTUSER.DAT [2010-08-01 13:55:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1761140026-1881255608-711954670-1000UA.job [2010-08-01 13:40:08 | 000,006,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-08-01 13:40:08 | 000,006,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-08-01 12:55:01 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1761140026-1881255608-711954670-1000Core.job [2010-08-01 12:15:40 | 000,000,366 | ---- | M] () -- C:\Windows\lgfwup.ini [2010-08-01 11:41:36 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempSE3076.html [2010-08-01 11:41:36 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempEQ3076.html [2010-08-01 11:40:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-08-01 11:40:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-08-01 11:40:04 | 2146,623,488 | -HS- | M] () -- C:\hiberfil.sys [2010-08-01 00:37:35 | 000,524,288 | -HS- | M] () -- C:\Users\ChOpOkI\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms [2010-08-01 00:37:35 | 000,065,536 | -HS- | M] () -- C:\Users\ChOpOkI\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf [2010-08-01 00:37:19 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempRi2164.html [2010-08-01 00:37:19 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempVL2164.html [2010-08-01 00:37:09 | 003,561,337 | -H-- | M] () -- C:\Users\ChOpOkI\AppData\Local\IconCache.db [2010-07-31 22:58:09 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempJx1396.html [2010-07-31 22:58:09 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempYW1396.html [2010-07-31 22:56:24 | 000,065,752 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\GDIPFONTCACHEV1.DAT [2010-07-31 22:55:25 | 000,000,478 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ChOpOkI.job [2010-07-31 22:55:11 | 000,267,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-07-31 20:41:40 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010-07-31 20:41:29 | 000,042,496 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-31 19:51:26 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-07-31 17:02:01 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-07-31 17:02:01 | 000,661,818 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-07-31 17:02:01 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-07-31 17:02:01 | 000,126,702 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-07-31 17:02:01 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-07-30 22:55:38 | 000,002,052 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\Google Chrome.lnk [2010-07-27 16:48:28 | 000,004,317 | ---- | M] () -- C:\Users\ChOpOkI\Documents\ax_files.xml [2010-07-27 16:21:56 | 000,000,631 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Wymarzone Podróże.lnk [2010-07-27 16:04:45 | 000,000,649 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Kariera.lnk [2010-07-26 21:08:46 | 000,000,852 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\sXe Injected.lnk [2010-07-26 20:56:02 | 000,000,686 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\Counter Strike 1.6 Non Steam.lnk [2010-07-26 20:56:02 | 000,000,662 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\Dedicated Server.lnk [2010-07-26 20:54:00 | 000,000,457 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk [2010-07-26 13:27:54 | 000,000,675 | ---- | M] () -- C:\Users\Public\Desktop\Split Second.lnk [2010-07-26 00:43:15 | 000,000,503 | ---- | M] () -- C:\Windows\win.ini [2010-07-21 15:14:50 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-07-20 13:02:18 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-07-18 20:04:55 | 000,001,432 | ---- | M] () -- C:\Users\ChOpOkI\Desktop\DivX Movies.lnk [2010-07-18 20:04:36 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-01 11:41:36 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempSE3076.html [2010-08-01 11:41:36 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempEQ3076.html [2010-07-31 23:01:20 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempRi2164.html [2010-07-31 23:01:20 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempVL2164.html [2010-07-31 22:57:26 | 000,002,432 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempJx1396.html [2010-07-31 22:57:26 | 000,002,089 | ---- | C] () -- C:\Users\ChOpOkI\AppData\Local\TempYW1396.html [2010-07-31 19:51:26 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-07-30 13:25:42 | 001,839,104 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\mt410.iso [2010-07-29 20:46:23 | 062,236,656 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\motherloadsetup.exe [2010-07-27 16:21:56 | 000,000,631 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Wymarzone Podróże.lnk [2010-07-27 16:04:45 | 000,000,649 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Kariera.lnk [2010-07-26 21:08:46 | 000,000,852 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\sXe Injected.lnk [2010-07-26 20:56:02 | 000,000,686 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\Counter Strike 1.6 Non Steam.lnk [2010-07-26 20:56:02 | 000,000,662 | ---- | C] () -- C:\Users\ChOpOkI\Desktop\Dedicated Server.lnk [2010-07-26 20:54:00 | 000,000,457 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk [2010-07-26 13:27:54 | 000,000,675 | ---- | C] () -- C:\Users\Public\Desktop\Split Second.lnk [2010-07-21 15:14:50 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-07-21 15:14:43 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010-07-21 15:14:38 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010-07-20 13:01:16 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-05-16 11:48:02 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-05-16 11:48:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2010-05-15 20:31:45 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010-05-15 20:16:16 | 000,000,366 | ---- | C] () -- C:\Windows\lgfwup.ini [2010-05-15 13:40:35 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2010-05-15 13:40:34 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2010-05-15 13:40:34 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2010-05-06 16:01:59 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2010-04-06 21:33:09 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-03-28 12:34:10 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-03-28 12:34:10 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-03-20 13:54:20 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-03-20 00:15:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-03-19 23:51:37 | 000,000,753 | ---- | C] () -- C:\Windows\ATICIM.INI [2010-03-19 22:11:21 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2010-02-03 05:22:36 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007-11-14 06:57:54 | 000,223,744 | ---- | C] () -- C:\Windows\System32\b4fm.dll [2006-11-02 14:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005-01-16 11:49:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2005-01-16 11:47:48 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2002-10-06 22:42:57 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll [2002-10-05 03:04:25 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2002-10-05 03:04:24 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2002-10-05 03:04:17 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-05-12 19:29:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2009-04-11 00:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2010-03-19 16:22:47 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010-05-12 20:27:31 | 000,000,066 | ---- | M] () -- C:\cme.cfg [2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-05-12 21:37:20 | 000,171,136 | RHS- | M] () -- C:\grldr [2010-08-01 11:40:04 | 2146,623,488 | -HS- | M] () -- C:\hiberfil.sys [2010-05-06 15:25:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-06-23 17:16:41 | 000,014,227 | ---- | M] () -- C:\LU4.log [2010-05-06 15:25:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-14 00:01:44 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010-08-01 11:40:03 | 2460,430,336 | -HS- | M] () -- C:\pagefile.sys < End of report > [/log] Coś trzeba jeszcze zrobić? czy wszystko jest już ok, z góry już dzięki za pomoc bo problem zniknął
Sohei komentarz 1 sierpnia 2010 komentarz 1 sierpnia 2010 [code]:Processes Explorer.exe :OTL [2010-08-01 11:41:36 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempSE3076.html [2010-08-01 11:41:36 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempEQ3076.html [2010-08-01 00:37:19 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempRi2164.html [2010-08-01 00:37:19 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempVL2164.html [2010-08-01 00:37:09 | 003,561,337 | -H-- | M] () -- C:\Users\ChOpOkI\AppData\Local\IconCache.db [2010-07-31 22:58:09 | 000,002,432 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempJx1396.html [2010-07-31 22:58:09 | 000,002,089 | ---- | M] () -- C:\Users\ChOpOkI\AppData\Local\TempYW1396.html :files :Commands [emptytemp] [start explorer] [Reboot][/code] Do OTL i run fix. To będzie już wszystko:)
luka92 komentarz 1 sierpnia 2010 Autor komentarz 1 sierpnia 2010 dzięki wielkie w takim razie temat do zamkniecie
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.