Dawid_1551 utworzono 15 marca 2011 utworzono 15 marca 2011 Mam pewien problem od pewnego czasu włączam komputer kilkam na ikonke logowania do windows musze czekac ok 45 sek. zanim się włączy następnie jest tapeta bez niczego bez paska ikonek dosłownie bez niczego Aby uruchomic pasek musze uruchomić Menadżera Zadań wejść w aplikacje -> Nowe Zadanie -> i Wpisać windows wtedy się wszystko wyświetli o Także błąd którego Mam Na screenie [img]http://iv.pl/images/77164410237875337057.jpg[/img] [font="Lucida Sans Unicode"]Proszę pomożecie ?? PLS !! Mam dość Tego! [/font] [color="#0000FF"]//Przenoszę //Tom01[/color]
stachos komentarz 15 marca 2011 komentarz 15 marca 2011 odpal msconfig i zrob screen tego co masz w autostarcie oraz rozruchu
Dawid_1551 komentarz 16 marca 2011 Autor komentarz 16 marca 2011 w Autostarcie: [img]http://iv.pl/images/39582169758575503957.jpg[/img] [img]http://iv.pl/images/00066722270934907344.jpg[/img]
D3vzaN komentarz 16 marca 2011 komentarz 16 marca 2011 Mam podobny problem, ale np. gdy klikam Start > Wyłącz to jak dam w tym popupie Wyłącz komputer (lub czasami wcisnę przycisk W) to ono się wyłącza i nic się nie dzieje (więc w wierszu poleceń daję komendę shutdown -s). Ogólnie długo się wyłącza (długo jest to okno ze statusami "Trwa zamykanie systemu..." etc.).
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Dawid, w procesach widzę Adware MyWebSearch. Do tego objawy jak najbardziej wirusowe. Przenoszę do odpowiedniego działu. Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] Jak by coś wykrył, raport pokaż na forum. Wrzuć zestaw logów, wklejając je w tagi, info poniżej:
Dawid_1551 komentarz 16 marca 2011 Autor komentarz 16 marca 2011 Nowy Przypadek Próbuje Pobrać Ten program i komputer się sam wyłancza . Nie wiem od czego to moze byc . ;/
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Spróbuj w trybie awaryjnym użyć Mbam. Wstaw logi o które prosiłem. Do tego w procesach, wcześniej rzuciło mi się tylko MyWebSearch, widać infekcję z pendrive'a: Tempherss, nodqq oraz infekcję King. Przed wstawieniem logów użyj z podpiętym pen’em [url="http://www.instalki.pl/programy/download/Windows/antywirusy/UsbFix.html"][color="#0000FF"][b]USBFix[/b][/color][/url], z opcją * Vaccinate.
Dawid_1551 komentarz 17 marca 2011 Autor komentarz 17 marca 2011 Mam tylko logi z OTL ponieważ jak Chce włączyć RSITA to komputer sie wyłancza a jak chce pobrac ten USB to tez sie wylancza Proszę oto logi: [log]OTL logfile created on: 2011-03-16 20:23:37 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,00 Mb Total Physical Memory | 71,00 Mb Available Physical Memory | 28,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,65 Gb Total Space | 2,70 Gb Free Space | 18,46% Space Free | Partition Type: NTFS Drive D: | 24,41 Gb Total Space | 23,32 Gb Free Space | 95,52% Space Free | Partition Type: NTFS Drive E: | 35,46 Gb Total Space | 26,51 Gb Free Space | 74,76% Space Free | Partition Type: NTFS Computer Name: PA-5BDB842177E2 | User Name: Państwo Duszak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-03-16 20:09:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-12-12 20:21:25 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-12 20:21:22 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-08-07 18:19:32 | 000,045,302 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\winlogon.exe PRC - [2010-08-07 18:19:32 | 000,045,302 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\services.exe PRC - [2010-08-07 18:19:32 | 000,045,302 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\lsass.exe PRC - [2010-04-26 18:39:24 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-01-11 14:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-08-06 15:54:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe PRC - [2009-02-09 10:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe PRC - [2008-01-24 10:59:10 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.exe PRC - [2008-01-24 10:54:16 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe PRC - [2006-10-25 07:32:36 | 000,036,864 | RHS- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\EXPLORER.EXE PRC - [2006-06-27 13:11:54 | 000,046,718 | ---- | M] (MyPortal.pl) -- C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smss.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [WUDFSERVICEGROUP] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsass.exe PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ctfmon.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrss.exe PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-03-16 20:21:00 | 000,118,784 | RHS- | M] () -- C:\WINDOWS\system32\mgking0.dll MOD - [2011-03-16 20:20:59 | 000,087,552 | RHS- | M] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Temp\nodqq0.dll MOD - [2011-03-16 20:09:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-01-05 10:49:13 | 000,841,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2010-01-05 10:49:09 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll MOD - [2009-06-25 09:23:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:31:27 | 000,583,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-02-09 11:03:55 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-09 11:03:55 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 13:53:07 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 14:03:38 | 008,489,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-01-24 10:58:57 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-01-24 10:57:51 | 000,579,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-01-24 10:56:41 | 000,549,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-01-24 10:54:46 | 001,285,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-01-24 10:54:40 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-01-24 10:46:46 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-01-24 10:42:41 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll MOD - [2008-01-24 10:42:36 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2006-08-25 08:51:14 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winspool.drv MOD - [2004-08-04 00:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-04 00:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (MSDTC) SRV - File not found [On_Demand | Stopped] -- -- (avast! Web Scanner) SRV - File not found [On_Demand | Stopped] -- -- (avast! Mail Scanner) SRV - File not found [Auto | Stopped] -- -- (avast! Antivirus) SRV - File not found [Auto | Stopped] -- -- (aswUpdSv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-04-21 08:22:17 | 000,038,784 | R--- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\Axtmvprt.sys -- (Axtmvprt) DRV - [2009-04-21 08:22:03 | 000,040,064 | R--- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\Axtmvmdm.sys -- (Axtmvmdm) DRV - [2009-04-21 08:21:42 | 000,003,456 | R--- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\Axtmvflt.sys -- (Axtmvflt) DRV - [2008-11-11 12:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - [2008-11-11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - [2008-11-11 12:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - [2006-04-19 09:54:33 | 000,087,936 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2006-04-19 09:53:24 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2006-04-19 09:53:05 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2006-04-19 09:52:00 | 000,024,240 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2004-08-04 01:35:04 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag) DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum) DRV - [2004-01-09 16:17:02 | 000,601,100 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2003-12-11 16:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - [2003-07-01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2003-06-12 11:31:46 | 000,075,904 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viasraid.sys -- (viasraid) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-73586283-839522115-197928-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-73586283-839522115-197928-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-73586283-839522115-197928-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Wrzuta" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://nk.pl/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.2 FF - prefs.js..extensions.enabledItems: FantapperExtension@brandaffinity.net:1.0.2 FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKfox000&ptb=nVZH98lIpbRKwgeoo6Bf3Q&ind=2010080508&ptnrS=ZKfox000&si=&n=77cf64fc&psa=&st=kwd&searchfor=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-18 13:05:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-12 20:21:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-06-09 17:46:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Mozilla\Extensions [2011-03-16 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Mozilla\Firefox\Profiles\7qjp8cjp.default\extensions [2010-06-13 16:00:30 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Mozilla\Firefox\Profiles\7qjp8cjp.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010-12-31 12:27:07 | 000,000,000 | ---D | M] ("Fantapper") -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Mozilla\Firefox\Profiles\7qjp8cjp.default\extensions\FantapperExtension@brandaffinity.net [2010-12-31 12:27:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Mozilla\Firefox\Profiles\7qjp8cjp.default\extensions\FantapperExtension@brandaffinity.net\chrome [2010-12-31 12:27:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Mozilla\Firefox\Profiles\7qjp8cjp.default\extensions\FantapperExtension@brandaffinity.net\defaults [2010-10-09 10:45:14 | 000,010,017 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Mozilla\Firefox\Profiles\7qjp8cjp.default\searchplugins\mywebsearch.xml [2010-10-24 19:49:46 | 000,001,972 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Mozilla\Firefox\Profiles\7qjp8cjp.default\searchplugins\wrzuta.xml [2011-03-16 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PAĹ„STWO DUSZAK\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\7QJP8CJP.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PAĹ„STWO DUSZAK\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\7QJP8CJP.DEFAULT\EXTENSIONS\FANTAPPEREXTENSION@BRANDAFFINITY.NET [2010-04-26 18:39:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-03-31 09:57:14 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-05-18 13:40:10 | 000,685,552 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPMAKAOV2.dll [2010-06-12 06:15:05 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2010-06-12 06:15:05 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2010-06-12 06:15:05 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2010-06-12 06:15:05 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2010-06-12 06:15:05 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-06-12 06:15:05 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-08-04 11:34:11 | 000,000,883 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 62.146.191.245 ns1.bigpoint.net O1 - Hosts: 62.146.190.5 ns2.bigpoint.net O1 - Hosts: 216.151.180.15 ns3.bigpoint.net O1 - Hosts: 62.146.187.21 pl1.darkorbit.com O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKU\S-1-5-21-73586283-839522115-197928-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [avast!] File not found O4 - HKLM..\Run: [Bron-Spizaetus] File not found O4 - HKLM..\Run: [Bron-Spizaetus-cgiolspw] C:\WINDOWS\ShellNew\bbm-wpsloigc.exe () O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [api32] C:\DOCUME~1\PASTWO~1\USTAWI~1\Temp\apiqq.exe () O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [AutoConnect] File not found O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [cdoosoft] C:\DOCUME~1\PASTWO~1\USTAWI~1\Temp\herss.exe () O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [dso32] C:\DOCUME~1\PASTWO~1\USTAWI~1\Temp\dsoqq.exe () O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [King_ar] C:\WINDOWS\System32\arking.exe () O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [king_mg] C:\WINDOWS\System32\mgking.exe () O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [nod32] C:\DOCUME~1\PASTWO~1\USTAWI~1\Temp\nodqq.exe () O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [SpeedX] C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe (MyPortal.pl) O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [Tok-Cirrhatus] File not found O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [Tok-Cirrhatus-4566] C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\br10155on.exe () O4 - HKU\S-1-5-21-73586283-839522115-197928-1003..\Run: [wsctf.exe] File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found O4 - Startup: C:\Documents and Settings\Państwo Duszak\Menu Start\Programy\Autostart\Empty.pif () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-73586283-839522115-197928-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-73586283-839522115-197928-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1 O7 - HKU\S-1-5-21-73586283-839522115-197928-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O20 - HKLM Winlogon: Shell - ("C:\WINDOWS\sembako-cgzjloi.exe") - C:\WINDOWS\sembako-cgzjloi.exe () O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O31 - SafeBoot: AlternateShell - cmd-bro-olx.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-03-16 20:21:06 | 000,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-03-16 20:24:50 | 000,000,057 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-03-16 20:24:50 | 000,000,051 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-03-16 20:24:50 | 000,000,057 | RHS- | M] () - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{06c20674-fde8-11de-a8a9-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{06c20674-fde8-11de-a8a9-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{21635eca-058c-11df-a8c5-000feaa0a10a}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{21635eca-058c-11df-a8c5-000feaa0a10a}\Shell\explore\Command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{21635eca-058c-11df-a8c5-000feaa0a10a}\Shell\open\Command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{282abfc8-2723-11e0-97b9-000feaa0a10a}\Shell\AutoRun\command - "" = G:\r3fhr.exe O33 - MountPoints2\{282abfc8-2723-11e0-97b9-000feaa0a10a}\Shell\open\Command - "" = G:\r3fhr.exe O33 - MountPoints2\{2b1267ee-fc4e-11de-a89f-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{2b1267ee-fc4e-11de-a89f-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2b1267f0-fc4e-11de-a89f-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{2b1267f0-fc4e-11de-a89f-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2b1267f1-fc4e-11de-a89f-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{2b1267f1-fc4e-11de-a89f-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{4e084dd0-fae7-11de-a89e-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{4e084dd0-fae7-11de-a89e-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{4e084dd1-fae7-11de-a89e-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{4e084dd1-fae7-11de-a89e-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{58d74d52-c309-11df-969a-000feaa0a10a}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{58d74d52-c309-11df-969a-000feaa0a10a}\Shell\explore\Command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{58d74d52-c309-11df-969a-000feaa0a10a}\Shell\open\Command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{5f1fdc02-73e6-11df-9586-000feaa0a10a}\Shell\AutoRun\command - "" = G:\r3fhr.exe O33 - MountPoints2\{5f1fdc02-73e6-11df-9586-000feaa0a10a}\Shell\open\Command - "" = G:\r3fhr.exe O33 - MountPoints2\{8d7e46c4-2074-11df-93d7-000feaa0a10a}\Shell\AutoRun\command - "" = G:\nds0q.exe O33 - MountPoints2\{8d7e46c4-2074-11df-93d7-000feaa0a10a}\Shell\open\Command - "" = G:\nds0q.exe O33 - MountPoints2\{94bd356e-fad9-11de-a89d-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{94bd356e-fad9-11de-a89d-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a5298822-1955-11df-93bd-000feaa0a10a}\Shell\AutoRun\command - "" = G:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe O33 - MountPoints2\{a5298822-1955-11df-93bd-000feaa0a10a}\Shell\open\command - "" = G:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe O33 - MountPoints2\{ccfd512e-a87c-11df-964f-000feaa0a10a}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{ccfd512e-a87c-11df-964f-000feaa0a10a}\Shell\explore\Command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{ccfd512e-a87c-11df-964f-000feaa0a10a}\Shell\open\Command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{d8b18258-fdad-11de-a8a6-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{d8b18258-fdad-11de-a8a6-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d8b1825a-fdad-11de-a8a6-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{d8b1825a-fdad-11de-a8a6-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d8b21d08-fad8-11de-a89c-000feaa0a10a}\Shell - "" = AutoRun O33 - MountPoints2\{d8b21d08-fad8-11de-a89c-000feaa0a10a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{e3e12c99-f3bb-11de-a87d-000feaa0a10a}\Shell\AutoRun\command - "" = G:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe O33 - MountPoints2\{e3e12c99-f3bb-11de-a87d-000feaa0a10a}\Shell\open\command - "" = G:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^VIA RAID TOOL.lnk - C:\PROGRA~1\VIA\RAID\RAID_T~1.EXE - (VIA) MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]SoundMan[/b] - hkey= - key= - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) MsConfig - StartUpReg: [b]Tok-Cirrhatus[/b] - hkey= - key= - C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\br10155on.exe () MsConfig - StartUpReg: [b]Tok-Cirrhatus-4566[/b] - hkey= - key= - C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\br10155on.exe () MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 1 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-03-16 06:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-16 [2011-03-15 21:28:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011-03-15 16:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-15 [2011-03-14 20:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\MyPortal [2011-03-14 20:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Menu Start\Programy\MyPortal [2011-03-14 15:39:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-14 [2011-03-13 13:39:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-13 [2011-03-12 21:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Originals [2011-03-12 20:45:58 | 000,000,000 | ---D | C] -- C:\Program Files\AmitySource [2011-03-12 20:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AmitySource [2011-03-12 12:15:54 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2011-03-12 12:01:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-12 [2011-03-11 18:13:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Unity [2011-03-11 15:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-11 [2011-03-10 15:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-10 [2011-03-09 15:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-9 [2011-03-08 17:07:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Pulpit\Nowy folder [2011-03-08 09:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-8 [2011-03-07 15:45:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-7 [2011-03-06 12:29:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-6 [2011-03-05 08:49:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-5 [2011-03-04 15:36:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-4 [2011-03-03 15:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-3 [2011-03-02 15:34:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-2 [2011-03-01 18:51:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-1 [2011-02-28 20:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HyperCam 3 [2011-02-28 20:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Solveig Multimedia [2011-02-28 20:47:11 | 000,000,000 | ---D | C] -- C:\Program Files\HyperCam 3 [2011-02-28 13:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-28 [2011-02-27 14:10:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Pulpit\Pulpit [2011-02-27 12:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-27 [2011-02-26 16:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Ok-SendMail-Bron-tok [2011-02-26 16:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Loc.Mail.Bron.Tok [2011-02-26 16:16:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\Bron.tok-18-26 [2011-02-26 16:16:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew [2011-02-19 19:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Locktime [2011-02-19 19:25:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Locktime [2011-02-18 16:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\Teamspeak2_RC2 [2011-02-18 16:51:54 | 001,657,659 | ---- | C] (TeamSpeak Systems ) -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\ts2_server_rc2_202319.exe [2011-02-16 16:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\Postal2 [2011-02-12 18:08:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Menu Start\Programy\San Andreas Multiplayer [2011-02-08 16:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\K-Meleon [2011-02-08 16:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\K-Meleon [2011-02-03 16:46:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Państwo Duszak\Menu Start\Programy\Narzędzia administracyjne [2011-01-24 23:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\The KMPlayer [2011-01-24 23:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Menu Start\Programy\The KMPlayer [2011-01-24 23:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer [2011-01-24 23:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Menu Start\Programy\Vplayer [2011-01-24 23:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vplayer [2011-01-24 23:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codec pack Extend [2011-01-24 23:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Crystal Player [2011-01-21 16:41:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-03-16 20:26:05 | 000,000,051 | RHS- | M] () -- C:\autorun.inf [2011-03-16 20:21:32 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-03-16 20:21:06 | 000,000,007 | -HS- | M] () -- C:\AUTOEXEC.BAT [2011-03-16 20:21:00 | 000,118,784 | RHS- | M] () -- C:\WINDOWS\System32\mgking0.dll [2011-03-16 20:20:50 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-03-16 20:20:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-03-16 20:20:42 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys [2011-03-16 20:19:20 | 000,000,240 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\BronNetDomList.bat [2011-03-16 20:02:01 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-03-16 19:53:47 | 000,129,024 | RHS- | M] () -- C:\WINDOWS\System32\arking0.dll [2011-03-16 19:46:34 | 000,196,608 | RHS- | M] () -- C:\WINDOWS\System32\arking.exe [2011-03-16 15:31:49 | 000,147,282 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\bez tytułu1.JPG [2011-03-16 15:31:15 | 000,150,196 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\bez tytułu.JPG [2011-03-15 21:44:06 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-03-15 21:20:39 | 000,079,575 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\1271956614_by_kazza21_500.jpg [2011-03-15 19:47:30 | 000,008,635 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\indeks.jpg [2011-03-15 19:47:10 | 000,009,022 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\images.jpg [2011-03-15 19:38:01 | 000,009,590 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\indekss.jpg [2011-03-15 17:23:33 | 000,118,784 | RHS- | M] () -- C:\WINDOWS\System32\mgking1.dll [2011-03-14 20:52:11 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\sx.inf [2011-03-14 20:52:06 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\Speed-X.lnk [2011-03-14 20:04:21 | 000,129,024 | RHS- | M] () -- C:\WINDOWS\System32\arking1.dll [2011-03-14 17:15:09 | 000,130,048 | -H-- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\photothumb.db [2011-03-14 17:09:20 | 000,041,766 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\heroina3.jpg [2011-03-12 21:31:07 | 000,007,746 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\logo6.png [2011-03-12 21:29:55 | 000,010,468 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Nike_Wallpapers_by_drift_Angel.jpg [2011-03-06 13:35:12 | 078,405,590 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\Claax prestent energy electro mix 5.03.2011 (seciki.pl).mp3 [2011-03-06 12:45:06 | 000,031,045 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\b0fd2ef01f.jpeg [2011-03-06 12:28:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-03-02 19:15:35 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-28 20:47:47 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\HyperCam 3.lnk [2011-02-26 16:36:21 | 000,000,389 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\JunkAtx18.bin [2011-02-26 16:16:09 | 000,000,010 | RHS- | M] () -- C:\WINDOWS\System32\sistem.sys [2011-02-26 15:59:27 | 000,013,312 | -H-- | M] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\photothumb.db [2011-02-18 16:51:57 | 001,657,659 | ---- | M] (TeamSpeak Systems ) -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\ts2_server_rc2_202319.exe [2011-02-15 17:52:47 | 000,435,978 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-02-15 17:52:47 | 000,380,350 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-02-15 17:52:47 | 000,067,078 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-02-15 17:52:47 | 000,052,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-01-24 23:21:48 | 000,000,813 | ---- | M] () -- C:\WINDOWS\VPlayer.INI [2011-01-24 23:21:48 | 000,000,084 | ---- | M] () -- C:\WINDOWS\VplayerINI.vpl [2011-01-24 23:16:05 | 000,048,414 | ---- | M] () -- C:\WINDOWS\System32\uninst Codec pack Extend (ffdshow, h264, vp56).exe [2011-01-24 20:03:09 | 000,084,799 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Gol.PNG [2011-01-24 19:54:33 | 000,003,160 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\3ringsandtriangle.png [2011-01-22 21:55:42 | 000,087,529 | ---- | M] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\GTA.JPG [2011-01-18 22:26:47 | 000,000,102 | ---- | M] () -- C:\WINDOWS\FaceFun.INI [2011-01-18 22:24:00 | 000,000,528 | RHS- | M] () -- C:\WINDOWS\PCGWIN32.LI4 [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-16 20:19:20 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\BronNetDomList.bat [2011-03-16 16:34:02 | 000,000,057 | RHS- | C] () -- C:\autorun.inf [2011-03-16 15:31:49 | 000,147,282 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\bez tytułu1.JPG [2011-03-16 15:31:15 | 000,150,196 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\bez tytułu.JPG [2011-03-15 21:09:06 | 000,174,592 | RHS- | C] () -- C:\albkpq3.exe [2011-03-15 19:36:14 | 000,009,590 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\indekss.jpg [2011-03-15 19:34:41 | 000,008,635 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\indeks.jpg [2011-03-14 20:52:11 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\sx.inf [2011-03-14 20:52:06 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\Speed-X.lnk [2011-03-14 17:07:20 | 000,041,766 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\heroina3.jpg [2011-03-12 20:53:32 | 000,007,746 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\logo6.png [2011-03-06 14:12:03 | 078,405,590 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\Claax prestent energy electro mix 5.03.2011 (seciki.pl).mp3 [2011-03-06 12:45:00 | 000,031,045 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\b0fd2ef01f.jpeg [2011-02-28 20:47:46 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Pulpit\HyperCam 3.lnk [2011-02-26 16:36:21 | 000,000,389 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\JunkAtx18.bin [2011-02-26 16:16:09 | 000,000,010 | RHS- | C] () -- C:\WINDOWS\System32\sistem.sys [2011-02-25 20:18:16 | 000,115,712 | RHS- | C] () -- C:\ysyjq1bs.exe [2011-02-21 20:41:15 | 000,182,272 | RHS- | C] () -- C:\w9.exe [2011-01-27 10:02:55 | 000,128,000 | RHS- | C] () -- C:\r3fhr.exe [2011-01-24 23:20:52 | 000,000,813 | ---- | C] () -- C:\WINDOWS\VPlayer.INI [2011-01-24 23:20:52 | 000,000,084 | ---- | C] () -- C:\WINDOWS\VplayerINI.vpl [2011-01-24 23:16:05 | 000,048,414 | ---- | C] () -- C:\WINDOWS\System32\uninst Codec pack Extend (ffdshow, h264, vp56).exe [2011-01-24 20:03:09 | 000,084,799 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Gol.PNG [2011-01-24 19:54:42 | 000,003,160 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\3ringsandtriangle.png [2011-01-22 21:55:42 | 000,087,529 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Moje dokumenty\GTA.JPG [2011-01-18 22:24:28 | 000,000,102 | ---- | C] () -- C:\WINDOWS\FaceFun.INI [2011-01-18 22:24:00 | 000,000,528 | RHS- | C] () -- C:\WINDOWS\PCGWIN32.LI4 [2011-01-11 21:03:59 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-20 21:17:06 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-12-10 07:51:38 | 000,597,504 | ---- | C] () -- C:\WINDOWS\System32\aswBoot.exe [2010-12-03 18:33:46 | 000,129,024 | RHS- | C] () -- C:\WINDOWS\System32\arking1.dll [2010-11-28 17:37:37 | 000,196,608 | RHS- | C] () -- C:\WINDOWS\System32\arking.exe [2010-11-28 17:37:37 | 000,129,024 | RHS- | C] () -- C:\WINDOWS\System32\arking0.dll [2010-11-08 17:17:08 | 000,118,784 | RHS- | C] () -- C:\WINDOWS\System32\mgking1.dll [2010-11-08 07:38:14 | 000,182,272 | RHS- | C] () -- C:\WINDOWS\System32\mgking.exe [2010-11-08 07:38:14 | 000,118,784 | RHS- | C] () -- C:\WINDOWS\System32\mgking0.dll [2010-07-06 18:20:51 | 000,045,302 | -H-- | C] () -- C:\WINDOWS\sembako-cgzjloi.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\winlogon.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\svchost.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\smss.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\services.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\lsass.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\inetinfo.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\WINDOWS\System32\DXBLBA.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\csrss.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\WINDOWS\System32\cmd-bro-olx.exe [2010-07-06 18:20:51 | 000,045,302 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\br10155on.exe [2010-06-08 18:03:19 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\proc-1605931354.bin [2010-03-21 17:20:11 | 000,280,576 | ---- | C] () -- C:\WINDOWS\System32\pxd_kom.dll [2010-03-21 17:20:10 | 000,078,085 | ---- | C] () -- C:\WINDOWS\System32\Pattern.dat [2010-03-21 17:19:04 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll [2010-03-21 17:19:01 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\drumpad.dll [2010-03-21 17:19:01 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\Animation.dll [2010-03-21 17:19:01 | 000,075,976 | ---- | C] () -- C:\WINDOWS\System32\BASSDEC.dll [2010-03-13 09:17:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\naglos.INI [2010-02-05 12:56:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-01-10 10:38:27 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2010-01-03 14:06:40 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-31 08:56:12 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-12-29 07:29:06 | 000,000,227 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2009-12-28 19:17:06 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-12-28 19:15:20 | 000,119,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-12-28 18:34:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-12-28 18:25:49 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-12-28 15:21:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI [2009-12-28 15:19:23 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS66.DLL [2009-12-28 15:13:31 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2009-12-28 15:13:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2007-01-17 17:40:04 | 000,403,968 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2007-01-17 17:40:02 | 003,158,528 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2007-01-17 17:40:02 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2007-01-17 17:26:42 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2006-12-31 22:00:00 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll [2006-11-02 17:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe [2006-10-28 19:10:44 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe [2004-10-12 07:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2004-10-12 07:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2004-10-09 07:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2002-10-06 18:42:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2002-10-04 23:04:26 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll [2002-10-04 23:04:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2002-10-04 23:04:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2001-10-26 17:15:16 | 000,435,978 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 17:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 17:15:16 | 000,067,078 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 17:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-23 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 22:30:24 | 000,380,350 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 22:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 22:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 22:30:22 | 000,052,764 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 22:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-21 23:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 23:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 23:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2010-03-09 14:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-03-15 20:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-02-19 19:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Locktime [2010-04-19 19:29:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-03-31 16:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-21 16:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Avant Browser [2011-01-24 23:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Crystal Player [2010-03-09 14:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\ESET [2010-05-16 10:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Gadu-Gadu [2010-03-16 20:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Gadu-Gadu 10 [2010-09-11 18:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\GanymedeNet [2010-10-01 18:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\gtk-2.0 [2010-03-08 11:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\InterTrust [2010-01-08 13:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\iPlus [2010-09-09 17:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\LG Electronics [2011-02-19 19:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Locktime [2010-03-15 20:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\OpenFM [2010-03-10 14:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Opera [2010-06-25 19:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\PowerChallenge [2011-02-08 16:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Toolbar4 [2011-03-11 18:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\Unity [2010-04-14 14:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Państwo Duszak\Dane aplikacji\uTorrent [2010-08-24 18:18:07 | 000,000,540 | ---- | M] () -- C:\WINDOWS\Tasks\Install.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-06-21 17:24:58 | 000,117,248 | RHS- | M] () -- C:\09lf.exe [2010-07-31 17:58:29 | 000,116,224 | RHS- | M] () -- C:\6mhbwj.exe [2010-10-23 16:41:14 | 000,162,816 | RHS- | M] () -- C:\9d6resf.exe [2010-11-02 16:02:18 | 000,153,088 | RHS- | M] () -- C:\9keibj.exe [2010-10-30 11:13:12 | 000,174,592 | RHS- | M] () -- C:\albkpq3.exe [2010-10-30 16:23:32 | 000,175,616 | RHS- | M] () -- C:\apqpm.exe [2011-03-16 20:21:06 | 000,000,007 | -HS- | M] () -- C:\AUTOEXEC.BAT [2011-03-16 20:27:19 | 000,000,051 | RHS- | M] () -- C:\autorun.inf [2010-06-03 16:39:14 | 000,116,736 | RHS- | M] () -- C:\awb3ryk.exe [2010-10-28 16:41:39 | 000,175,616 | RHS- | M] () -- C:\b9v.exe [2010-07-16 07:37:05 | 000,117,760 | RHS- | M] () -- C:\biriprg.exe [2011-03-15 21:44:06 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-11-14 09:09:32 | 000,178,176 | RHS- | M] () -- C:\bud3mkqr.exe [2010-11-11 16:45:34 | 000,179,712 | RHS- | M] () -- C:\cbbw88s.exe [2010-06-01 15:33:27 | 000,115,200 | RHS- | M] () -- C:\cgaqyi.exe [2009-12-28 18:30:07 | 000,000,000 | ---- | M] () -- C:\CONFIG [2010-11-09 16:06:01 | 000,178,176 | RHS- | M] () -- C:\dwh.exe [2010-11-06 16:29:17 | 000,174,592 | RHS- | M] () -- C:\egmjjb.exe [2010-11-17 16:34:09 | 000,176,640 | RHS- | M] () -- C:\et3ypes.exe [2010-06-25 16:11:20 | 000,117,248 | RHS- | M] () -- C:\eyruu.exe [2010-05-25 16:15:06 | 000,113,152 | RHS- | M] () -- C:\f662sjd.exe [2010-07-05 15:44:03 | 000,117,248 | RHS- | M] () -- C:\g6jk.exe [2010-10-14 15:56:55 | 000,174,592 | RHS- | M] () -- C:\h3wp9.exe [2011-03-16 20:20:42 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys [2010-11-22 18:25:06 | 000,179,712 | RHS- | M] () -- C:\i00dvoym.exe [2010-07-14 16:50:46 | 000,116,224 | RHS- | M] () -- C:\i8gcgmg.exe [2009-12-28 18:30:07 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-10-14 10:04:44 | 000,174,592 | RHS- | M] () -- C:\io3yalc.exe [2010-10-21 18:33:29 | 000,162,816 | RHS- | M] () -- C:\jeo3ky.exe [2010-10-20 17:23:24 | 000,162,816 | RHS- | M] () -- C:\jofk1wf.exe [2010-06-16 06:15:16 | 000,114,688 | RHS- | M] () -- C:\krwyrv0d.exe [2010-10-16 16:12:54 | 000,174,592 | RHS- | M] () -- C:\kyme.exe [2010-11-04 19:12:22 | 000,173,568 | RHS- | M] () -- C:\l10.exe [2010-10-27 05:38:51 | 000,180,224 | RHS- | M] () -- C:\lpl.exe [2009-12-28 18:30:07 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-06-08 16:15:54 | 000,114,688 | RHS- | M] () -- C:\n0qls.exe [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 22:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-10-18 17:20:10 | 000,162,816 | RHS- | M] () -- C:\o1o.exe [2010-05-15 18:52:10 | 000,112,640 | RHS- | M] () -- C:\p6xebrnt.exe [2011-03-16 20:20:41 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys [2010-04-02 08:02:44 | 000,116,736 | RHS- | M] () -- C:\pbyqfn.exe [2004-08-04 00:44:26 | 000,283,136 | ---- | M] (Cinematronics) -- C:\PINBALL.EXE [2010-04-19 08:02:01 | 000,128,000 | RHS- | M] () -- C:\r3fhr.exe [2010-10-25 16:19:17 | 000,139,264 | RHS- | M] () -- C:\r3q63rok.exe [2010-07-13 12:08:19 | 000,116,736 | RHS- | M] () -- C:\r3x0k.exe [2010-06-11 06:18:44 | 000,116,736 | RHS- | M] () -- C:\rfg.exe [2010-10-27 15:55:44 | 000,178,688 | RHS- | M] () -- C:\tscl.exe [2010-11-28 11:18:37 | 000,182,272 | RHS- | M] () -- C:\w9.exe [2010-03-13 11:15:25 | 000,140,408 | ---- | M] () -- C:\Worms-(8)-[!].gs0 [2010-10-18 05:43:57 | 000,175,104 | RHS- | M] () -- C:\wq.exe [2010-07-07 19:47:33 | 000,116,224 | RHS- | M] () -- C:\x3xh.exe [2010-06-08 05:54:27 | 000,115,200 | RHS- | M] () -- C:\yqq8eqil.exe [2010-04-05 20:12:09 | 000,115,712 | RHS- | M] () -- C:\ysyjq1bs.exe [2010-11-26 13:43:30 | 000,182,784 | RHS- | M] () -- C:\yveqsh93.exe [2010-09-11 13:19:05 | 000,000,534 | ---- | M] () -- C:\[20081211]InternetKit.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-24 11:05:50 | 016,733,141 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-01-24 11:05:50 | 016,733,141 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\System32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\System32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-24 11:05:50 | 016,733,141 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\System32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\System32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\System32\winlogon.exe [2010-08-07 18:19:32 | 000,045,302 | ---- | M] () MD5=1C750E4F327E0050D4F5790FD882A436 -- C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Dane aplikacji\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت @Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report >[/log] [log]OTL Extras logfile created on: 2011-03-16 20:23:38 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 255,00 Mb Total Physical Memory | 71,00 Mb Available Physical Memory | 28,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,65 Gb Total Space | 2,70 Gb Free Space | 18,46% Space Free | Partition Type: NTFS Drive D: | 24,41 Gb Total Space | 23,32 Gb Free Space | 95,52% Space Free | Partition Type: NTFS Drive E: | 35,46 Gb Total Space | 26,51 Gb Free Space | 74,76% Space Free | Partition Type: NTFS Computer Name: PA-5BDB842177E2 | User Name: Państwo Duszak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-73586283-839522115-197928-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\K-Meleon\K-Meleon.exe" "%1" piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Axesstel\AxessManager\AxessManager.exe" = C:\Program Files\Axesstel\AxessManager\AxessManager.exe:*:Enabled:AxessManager Application "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- (Gadu-Gadu S.A.) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\Team17\Worms 2\Frontend.exe" = C:\Program Files\Team17\Worms 2\Frontend.exe:*:Enabled:Worms 2 Frontend "C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser "C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Temporary Internet Files\Content.IE5\3J5O7PJ4\Wowd-4.0.3-beta-Windows-appbar[1].exe" = C:\Documents and Settings\Państwo Duszak\Ustawienia lokalne\Temporary Internet Files\Content.IE5\3J5O7PJ4\Wowd-4.0.3-beta-Windows-appbar[1].exe:*:Enabled:Wowd "C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Pobieranie\Wowd-4.0.3-beta-Windows-appbar.exe" = C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Pobieranie\Wowd-4.0.3-beta-Windows-appbar.exe:*:Enabled:Wowd "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam "C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Wowd-4.1.0-beta-Windows-appbar.exe" = C:\Documents and Settings\Państwo Duszak\Moje dokumenty\Wowd-4.1.0-beta-Windows-appbar.exe:*:Enabled:Wowd -- (Wowd, Inc.) "C:\Documents and Settings\Państwo Duszak\Pulpit\Wowd-4.1.0-beta-Windows-appbar.exe" = C:\Documents and Settings\Państwo Duszak\Pulpit\Wowd-4.1.0-beta-Windows-appbar.exe:*:Enabled:Wowd "C:\Program Files\Java\jre6\launch4j-tmp\wowd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\wowd.exe:*:Enabled:Wowd -- (Sun Microsystems, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ""SubEdit-Player"" = "SubEdit-Player" "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{23D51AF4-E674-4F4C-A937-F98E458A37AB}_is1" = Testy B 2010a "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "{A05BE20E-6510-44BC-95ED-6E6D730407D3}" = Vplayer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord "{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FB4F9000-04FC-11E0-85D2-001AA037B01E}" = Google Earth Plug-in "7-Zip" = 7-Zip 4.35 beta "Ad-Aware SE Personal" = Ad-Aware SE Personal "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "avast!" = avast! Antivirus "CANONBJ_Deinstall_CNMCP66.DLL" = Canon PIXMA iP2000 "Codec pack Extend (ffdshow, h264, vp5/6)" = Codec pack Extend (ffdshow, h264, vp5/6) "DirectShowPack" = DirectShow Pack (remove only) "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox "Easy-WebPrint" = Easy-WebPrint "Enable S3 for USB Device" = Enable S3 for USB Device "Fraps" = Fraps "Gadu-Gadu" = Gadu-Gadu 7.7 "HyperCam 3" = HyperCam 3 "InstallShield_{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "Kreator sygnatur 1.0" = Kreator sygnatur 1.0 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NeroMultiInstaller!UninstallKey" = Nero Suite "PhotoScape" = PhotoScape "San Andreas Mod Installer1.1" = San Andreas Mod Installer "SPEEDX" = Speed-X (uninstall) "The KMPlayer" = The KMPlayer (remove only) "UserBar Generator_is1" = UserBar Generator 1.2 "WIC" = Windows Imaging Component "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "XP Codec Pack" = XP Codec Pack [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-73586283-839522115-197928-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Power Loader" = Power Challenge Game Plugin "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2010-05-11 06:57:02 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-11 10:51:14 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-11 12:46:10 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-12 08:23:41 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-13 06:56:19 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-14 00:36:16 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-14 09:46:24 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-14 11:12:18 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-14 11:13:51 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = Error - 2010-05-14 11:18:27 | Computer Name = PA-5BDB842177E2 | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 2011-02-28 16:18:08 | Computer Name = PA-5BDB842177E2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd smm_hypercam.exe, wersja 3.0.912.7, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-02-28 16:22:59 | Computer Name = PA-5BDB842177E2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wmplayer.exe, wersja 11.0.5721.5145, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-03-02 14:15:42 | Computer Name = PA-5BDB842177E2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd drwtsn32.exe, wersja 5.1.2600.0, moduł powodujący błąd dbghelp.dll, wersja 5.1.2600.2180, adres błędu 0x0001295d. Error - 2011-03-02 17:35:19 | Computer Name = PA-5BDB842177E2 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca taskmgr.exe, wersja 5.1.2600.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-03-06 12:50:35 | Computer Name = PA-5BDB842177E2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd explorer.exe, wersja 6.2900.0.2180, moduł powodujący błąd apiqq0.dll, wersja 0.0.0.0, adres błędu 0x00023c2f. Error - 2011-03-11 13:42:45 | Computer Name = PA-5BDB842177E2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.6000.21183, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0abec28e. Error - 2011-03-12 10:48:09 | Computer Name = PA-5BDB842177E2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.6000.21183, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x093ec28e. Error - 2011-03-13 11:09:38 | Computer Name = PA-5BDB842177E2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.3989, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.3520, adres błędu 0x0000100b. Error - 2011-03-14 15:01:51 | Computer Name = PA-5BDB842177E2 | Source = EventSystem | ID = 4609 Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył zły kod powrotu. HRESULT to 800706BF z w wierszu 44 z d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą Error - 2011-03-16 15:19:34 | Computer Name = PA-5BDB842177E2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.3989, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.3520, adres błędu 0x0000100b. [ System Events ] Error - 2011-03-16 14:49:15 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! iAVS4 Control Service z powodu następującego błędu: %%3 Error - 2011-03-16 14:49:15 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! Antivirus z powodu następującego błędu: %%3 Error - 2011-03-16 14:53:37 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! iAVS4 Control Service z powodu następującego błędu: %%3 Error - 2011-03-16 14:53:37 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! Antivirus z powodu następującego błędu: %%3 Error - 2011-03-16 15:03:28 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! iAVS4 Control Service z powodu następującego błędu: %%3 Error - 2011-03-16 15:03:28 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! Antivirus z powodu następującego błędu: %%3 Error - 2011-03-16 15:10:18 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! iAVS4 Control Service z powodu następującego błędu: %%3 Error - 2011-03-16 15:10:18 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! Antivirus z powodu następującego błędu: %%3 Error - 2011-03-16 15:20:57 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! iAVS4 Control Service z powodu następującego błędu: %%3 Error - 2011-03-16 15:20:57 | Computer Name = PA-5BDB842177E2 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi avast! Antivirus z powodu następującego błędu: %%3 < End of report >[/log]
drobny2992 komentarz 17 marca 2011 komentarz 17 marca 2011 Uruchom program Combofix, który usunie wszystkie zainfekowane pliki. Potem przeskanuj komputer antywirusem oraz napraw system poleceniem chkdsk c: /r w wierszu poleceń i będzie działać
Tomek01 komentarz 17 marca 2011 komentarz 17 marca 2011 Rzeczywiście w Twoim przypadku zastosowanie Combofix'a jest wskazane, Zrób przedtem jednak obraz partycji systemowej. Podczas instalacji Combofix'a koniecznie zezwól na instalację konsoli odzyskiwania ! Jest wirus BronTok, różne infekcje z mediów przenośnych, ogólnie syf.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.