elizawgwldz utworzono 19 sierpnia 2010 utworzono 19 sierpnia 2010 Witam.Trojan Killer wykrył mi herss.exe ,jest on dla mnie bardzo uciążliwy, wykonałam logi w OTL według wskazówek podanych tutaj w przyklejonych tematach, bardzo proszę o przejrzenie ich,jakieś łatwe omówienie ich i pomoc.pozdrawiam [log]OTL logfile created on: 2010-08-19 17:41:01 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Lucyna Kocon\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,00 Mb Total Physical Memory | 75,00 Mb Available Physical Memory | 29,00% Memory free 714,00 Mb Paging File | 360,00 Mb Available in Paging File | 50,00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,95 Gb Total Space | 0,88 Gb Free Space | 5,86% Space Free | Partition Type: NTFS Drive D: | 75,48 Gb Total Space | 53,95 Gb Free Space | 71,47% Space Free | Partition Type: FAT32 Drive E: | 29,30 Gb Total Space | 25,34 Gb Free Space | 86,47% Space Free | Partition Type: NTFS Drive F: | 29,29 Gb Total Space | 27,34 Gb Free Space | 93,35% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOMM Current User Name: Lucyna Kocon Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-08-12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2010-08-09 12:19:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\OTL.exe PRC - [2010-07-18 15:55:30 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2010-06-09 10:06:33 | 000,976,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe PRC - [2010-02-22 13:42:40 | 026,101,032 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe PRC - [2010-02-22 13:42:40 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2010-02-02 00:32:16 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010-02-02 00:32:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2009-11-24 12:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe PRC - [2009-11-20 11:17:12 | 000,434,176 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-04-30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-10-16 18:22:20 | 000,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe PRC - [2007-04-16 16:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2006-03-02 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2006-03-02 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2005-11-09 11:35:58 | 003,063,808 | ---- | M] () -- C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe PRC - [2004-08-04 01:55:54 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-09 12:19:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\OTL.exe MOD - [2010-04-16 17:37:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 10:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 15:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 15:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 14:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-08-12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2009-04-30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2008-10-16 18:22:20 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-08-03 13:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2008-09-24 11:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008-05-16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) DRV - [2008-05-16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) DRV - [2008-05-16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008-05-16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008-05-16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV - [2008-05-16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008-05-16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1 FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.29 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9 FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.62 FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-25 00:50:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-25 00:50:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-08-19 11:52:07 | 000,000,000 | ---D | M] [2010-02-27 18:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Extensions [2010-08-19 17:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions [2010-08-04 23:52:12 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-06-02 23:42:47 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-04-08 23:08:25 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2010-08-04 23:52:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} [2010-08-04 23:52:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-06-29 12:46:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2010-08-04 23:52:15 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-04-02 17:30:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2010-06-08 23:00:34 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\searchplugins\conduit.xml [2010-08-19 17:26:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-02-27 18:34:08 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Steganos Internet Anonym) - {00000000-5736-4205-0008-f7ed0776fb27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll () O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Steganos Internet Anonym) - {00000000-5736-4205-0008-F7ED0776FB27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\Run: [Cmaudio] File not found O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKCU..\Run: [cdoosoft] C:\DOCUME~1\LUCYNA~1\USTAWI~1\Temp\herss.exe File not found O4 - HKCU..\Run: [dso32] C:\DOCUME~1\LUCYNA~1\USTAWI~1\Temp\dsoqq.exe File not found O4 - HKCU..\Run: [nod32] C:\DOCUME~1\LUCYNA~1\USTAWI~1\Temp\nodqq.exe File not found O4 - HKCU..\Run: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe () O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\Lucyna Kocon\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Secure Surfing Engine\sselsp.dll () O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.31.148.1 78.31.144.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-27 17:40:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - Service SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-19 11:56:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\ESET [2010-08-19 11:56:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\ESET [2010-08-19 11:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2010-08-19 11:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-08-19 11:48:35 | 006,986,501 | ---- | C] (Franmo Software ) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\odk12.4.0.30setup(dobreprogramy.pl).exe [2010-08-17 02:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Pulpit\skróty [2010-08-17 00:39:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\Downloads [2010-08-17 00:37:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\BitTorrent [2010-08-17 00:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent [2010-08-10 02:49:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs [2010-08-10 02:45:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2010-08-10 02:28:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010-08-10 02:24:35 | 000,000,000 | ---D | C] -- C:\ERDNT [2010-08-10 02:24:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2010-08-10 02:24:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-08-10 02:24:22 | 000,000,000 | ---D | C] -- C:\!FixIEDef [2010-08-10 02:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\HDCleaner [2010-08-09 12:21:21 | 000,000,000 | ---D | C] -- C:\_OTL [2010-08-09 12:19:45 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\OTL.exe [2010-08-08 03:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\.oit [2010-08-07 17:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\Kroll Ontrack [2010-08-07 15:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\DiskGenius [2010-08-07 14:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\PandoraRecovery [2010-08-07 14:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\Pandora Recovery [2010-08-04 11:50:36 | 000,140,752 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys [2010-08-03 13:28:36 | 000,055,256 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [2010-07-29 13:31:26 | 000,134,512 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys [2010-07-29 13:31:26 | 000,115,008 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys [2010-07-29 13:31:26 | 000,032,608 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys [2010-07-28 14:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars [2010-07-18 15:54:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Google [2010-07-18 15:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView [2010-07-16 13:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010-07-07 16:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\ForceField Shared Files [2010-07-07 16:54:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\CheckPoint [2010-07-07 16:53:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit [2010-07-07 16:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2010-07-07 16:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2010-06-29 13:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\dwhelper [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-19 17:30:09 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\RSIT.exe [2010-08-19 17:10:06 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-08-19 17:07:51 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-08-19 17:07:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-19 17:07:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-19 17:07:40 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys [2010-08-19 12:49:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-08-19 11:48:59 | 006,986,501 | ---- | M] (Franmo Software ) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\odk12.4.0.30setup(dobreprogramy.pl).exe [2010-08-19 11:47:39 | 043,806,720 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ess_trial_nt32_plk.msi [2010-08-19 10:37:09 | 002,883,584 | -H-- | M] () -- C:\Documents and Settings\Lucyna Kocon\NTUSER.DAT [2010-08-19 10:36:56 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Lucyna Kocon\ntuser.ini [2010-08-19 00:18:41 | 003,234,358 | -H-- | M] () -- C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-18 19:31:47 | 000,014,613 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\The_Soviet_Story_ 2008 _[DVDRip XviD-LAP]_[Napisy_PL][Torrenty.org].torrent [2010-08-17 10:26:41 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part4.rar [2010-08-17 02:13:08 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part3.rar [2010-08-17 01:41:24 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part2.rar [2010-08-17 01:11:10 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part1.rar [2010-08-17 00:37:27 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk [2010-08-16 00:14:55 | 000,051,321 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ja Totek i Josin.jpg [2010-08-16 00:12:32 | 000,039,910 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ja i Toteczek.jpg [2010-08-15 13:59:20 | 000,846,484 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00533.JPG [2010-08-15 13:56:28 | 000,794,086 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00532.JPG [2010-08-15 13:56:16 | 000,757,276 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00531.JPG [2010-08-09 12:19:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\OTL.exe [2010-08-08 02:54:31 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys [2010-08-03 13:28:36 | 000,055,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys [2010-07-18 15:53:13 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\IrfanView.lnk [2010-07-07 16:52:48 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2010-06-20 20:59:47 | 002,981,182 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020408.JPG [2010-06-20 20:57:58 | 003,138,923 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020399.JPG [2010-06-20 20:55:39 | 001,948,139 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020290.JPG [2010-06-20 20:54:17 | 003,709,858 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020396.JPG [2010-06-20 20:52:18 | 002,344,752 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020252.JPG [2010-06-20 20:49:09 | 000,689,198 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\10062010060.jpg [2010-06-20 20:49:09 | 000,096,789 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\27868_115734341803881_100001019476981_95349_700502_n.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-19 17:29:53 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\RSIT.exe [2010-08-19 11:44:22 | 043,806,720 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ess_trial_nt32_plk.msi [2010-08-18 19:31:40 | 000,014,613 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\The_Soviet_Story_ 2008 _[DVDRip XviD-LAP]_[Napisy_PL][Torrenty.org].torrent [2010-08-17 10:13:58 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part4.rar [2010-08-17 02:00:02 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part3.rar [2010-08-17 01:28:25 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part2.rar [2010-08-17 00:58:11 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part1.rar [2010-08-17 00:37:27 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk [2010-08-16 00:14:55 | 000,051,321 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ja Totek i Josin.jpg [2010-08-16 00:12:32 | 000,039,910 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ja i Toteczek.jpg [2010-08-15 13:59:20 | 000,846,484 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00533.JPG [2010-08-15 13:56:28 | 000,794,086 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00532.JPG [2010-08-15 13:56:16 | 000,757,276 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00531.JPG [2010-08-07 17:45:20 | 000,000,634 | ---- | C] () -- C:\WINDOWS\System32\MAPISVC.INF [2010-07-18 15:53:13 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\IrfanView.lnk [2010-06-20 20:58:15 | 002,981,182 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020408.JPG [2010-06-20 20:56:20 | 003,138,923 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020399.JPG [2010-06-20 20:54:39 | 001,948,139 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020290.JPG [2010-06-20 20:52:23 | 003,709,858 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020396.JPG [2010-06-20 20:51:05 | 002,344,752 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\P1020252.JPG [2010-06-20 20:48:45 | 000,096,789 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\27868_115734341803881_100001019476981_95349_700502_n.jpg [2010-06-20 20:48:10 | 000,689,198 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\10062010060.jpg [2010-05-09 14:10:00 | 000,000,160 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2010-04-25 23:58:49 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-04-25 23:58:49 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-02-27 18:36:11 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-02-19 02:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [color=#E56717]========== LOP Check ==========[/color] [2010-03-03 22:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-08-19 11:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-08-08 03:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\.oit [2010-08-19 01:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\BitTorrent [2010-07-07 16:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\CheckPoint [2010-08-19 11:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\ESET [2010-07-18 22:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Nowe Gadu-Gadu [2010-03-14 17:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\OpenOffice.org [2010-08-07 14:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\PandoraRecovery [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-06-14 18:21:42 | 000,116,736 | RHS- | M] () -- C:\2ul.exe [2010-02-27 17:40:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-02-27 17:33:46 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-02-27 17:40:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-08-19 17:07:40 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys [2010-02-27 17:40:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-27 17:40:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-08-19 17:30:36 | 502,972,416 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\agp440.sys [2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\eventlog.dll [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\winlogon.exe [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2010-08-19 17:41:01 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Lucyna Kocon\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,00 Mb Total Physical Memory | 75,00 Mb Available Physical Memory | 29,00% Memory free 714,00 Mb Paging File | 360,00 Mb Available in Paging File | 50,00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,95 Gb Total Space | 0,88 Gb Free Space | 5,86% Space Free | Partition Type: NTFS Drive D: | 75,48 Gb Total Space | 53,95 Gb Free Space | 71,47% Space Free | Partition Type: FAT32 Drive E: | 29,30 Gb Total Space | 25,34 Gb Free Space | 86,47% Space Free | Partition Type: NTFS Drive F: | 29,29 Gb Total Space | 27,34 Gb Free Space | 93,35% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOMM Current User Name: Lucyna Kocon Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.) "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000000-5736-4205-1000-F7ED0776FB27}" = Steganos Internet Anonym 2006 (8.0.1) "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{62621555-6310-433D-983E-957D707DC535}" = ESET Smart Security "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.0 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5 "{A9179A20-2862-11D5-8CC2-00C0CA129740}" = Test Drive 6 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FC4FF5F4-2265-4E18-8BBC-12CBA9794388}_is1" = DiskGenius 3.3 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Applian FLV Player2.0.24" = Applian FLV Player "Ask Toolbar_is1" = ZoneAlarm Spy Blocker Toolbar "BitTorrent" = BitTorrent "C-Media Audio Driver" = C-Media WDM Audio Driver "ESET Online Scanner" = ESET Online Scanner v3 "HDCleaner" = HDCleaner "IrfanView" = IrfanView (remove only) "mIRC" = mIRC "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "PandoraRecovery" = PandoraRecovery (Remove Only) "Testy B 2009_is1" = Testy B 2009 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xvid_is1" = Xvid 1.2.2 final uninstall [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-07 20:42:39 | Computer Name = DOMM | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3855, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-08-07 20:42:52 | Computer Name = DOMM | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3855, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-08-07 20:43:02 | Computer Name = DOMM | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3855, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-08-07 20:43:15 | Computer Name = DOMM | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3855, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-08-08 07:10:28 | Computer Name = DOMM | Source = Google Update | ID = 20 Description = Error - 2010-08-09 05:37:10 | Computer Name = DOMM | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.3855, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.3520, adres błędu 0x0000100b. Error - 2010-08-19 05:18:51 | Computer Name = DOMM | Source = MsiInstaller | ID = 11905 Description = Product: Ontrack EasyRecovery Professional Trial -- Error 1905.Module C:\Program Files\Kroll Ontrack\Ontrack EasyRecovery Professional Trial\WordRepair.dll failed to unregister. HRESULT . Contact your support personnel. Error - 2010-08-19 05:18:52 | Computer Name = DOMM | Source = MsiInstaller | ID = 11905 Description = Product: Ontrack EasyRecovery Professional Trial -- Error 1905.Module C:\Program Files\Kroll Ontrack\Ontrack EasyRecovery Professional Trial\PowerPointRepair.dll failed to unregister. HRESULT . Contact your support personnel. Error - 2010-08-19 05:18:53 | Computer Name = DOMM | Source = MsiInstaller | ID = 11905 Description = Product: Ontrack EasyRecovery Professional Trial -- Error 1905.Module C:\Program Files\Kroll Ontrack\Ontrack EasyRecovery Professional Trial\ExcelRepair.dll failed to unregister. HRESULT . Contact your support personnel. Error - 2010-08-19 11:14:56 | Computer Name = DOMM | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3855, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2010-08-07 17:09:39 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:09:43 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:09:46 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:09:49 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:09:53 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:09:56 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:09:59 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:10:03 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:10:06 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2010-08-07 17:10:09 | Computer Name = DOMM | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. < End of report > [/log] [color="#FF0000"]//Skoro przeczytałeś teamty przyklejone to dlaczego nie wstawiłeś logów w tagi ? //Zmieniam po raz pierwszy i ostatni. //Tom01[/color] ps:nie znam się ale wydaje mi się że oprócz herss jest jeszcze coś co sprawia problemy,jeśli mam powiedzieć dokładniej z czym komputer uprzykrza życie to spróbuję wymienić to co właśnie wpada mi do głowy : oczywiście wiesza się, wiesza się mozilla (ale w sposób złośliwy dość,raz cały dzień ani razu się nie zawiesi,raz dostaje nalotów że w ogóle nie da się korzystać),często cofa samo strony przy przeglądaniu w mozilli, komputer nie widzi cd-romu, nie można wyświetlić ukrytych plików, zużycie procesora skacze znienacka do 100%, jeśli klikam np.na jakiś folder prawym przyciskiem myszy żeby chcieć zobaczyć właściwości to barrrrrdzo długo myśli a i zdarza się że muszę parę razy próbować to zrobić, chyba 2-3 razy zdarzyło się że nie mogłam dokończyć instalacji programu,po prostu w połowie paski postępowe instalacji znikały i nic dalej nie mogłam zrobić, i ogólnie standardowo trzeba dodać że komputer muli się i krztusi. Naprawdę będę wdzięczna za każde zainteresowanie tematem i pomoc.dziękuję
Tomek01 komentarz 19 sierpnia 2010 komentarz 19 sierpnia 2010 Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}" FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=" [2010-06-08 23:00:34 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\searchplugins\conduit.xml O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Steganos Internet Anonym) - {00000000-5736-4205-0008-f7ed0776fb27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll () 03 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Steganos Internet Anonym) - {00000000-5736-4205-0008-F7ED0776FB27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll () O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKCU..\Run: [cdoosoft] C:\DOCUME~1\LUCYNA~1\USTAWI~1\Temp\herss.exe File not found O4 - HKCU..\Run: [dso32] C:\DOCUME~1\LUCYNA~1\USTAWI~1\Temp\dsoqq.exe File not found O4 - HKCU..\Run: [nod32] C:\DOCUME~1\LUCYNA~1\USTAWI~1\Temp\nodqq.exe File not found O4 - HKCU..\Run: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe () :Files C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit C:\Program Files\Conduit :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzucasz log z usuwania oraz nowe logi OTL i RSIT (w tagi !!!).
elizawgwldz komentarz 19 sierpnia 2010 Autor komentarz 19 sierpnia 2010 log z usuwania z OTL: [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== Prefs.js: "ZoneAlarm Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=" removed from keyword.URL C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\searchplugins\conduit.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. C:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{00000000-5736-4205-0008-f7ed0776fb27} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-5736-4205-0008-f7ed0776fb27}\ deleted successfully. c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00000000-5736-4205-0008-F7ED0776FB27} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-5736-4205-0008-F7ED0776FB27}\ not found. File c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ deleted successfully. File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dso32 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nod32 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SIA2006 deleted successfully. C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe moved successfully. ========== FILES ========== C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit\Toolbar\Facebook folder moved successfully. C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit\Toolbar folder moved successfully. C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit\Community Alerts\Log folder moved successfully. C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit\Community Alerts\LanguagePacks folder moved successfully. C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit\Community Alerts\Feeds folder moved successfully. C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit\Community Alerts folder moved successfully. C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Conduit folder moved successfully. C:\Program Files\Conduit\Community Alerts folder moved successfully. C:\Program Files\Conduit folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 1015148 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Lucyna Kocon ->Temp folder emptied: 145015979 bytes ->Temporary Internet Files folder emptied: 9292774 bytes ->FireFox cache emptied: 43330771 bytes ->Flash cache emptied: 4600 bytes User: NetworkService ->Temp folder emptied: 2032396 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1468074057 bytes RecycleBin emptied: 417271228 bytes Total Files Cleaned = 1 989,00 mb OTL by OldTimer - Version 3.2.9.1 log created on 08192010_184111 Files\Folders moved on Reboot... Registry entries deleted on Reboot...[/log] nowy log z OTL: [log]OTL logfile created on: 2010-08-19 18:55:07 - Run 2 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Lucyna Kocon\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,00 Mb Total Physical Memory | 41,00 Mb Available Physical Memory | 16,00% Memory free 618,00 Mb Paging File | 244,00 Mb Available in Paging File | 40,00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,95 Gb Total Space | 2,58 Gb Free Space | 17,28% Space Free | Partition Type: NTFS Drive D: | 75,48 Gb Total Space | 53,95 Gb Free Space | 71,47% Space Free | Partition Type: FAT32 Drive E: | 29,30 Gb Total Space | 25,34 Gb Free Space | 86,47% Space Free | Partition Type: NTFS Drive F: | 29,29 Gb Total Space | 27,34 Gb Free Space | 93,35% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOMM Current User Name: Lucyna Kocon Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-08-12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2010-08-09 12:19:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\OTL.exe PRC - [2010-07-25 00:49:49 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-07-18 15:55:30 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2010-06-09 10:06:33 | 000,976,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe PRC - [2010-02-22 13:42:40 | 026,101,032 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe PRC - [2010-02-22 13:42:40 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2010-02-02 00:32:16 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010-02-02 00:32:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2009-11-24 12:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe PRC - [2009-11-20 11:17:12 | 000,434,176 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-04-30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-10-16 18:22:20 | 000,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe PRC - [2007-04-16 16:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2006-03-02 14:00:00 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe PRC - [2006-03-02 14:00:00 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE PRC - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2006-03-02 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2006-03-02 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 01:55:54 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-09 12:19:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\OTL.exe MOD - [2010-04-16 17:37:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 10:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 15:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 15:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 14:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-08-12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2009-04-30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2008-10-16 18:22:20 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-08-03 13:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2008-09-24 11:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008-05-16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) DRV - [2008-05-16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) DRV - [2008-05-16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008-05-16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008-05-16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV - [2008-05-16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008-05-16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-507921405-1343024091-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-507921405-1343024091-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1 FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.29 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9 FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.62 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-08-19 18:27:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-25 00:50:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-08-19 11:52:07 | 000,000,000 | ---D | M] [2010-02-27 18:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Extensions [2010-08-19 17:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions [2010-08-04 23:52:12 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-06-02 23:42:47 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-04-08 23:08:25 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2010-08-04 23:52:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} [2010-08-04 23:52:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-06-29 12:46:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2010-08-04 23:52:15 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-04-02 17:30:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Mozilla\Firefox\Profiles\9zrt9k2g.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2010-08-19 17:26:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-02-27 18:34:08 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found. O3 - HKU\S-1-5-21-507921405-1343024091-682003330-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Cmaudio] File not found O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-507921405-1343024091-682003330-1004..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB) O4 - HKU\S-1-5-21-507921405-1343024091-682003330-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\.DEFAULT..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe File not found O4 - HKU\S-1-5-18..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe File not found O4 - Startup: C:\Documents and Settings\Lucyna Kocon\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-1343024091-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Secure Surfing Engine\sselsp.dll () O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.31.148.1 78.31.144.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-27 17:40:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - Service SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-08-19 18:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-08-19 18:23:16 | 000,000,000 | ---D | C] -- C:\rsit [2010-08-19 11:56:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\ESET [2010-08-19 11:56:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\ESET [2010-08-19 11:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2010-08-19 11:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-08-19 11:48:35 | 006,986,501 | ---- | C] (Franmo Software ) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\odk12.4.0.30setup(dobreprogramy.pl).exe [2010-08-17 02:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Pulpit\skróty [2010-08-17 00:39:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Moje dokumenty\Downloads [2010-08-17 00:37:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\BitTorrent [2010-08-17 00:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent [2010-08-10 02:49:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs [2010-08-10 02:45:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2010-08-10 02:28:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010-08-10 02:24:35 | 000,000,000 | ---D | C] -- C:\ERDNT [2010-08-10 02:24:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2010-08-10 02:24:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-08-10 02:24:22 | 000,000,000 | ---D | C] -- C:\!FixIEDef [2010-08-10 02:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\HDCleaner [2010-08-09 12:21:21 | 000,000,000 | ---D | C] -- C:\_OTL [2010-08-09 12:19:45 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\OTL.exe [2010-08-08 03:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\.oit [2010-08-07 17:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\Kroll Ontrack [2010-08-07 15:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\DiskGenius [2010-08-07 14:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\PandoraRecovery [2010-08-07 14:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\Pandora Recovery [2010-08-04 11:50:36 | 000,140,752 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys [2010-08-03 13:28:36 | 000,055,256 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [2010-07-29 13:31:26 | 000,134,512 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys [2010-07-29 13:31:26 | 000,115,008 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys [2010-07-29 13:31:26 | 000,032,608 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys [2010-07-28 14:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-08-19 18:43:40 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-08-19 18:43:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-19 18:43:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-19 18:43:30 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys [2010-08-19 18:42:24 | 002,883,584 | -H-- | M] () -- C:\Documents and Settings\Lucyna Kocon\NTUSER.DAT [2010-08-19 18:42:00 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Lucyna Kocon\ntuser.ini [2010-08-19 18:09:18 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-08-19 17:30:09 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\RSIT.exe [2010-08-19 12:49:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-08-19 11:48:59 | 006,986,501 | ---- | M] (Franmo Software ) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\odk12.4.0.30setup(dobreprogramy.pl).exe [2010-08-19 11:47:39 | 043,806,720 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ess_trial_nt32_plk.msi [2010-08-19 00:18:41 | 003,234,358 | -H-- | M] () -- C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-18 19:31:47 | 000,014,613 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\The_Soviet_Story_ 2008 _[DVDRip XviD-LAP]_[Napisy_PL][Torrenty.org].torrent [2010-08-17 10:26:41 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part4.rar [2010-08-17 02:13:08 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part3.rar [2010-08-17 01:41:24 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part2.rar [2010-08-17 01:11:10 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part1.rar [2010-08-17 00:37:27 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk [2010-08-16 00:14:55 | 000,051,321 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ja Totek i Josin.jpg [2010-08-16 00:12:32 | 000,039,910 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ja i Toteczek.jpg [2010-08-15 13:59:20 | 000,846,484 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00533.JPG [2010-08-15 13:56:28 | 000,794,086 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00532.JPG [2010-08-15 13:56:16 | 000,757,276 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00531.JPG [2010-08-09 12:19:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucyna Kocon\Pulpit\OTL.exe [2010-08-08 02:54:31 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Lucyna Kocon\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys [2010-08-03 13:28:36 | 000,055,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-19 17:29:53 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\RSIT.exe [2010-08-19 11:44:22 | 043,806,720 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ess_trial_nt32_plk.msi [2010-08-18 19:31:40 | 000,014,613 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\The_Soviet_Story_ 2008 _[DVDRip XviD-LAP]_[Napisy_PL][Torrenty.org].torrent [2010-08-17 10:13:58 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part4.rar [2010-08-17 02:00:02 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part3.rar [2010-08-17 01:28:25 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part2.rar [2010-08-17 00:58:11 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\Neon_Genesis_Death_and_Rebirth___pl_subs.part1.rar [2010-08-17 00:37:27 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk [2010-08-16 00:14:55 | 000,051,321 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ja Totek i Josin.jpg [2010-08-16 00:12:32 | 000,039,910 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\ja i Toteczek.jpg [2010-08-15 13:59:20 | 000,846,484 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00533.JPG [2010-08-15 13:56:28 | 000,794,086 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00532.JPG [2010-08-15 13:56:16 | 000,757,276 | ---- | C] () -- C:\Documents and Settings\Lucyna Kocon\Pulpit\DSC00531.JPG [2010-08-07 17:45:20 | 000,000,634 | ---- | C] () -- C:\WINDOWS\System32\MAPISVC.INF [2010-05-09 14:10:00 | 000,000,160 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2010-04-25 23:58:49 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-04-25 23:58:49 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-02-27 18:36:11 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-02-19 02:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [color=#E56717]========== LOP Check ==========[/color] [2010-03-03 22:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-08-19 11:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-08-08 03:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\.oit [2010-08-19 01:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\BitTorrent [2010-07-07 16:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\CheckPoint [2010-08-19 11:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\ESET [2010-07-18 22:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Nowe Gadu-Gadu [2010-03-14 17:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\OpenOffice.org [2010-08-07 14:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\PandoraRecovery [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-06-14 18:21:42 | 000,116,736 | RHS- | M] () -- C:\2ul.exe [2010-02-27 17:40:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-02-27 17:33:46 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-02-27 17:40:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-08-19 18:43:30 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys [2010-02-27 17:40:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-27 17:40:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-08-19 18:43:30 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\agp440.sys [2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\eventlog.dll [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\winlogon.exe [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report >[/log] nowy log z RSIT: [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Lucyna Kocon at 2010-08-19 18:47:34 Microsoft Windows XP Home Edition Dodatek Service Pack 2 System drive C: has 3 GB (17%) free of 15 GB Total RAM: 255 MB (2% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:49:55, on 2010-08-19 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\notepad.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Documents and Settings\Lucyna Kocon\Pulpit\RSIT.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\trend micro\Lucyna Kocon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'Default user') O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{3FAE80D5-B86A-43BB-BF98-CE04BF55E5F0}: NameServer = 78.31.148.1,78.31.144.3 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- End of file - 5755 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-18 278192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-18 814648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {3041d03e-fd4b-44e0-b742-2d9b88305f98} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-18 278192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032] "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20 434176] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-07-18 39408] C:\Documents and Settings\Lucyna Kocon\Menu Start\Programy\Autostart OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-08-19 18:23:21 ----D---- C:\Program Files\trend micro 2010-08-19 18:23:16 ----D---- C:\rsit 2010-08-19 11:56:05 ----D---- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\ESET 2010-08-19 11:52:00 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ESET 2010-08-17 00:37:26 ----D---- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\BitTorrent 2010-08-17 00:37:21 ----D---- C:\Program Files\BitTorrent 2010-08-10 02:49:00 ----D---- C:\WINDOWS\Internet Logs 2010-08-10 02:28:10 ----HD---- C:\WINDOWS\PIF 2010-08-10 02:24:35 ----D---- C:\ERDNT 2010-08-10 02:24:32 ----D---- C:\WINDOWS\ERUNT 2010-08-10 02:24:32 ----D---- C:\WINDOWS\ERDNT 2010-08-10 02:24:22 ----D---- C:\!FixIEDef 2010-08-10 02:19:40 ----D---- C:\Program Files\HDCleaner 2010-08-09 12:21:21 ----D---- C:\_OTL 2010-08-08 03:18:10 ----D---- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\.oit 2010-08-07 17:44:50 ----D---- C:\Program Files\Kroll Ontrack 2010-08-07 15:18:20 ----D---- C:\Program Files\DiskGenius 2010-08-07 14:58:58 ----D---- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\PandoraRecovery 2010-08-07 14:58:47 ----D---- C:\Program Files\Pandora Recovery 2010-08-04 11:50:36 ----A---- C:\WINDOWS\system32\drivers\eamon.sys 2010-08-03 13:28:36 ----A---- C:\WINDOWS\system32\drivers\epfwtdi.sys 2010-07-29 13:31:26 ----A---- C:\WINDOWS\system32\drivers\epfwndis.sys 2010-07-29 13:31:26 ----A---- C:\WINDOWS\system32\drivers\epfw.sys 2010-07-29 13:31:26 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys 2010-07-28 14:45:36 ----D---- C:\Program Files\PokerStars ======List of files/folders modified in the last 1 months====== 2010-08-19 18:50:42 ----D---- C:\WINDOWS\Temp 2010-08-19 18:48:45 ----D---- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\Skype 2010-08-19 18:46:58 ----D---- C:\WINDOWS\Prefetch 2010-08-19 18:42:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-08-19 18:41:29 ----RD---- C:\Program Files 2010-08-19 18:41:24 ----D---- C:\Program Files\Steganos Internet Anonym 2006 2010-08-19 17:10:08 ----D---- C:\Documents and Settings\Lucyna Kocon\Dane aplikacji\skypePM 2010-08-19 17:08:53 ----D---- C:\WINDOWS 2010-08-19 12:47:34 ----HD---- C:\WINDOWS\inf 2010-08-19 12:47:32 ----D---- C:\WINDOWS\system32 2010-08-19 12:29:13 ----D---- C:\WINDOWS\system32\Restore 2010-08-19 12:15:08 ----D---- C:\WINDOWS\SoftwareDistribution 2010-08-19 11:55:40 ----SHD---- C:\WINDOWS\Installer 2010-08-19 11:53:33 ----D---- C:\WINDOWS\system32\drivers 2010-08-19 11:52:58 ----D---- C:\WINDOWS\system32\CatRoot2 2010-08-19 11:52:00 ----D---- C:\Program Files\ESET 2010-08-19 11:18:56 ----HD---- C:\Program Files\InstallShield Installation Information 2010-08-10 02:39:12 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2010-08-10 02:24:31 ----SHD---- C:\System Volume Information 2010-08-09 11:45:40 ----D---- C:\Program Files\GridinSoft Trojan Killer 2010-08-07 17:43:42 ----D---- C:\Program Files\Common Files\InstallShield 2010-07-25 00:51:56 ----D---- C:\Program Files\Mozilla Firefox ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 agp440;Filtr magistrali AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368] R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008] R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40320] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032] R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752] R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120] R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408] R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480] S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368] S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys [] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-10-16 464264] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144] R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-02 136176] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-18 182768] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336] -----------------EOF-----------------[/log]
Tomek01 komentarz 19 sierpnia 2010 komentarz 19 sierpnia 2010 Jeszcze coś się przypałętało, wklej do OTL: [code]:Processes Explorer.exe :OTL PRC - [2008-10-16 18:22:20 | 000,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe SRV - [2008-10-16 18:22:20 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService) O4 - HKU\.DEFAULT..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe File not found O4 - HKU\S-1-5-18..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe File not found :Files C:\Program Files\AskBarDis\bar\bin\AskService.exe :Commands [emptytemp] [start explorer] [Reboot] [/code] Run fix... Po wszystkim w OTL użyj funkcji Clean Up. Przeczyść system CCleaner'em, zrób defragmentację. Powinno śmigać jak ta lala bo w logu już nic więcej nie widać.
elizawgwldz komentarz 19 sierpnia 2010 Autor komentarz 19 sierpnia 2010 Bardzo dziękuję Tomaszu za pomoc mam wstawić jakieś logi jeszcze czy już nie trzeba? wydaje mi się że jest dużo lepiej, herss.exe się pozbyłam i mam nadzieję że nie wróci,od razu komputer zaczął pokazywać dyski i pamięci zewnętrzne,można dotrzeć do ukrytych plików no i mniej się zacina,mozilla też już się nie tnie. ccleaner już użyty.przede mną tylko defragmentacja którą zrobię zaraz. jednak jeszcze jedna rzecz o którą się spytam...nieszczęsny Trojan killer znalazł mi jeszcze takie coś (dwa pliki),zaznaczył na czerwono,wstawiam raport ze skanowania,jest krótki więc pozwoliłam go sobie po prostu wkleić : Starting the file scan: Startup collected BHO plugins collected Service collected ActiveX collected Files collected Scanning process... ----[b]- \SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe ---- Registry Hijack.Security ----- \SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EKRN.exe ---- Registry Hijack.Security[/b] Scan completed! Scan result: 2 detected items Scan completed in: Scan completed in 7 minute(s) 0 sec. Files were scanned: 2836 cóż to jest,i czy coś jeszcze z tym robić?jeśli tak to co?
Sohei komentarz 20 sierpnia 2010 komentarz 20 sierpnia 2010 hmmm z tego co mi wiadomo to obydwa pochodzą od antyvirusa nod32 więc sądzę że ten caly trojan killer pokazuje fake alerty
elizawgwldz komentarz 20 sierpnia 2010 Autor komentarz 20 sierpnia 2010 Sohei też mi się tak wydaje,no ale cóż wymagać od takiej pierdoły,ale dodam ciekawostke, ESET nie wykrył mi herss'a a trojan killer i owszem,ehhh
Sohei komentarz 20 sierpnia 2010 komentarz 20 sierpnia 2010 ważne że tomek usuną infekcje a w/w kluczy rejestru radzę nie ruszać
elizawgwldz komentarz 20 sierpnia 2010 Autor komentarz 20 sierpnia 2010 nie nie ,nie mam zamiaru i nie będę tego ruszać,już będę zwracać większa uwagę na wykrywane rzeczy,faktycznie masz rację bo właśnie skojarzyłam że zaczął mi to wykrywać po zainstalowaniu eset smart security.jeszcze raz dzięki wam wielkie za pomoc,i przede wszystkim że tak szybko się odezwaliście.jakbyście gdzieś mieli podane adresy to bym wam aż po zimnym piwie wysłała jeszcze (bez urazy oczywiście).pozdrawiam
Sohei komentarz 20 sierpnia 2010 komentarz 20 sierpnia 2010 takie nasze zadanie pomagać użytkownikom [color="#2E8B57"]//Otóż To !!! //Tomek01[/color]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.