proszeopomoc3 utworzono 5 sierpnia 2012 utworzono 5 sierpnia 2012 (edytowane) Witam, na pare dni uzyczylem komputer mojej Narzeczonej. Pojawilo sie Spyware. Kiedy serfuje na przegladarce to co jakis czas wyskakuje okno reklamowe w prawym dolnym rogu. Czyscilem kompa wszelkimi czyscicielami, ale nie pomoglo. Log z OTL. Z gory dziekuje za wszelka pomoc [log]OTL logfile created on: 2012-08-05 12:18:36 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Vasyl\Moje dokumenty Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,87 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 51,23% Memory free 2,08 Gb Paging File | 1,08 Gb Available in Paging File | 51,80% Paging File free Paging file location(s): C:\pagefile.sys 256 512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 12,77 Gb Total Space | 0,82 Gb Free Space | 6,46% Space Free | Partition Type: NTFS Drive D: | 115,23 Gb Total Space | 0,36 Gb Free Space | 0,31% Space Free | Partition Type: NTFS Drive E: | 78,13 Gb Total Space | 0,18 Gb Free Space | 0,24% Space Free | Partition Type: NTFS Drive G: | 24,42 Gb Total Space | 0,27 Gb Free Space | 1,12% Space Free | Partition Type: NTFS Drive H: | 2,34 Gb Total Space | 0,03 Gb Free Space | 1,35% Space Free | Partition Type: NTFS Drive I: | 538,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: VASYLEQ | User Name: Vasyl | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-05 12:18:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\OTL.exe PRC - [2012-08-04 23:14:50 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2012-08-04 23:14:50 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-06-22 15:34:12 | 002,673,624 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe PRC - [2012-06-22 15:34:12 | 001,118,680 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe PRC - [2012-06-22 14:21:50 | 000,402,368 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe PRC - [2012-06-22 14:21:46 | 000,071,008 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\TFEngine\TFService.exe PRC - [2012-06-22 11:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe PRC - [2012-06-13 11:50:43 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2012-03-13 18:17:38 | 000,274,328 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.271\SSScheduler.exe PRC - [2006-03-03 22:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2004-08-04 01:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-08-04 23:25:41 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll MOD - [2012-06-22 15:34:06 | 000,157,656 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\NetworkLayer\PCTCFHook.dll MOD - [2012-06-22 15:33:48 | 000,091,608 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll MOD - [2012-06-22 11:38:46 | 000,108,504 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\BDT\BSPatch.dll MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll MOD - [2008-05-03 05:46:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2004-08-04 01:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo) SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-06-22 15:34:12 | 001,118,680 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2012-06-22 14:21:50 | 000,402,368 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2012-06-22 14:21:46 | 000,071,008 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files\PC Tools\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire) SRV - [2012-06-22 11:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - [2012-03-13 18:17:38 | 000,237,272 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.271\McCHSvc.exe -- (McComponentHostService) SRV - [2006-03-03 22:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\clcvouk.sys -- (yxwxuisq) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev) DRV - File not found [Kernel | System | Stopped] -- C:\windows\system32\drivers\SBREdrv.sys -- (SBRE) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RKHit.sys -- (RkHit) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\wnpcvnh.sys -- (igby) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\Vasyl\USTAWI~1\Temp\3019.sys -- (3019) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-06-22 15:35:16 | 000,070,568 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg) DRV - [2012-06-22 15:34:52 | 000,203,120 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PCTSD.sys -- (PCTSD) DRV - [2012-06-22 15:29:36 | 000,254,944 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi) DRV - [2012-06-22 14:21:48 | 000,574,424 | --S- | M] (PC Tools) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TFSysMon) DRV - [2012-06-22 14:21:48 | 000,054,328 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon) DRV - [2012-06-22 14:21:48 | 000,035,264 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon) DRV - [2012-06-22 11:39:14 | 000,070,768 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTBD.sys -- (PCTBD) DRV - [2012-04-23 12:36:50 | 000,383,368 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2012-02-28 11:43:06 | 000,909,728 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA) DRV - [2012-02-28 11:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS) DRV - [2011-01-19 17:47:12 | 000,022,504 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135) DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009-02-25 22:53:00 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi) DRV - [2009-02-25 22:50:51 | 000,664,064 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2008-10-31 12:38:08 | 004,942,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008-03-25 05:48:08 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008-03-25 05:48:06 | 000,054,400 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008-02-15 09:15:26 | 000,014,336 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2007-09-28 21:06:00 | 002,456,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-08-29 21:41:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l151x86.sys -- (AtcL001) DRV - [2006-09-19 12:03:28 | 000,116,992 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2006-09-15 12:07:54 | 000,064,000 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (IKANLOADER2) DRV - [2006-07-02 00:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005-09-19 14:28:08 | 000,126,489 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2004-08-13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-04 01:34:10 | 000,188,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI) DRV - [2004-08-03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-03-02 09:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) DRV - [2003-08-04 15:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-08-17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 20:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) DRV - [2001-08-17 20:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) DRV - [2001-08-17 20:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) DRV - [2001-08-17 20:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [url="http://onet.pl"]http://onet.pl[/url] [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012-08-05 11:53:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-24 16:52:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-01 14:44:28 | 000,000,000 | ---D | M] [2009-05-20 19:40:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Extensions [2012-07-19 20:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\extensions [2012-05-08 20:12:37 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} [2011-08-07 23:55:00 | 000,000,000 | ---D | M] (vshare Add-On) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2010-12-01 22:28:04 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\extensions\vshare@toolbar [2012-01-18 23:19:27 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\searchplugins\startsear.xml [2010-11-29 22:07:05 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\searchplugins\web-search.xml [2012-08-03 16:35:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-08-03 16:35:38 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2012-03-13 01:07:39 | 000,686,359 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\VASYL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\SX2STV2P.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI [2010-01-03 06:13:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-04-24 16:52:17 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-16 13:12:03 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-16 13:12:03 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-16 13:12:03 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-16 13:12:03 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-16 13:12:03 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-16 13:12:03 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-08-04 22:59:44 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools) O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Download all by FlashGet3 - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\GetAllUrl.htm () O8 - Extra context menu item: Download by FlashGet3 - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\GetAllUrl.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O15 - HKCU\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} [url="http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab"]http://slimak.onet.p.../ArcaOnline.cab[/url] (MainControl Class) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} [url="http://www.mks.com.pl/skaner/SkanerOnline.cab"]http://www.mks.com.p...kanerOnline.cab[/url] (MksSkanerOnline Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://download.macr...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26B86139-3CD8-439D-AE63-B78FFA73F4F3}: NameServer = 194.204.159.1 194.204.152.34 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2009-02-01 18:57:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-11-25 20:23:40 | 000,000,046 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{4d4cddb2-a7d2-11e0-b54e-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{4d4cddb2-a7d2-11e0-b54e-4d6564696130}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{4d4cddb3-a7d2-11e0-b54e-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{4d4cddb3-a7d2-11e0-b54e-4d6564696130}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{746bd458-f095-11dd-b92f-d08ad07ca6c3}\Shell - "" = AutoRun O33 - MountPoints2\{746bd458-f095-11dd-b92f-d08ad07ca6c3}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{ac9722b2-a873-11e0-b54f-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{ac9722b2-a873-11e0-b54f-4d6564696130}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{ac9722b3-a873-11e0-b54f-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{ac9722b3-a873-11e0-b54f-4d6564696130}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{b196fdec-6d19-11e0-bdba-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{b196fdec-6d19-11e0-bdba-4d6564696130}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-05 12:18:27 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\OTL.exe [2012-08-05 12:05:15 | 000,574,424 | --S- | C] (PC Tools) -- C:\windows\System32\drivers\TfSysMon.sys [2012-08-05 12:05:15 | 000,054,328 | --S- | C] (PC Tools) -- C:\windows\System32\drivers\TfFsMon.sys [2012-08-05 12:05:15 | 000,035,264 | --S- | C] (PC Tools) -- C:\windows\System32\drivers\TfNetMon.sys [2012-08-05 11:53:01 | 002,267,096 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll [2012-08-05 11:53:01 | 001,689,560 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDRes.dll [2012-08-05 11:53:01 | 000,149,464 | ---- | C] (PC Tools) -- C:\windows\SGDetectionTool.dll [2012-08-05 11:53:01 | 000,070,768 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\PCTBD.sys [2012-08-05 11:52:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PC Tools Security [2012-08-05 00:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus [2012-08-05 00:39:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Vasyl\Recent [2012-08-04 23:53:09 | 000,254,944 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctgntdi.sys [2012-08-04 23:53:02 | 000,017,880 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctBTFix.sys [2012-08-04 23:52:54 | 000,070,568 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctplsg.sys [2012-08-04 23:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools [2012-08-04 23:30:56 | 000,909,728 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctEFA.sys [2012-08-04 23:30:56 | 000,342,168 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctDS.sys [2012-08-04 23:30:54 | 000,383,368 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\PCTCore.sys [2012-08-04 23:30:54 | 000,162,584 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\PCTAppEvent.sys [2012-08-04 23:30:53 | 000,203,120 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\PCTSD.sys [2012-08-04 23:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2012-08-04 23:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools [2012-08-04 23:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\TestApp [2012-08-04 23:28:38 | 004,122,616 | ---- | C] (PC Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\sdsetup.exe [2012-08-04 23:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan [2012-08-04 23:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2012-08-04 23:25:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee [2012-08-04 23:25:41 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2012-08-04 23:25:41 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2012-08-04 23:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\Cache [2012-08-04 23:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\Malwarebytes [2012-08-04 23:01:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2012-08-04 23:01:15 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2012-08-04 23:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-08-04 23:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GFI Software [2012-08-04 22:57:01 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Vasyl\Moje dokumenty\mbam-setup-1.62.0.1300.exe [2012-08-04 22:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\Cache.Trash26500 [2012-08-04 22:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\ArcaVirMicroScan [2012-08-04 22:45:21 | 000,260,176 | ---- | C] (ArcaBit) -- C:\Documents and Settings\Vasyl\Moje dokumenty\arcavirmicroscan.exe [2012-08-04 22:06:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Ad-Aware Antivirus [2012-08-04 22:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus [2012-08-04 22:02:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2012-08-04 21:59:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\Ad-Aware Antivirus [2012-08-04 21:58:36 | 005,992,056 | ---- | C] (Lavasoft Limited) -- C:\Documents and Settings\Vasyl\Moje dokumenty\Adaware_2011_Installer_[www.programosy.pl].exe [2012-08-04 20:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\urlfilter_www.Portal24h.pl_21czerwiec2012 [2012-08-04 20:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\CSS [2012-08-04 20:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\Cache.Trash6334 [2012-08-04 20:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\Cache.Trash18467 [2012-08-04 20:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-08-04 20:10:33 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\Vasyl\Moje dokumenty\esetsmartinstaller_plk.exe [2012-08-04 20:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2012-08-04 11:27:02 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Vasyl\M-10-8754-86589-55555 [2012-08-03 16:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\QuickStoresToolbar [2012-08-03 16:24:38 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Vasyl\M-10-6897-8685-3464 [2012-07-30 11:39:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVS4YOU [2012-07-28 01:12:52 | 000,000,000 | ---D | C] -- C:\American.Reunion.UNRATED.DVDRip.XviD-COCAIN [2012-07-15 22:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Menu Start\Programy\Knights & Merchants TPR [2012-07-15 22:55:19 | 000,000,000 | ---D | C] -- C:\Km TPR [2012-07-12 23:04:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\DivX [2012-07-11 18:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\SZALIKI [2012-07-11 13:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Pulpit\SZALIKI [2012-07-10 12:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2012-07-09 21:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\Media Player Classic [2012-07-06 23:17:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\DOTC [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-05 12:18:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\OTL.exe [2012-08-05 12:07:04 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012-08-05 12:05:43 | 001,331,645 | ---- | M] () -- C:\windows\System32\drivers\Cat.DB [2012-08-05 12:00:00 | 000,000,944 | ---- | M] () -- C:\windows\tasks\Ad-Aware Antivirus Scheduled Scan.job [2012-08-05 11:52:11 | 000,001,811 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Spyware Doctor.lnk [2012-08-05 11:50:40 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012-08-05 11:50:34 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2012-08-05 11:50:29 | 000,138,056 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2012-08-05 00:41:27 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk [2012-08-04 23:29:12 | 004,122,616 | ---- | M] (PC Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\sdsetup.exe [2012-08-04 23:25:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2012-08-04 23:25:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2012-08-04 23:01:17 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-08-04 22:59:44 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts [2012-08-04 22:59:18 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Vasyl\Moje dokumenty\mbam-setup-1.62.0.1300.exe [2012-08-04 22:58:11 | 000,000,011 | ---- | M] () -- C:\windows\System\win32in.dll [2012-08-04 22:45:21 | 000,260,176 | ---- | M] (ArcaBit) -- C:\Documents and Settings\Vasyl\Moje dokumenty\arcavirmicroscan.exe [2012-08-04 21:59:09 | 005,992,056 | ---- | M] (Lavasoft Limited) -- C:\Documents and Settings\Vasyl\Moje dokumenty\Adaware_2011_Installer_[www.programosy.pl].exe [2012-08-04 20:18:00 | 000,034,410 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\urlfilter_www.Portal24h.pl_21czerwiec2012.rar [2012-08-04 20:10:50 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Vasyl\Moje dokumenty\esetsmartinstaller_plk.exe [2012-08-04 19:00:07 | 000,000,017 | ---- | M] () -- C:\windows\System\win32out.dll [2012-08-04 11:20:26 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl [2012-08-03 16:35:38 | 000,000,202 | ---- | M] () -- C:\Documents and Settings\Vasyl\Pulpit\QuickStores.url [2012-08-03 16:29:30 | 000,000,994 | ---- | M] () -- C:\Documents and Settings\Vasyl\Pulpit\Continue Download Accelerator Installation.lnk [2012-08-02 23:03:40 | 000,128,512 | ---- | M] () -- C:\Documents and Settings\Vasyl\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-01 21:40:36 | 389,179,395 | ---- | M] () -- C:\Continuum.S01E09.HDTV.x264-2HD.mp4 [2012-07-28 00:51:19 | 000,000,514 | ---- | M] () -- C:\Documents and Settings\Vasyl\Pulpit\Knights & Merchants TPR.lnk [2012-07-25 16:41:10 | 606,306,611 | ---- | M] () -- C:\btis_christie_dayna_480p_2000.mp4 [2012-07-23 23:20:27 | 000,224,799 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\anigif_enhanced-buzz-18959-1342715250-0.gif [2012-07-23 19:50:56 | 000,622,090 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\couples.seeking.teens.5.xxx_s.jpg [2012-07-18 22:30:13 | 423,036,633 | ---- | M] () -- C:\dirty_minds_big.mp4 [2012-07-15 22:25:22 | 001,064,924 | ---- | M] ( ) -- C:\Documents and Settings\Vasyl\Moje dokumenty\sr2_polish.exe [2012-07-14 22:03:07 | 000,013,324 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Nowy Dokument sformatowany (2).rtf [2012-07-14 21:01:13 | 000,021,589 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\21a.odt [2012-07-14 11:24:14 | 000,021,391 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Nowy OpenDocument Dokument tekstowy (2).odt [2012-07-13 19:49:54 | 000,040,581 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\2489084240.jpeg [2012-07-13 13:55:28 | 000,040,581 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\o06w03.jpg [2012-07-13 12:10:52 | 000,123,070 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\proj_Kar_cu3.CDR [2012-07-12 23:01:26 | 000,034,496 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Three_Stooges_The_2012_(NAPISY-121380).NS.zip [2012-07-12 13:41:32 | 002,761,431 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\proj_Kar_cu3_wizual.pdf [2012-07-11 14:54:32 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Vasyl\.gtk-bookmarks [2012-07-11 11:44:01 | 000,016,112 | ---- | M] () -- C:\Documents and Settings\Vasyl\Pulpit\sciaga-39829.rtf [2012-07-10 15:56:50 | 000,034,894 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\bigkolbbialy0gf1pl.jpg [2012-07-10 12:07:37 | 000,178,820 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\476naszczesciepodkowast.png [2012-07-10 12:07:33 | 000,032,328 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\bigkolbbialy01pl.jpg [2012-07-09 17:24:55 | 000,051,259 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\dekoracje_15.jpg [2012-07-09 17:13:09 | 000,110,708 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\skanuj0002.jpg [2012-07-09 17:13:06 | 000,155,610 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\skanuj0001.jpg [2012-07-08 16:21:42 | 004,219,090 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\czytania.pdf [2012-07-07 19:54:09 | 000,028,115 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\ring_4_-_4.jpg [2012-07-07 19:54:06 | 000,049,203 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\ring_4_-_3.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-05 11:53:01 | 000,767,960 | ---- | C] () -- C:\windows\BDTSupport.dll [2012-08-05 11:53:01 | 000,003,488 | ---- | C] () -- C:\windows\UDB.zip [2012-08-05 11:53:01 | 000,000,882 | ---- | C] () -- C:\windows\RegSDImport.xml [2012-08-05 11:53:01 | 000,000,879 | ---- | C] () -- C:\windows\RegISSImport.xml [2012-08-05 11:53:01 | 000,000,131 | ---- | C] () -- C:\windows\IDB.zip [2012-08-04 23:53:02 | 000,001,811 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Spyware Doctor.lnk [2012-08-04 23:30:57 | 001,331,645 | ---- | C] () -- C:\windows\System32\drivers\Cat.DB [2012-08-04 23:25:43 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk [2012-08-04 23:01:17 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-08-04 22:47:44 | 000,000,944 | ---- | C] () -- C:\windows\tasks\Ad-Aware Antivirus Scheduled Scan.job [2012-08-04 20:18:00 | 000,034,410 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\urlfilter_www.Portal24h.pl_21czerwiec2012.rar [2012-08-04 20:17:17 | 000,087,095 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\urlfilter.ini [2012-08-04 20:17:17 | 000,000,050 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\pobrano z www.Portal24h.pl.url [2012-08-03 16:35:38 | 000,000,202 | ---- | C] () -- C:\Documents and Settings\Vasyl\Pulpit\QuickStores.url [2012-08-03 16:29:30 | 000,000,994 | ---- | C] () -- C:\Documents and Settings\Vasyl\Pulpit\Continue Download Accelerator Installation.lnk [2012-08-01 19:49:30 | 389,179,395 | ---- | C] () -- C:\Continuum.S01E09.HDTV.x264-2HD.mp4 [2012-07-23 23:17:31 | 000,224,799 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\anigif_enhanced-buzz-18959-1342715250-0.gif [2012-07-23 21:37:54 | 606,306,611 | ---- | C] () -- C:\btis_christie_dayna_480p_2000.mp4 [2012-07-23 19:50:53 | 000,622,090 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\couples.seeking.teens.5.xxx_s.jpg [2012-07-18 20:29:25 | 423,036,633 | ---- | C] () -- C:\dirty_minds_big.mp4 [2012-07-15 22:55:45 | 000,000,514 | ---- | C] () -- C:\Documents and Settings\Vasyl\Pulpit\Knights & Merchants TPR.lnk [2012-07-15 22:54:51 | 146,262,815 | R--- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Knights&Merchants.exe [2012-07-15 22:25:16 | 001,064,924 | ---- | C] ( ) -- C:\Documents and Settings\Vasyl\Moje dokumenty\sr2_polish.exe [2012-07-14 22:01:53 | 000,013,324 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Nowy Dokument sformatowany (2).rtf [2012-07-13 19:49:54 | 000,040,581 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\2489084240.jpeg [2012-07-13 13:55:28 | 000,040,581 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\o06w03.jpg [2012-07-13 12:10:52 | 000,123,070 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\proj_Kar_cu3.CDR [2012-07-13 11:54:30 | 000,021,391 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Nowy OpenDocument Dokument tekstowy (2).odt [2012-07-12 23:01:26 | 000,034,496 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Three_Stooges_The_2012_(NAPISY-121380).NS.zip [2012-07-12 15:09:25 | 000,021,589 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\21a.odt [2012-07-12 13:41:31 | 002,761,431 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\proj_Kar_cu3_wizual.pdf [2012-07-11 11:43:43 | 000,016,112 | ---- | C] () -- C:\Documents and Settings\Vasyl\Pulpit\sciaga-39829.rtf [2012-07-10 15:56:50 | 000,034,894 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\bigkolbbialy0gf1pl.jpg [2012-07-10 12:07:37 | 000,178,820 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\476naszczesciepodkowast.png [2012-07-10 12:07:33 | 000,032,328 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\bigkolbbialy01pl.jpg [2012-07-09 17:24:55 | 000,051,259 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\dekoracje_15.jpg [2012-07-09 17:13:43 | 000,110,708 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\skanuj0002.jpg [2012-07-08 16:21:41 | 004,219,090 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\czytania.pdf [2012-07-07 19:54:09 | 000,028,115 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\ring_4_-_4.jpg [2012-07-07 19:54:06 | 000,049,203 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\ring_4_-_3.jpg [2012-06-04 20:16:21 | 000,001,409 | ---- | C] () -- C:\windows\System32\settings.dll [2012-01-04 21:21:12 | 000,000,032 | ---- | C] () -- C:\windows\System32\nvapicom.dat.dll [2012-01-04 07:13:22 | 003,158,016 | ---- | C] () -- C:\windows\System32\calcsvr.exe [2012-01-04 07:07:40 | 001,094,144 | ---- | C] () -- C:\windows\System32\ssdpx86.dll [2011-11-22 18:55:38 | 000,000,078 | ---- | C] () -- C:\windows\niepal.INI [2011-11-02 20:08:18 | 000,034,872 | ---- | C] () -- C:\windows\scunin.dat [2011-07-03 14:40:15 | 000,000,008 | ---- | C] () -- C:\windows\System32\nvModes.dat [2011-06-19 14:48:50 | 000,073,216 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2011-05-15 18:40:41 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat [2011-04-19 23:10:32 | 000,059,904 | ---- | C] () -- C:\windows\System32\OVDecode.dll [2011-04-06 01:26:13 | 000,000,204 | ---- | C] () -- C:\windows\System32\secustat.dat [2011-04-06 01:26:05 | 000,000,025 | ---- | C] () -- C:\windows\libem.INI [2010-09-14 23:49:41 | 000,009,879 | ---- | C] () -- C:\windows\System32\mswyneore.dll [2010-09-12 04:30:02 | 000,151,552 | ---- | C] () -- C:\windows\System32\mssyceord.dll [2009-09-26 11:25:52 | 000,069,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-06-05 18:45:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Vasyl\.gtk-bookmarks [2009-06-05 18:43:56 | 000,159,745 | ---- | C] () -- C:\Documents and Settings\Vasyl\.fonts.cache-1 [2009-02-01 21:42:29 | 000,128,512 | ---- | C] () -- C:\Documents and Settings\Vasyl\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:DFC5A2B2 @Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:667565EE @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:8303F807 @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:430C6D84 < End of report >[/log]
Gość komentarz 5 sierpnia 2012 komentarz 5 sierpnia 2012 (edytowane) 1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b] Wklej [code] :OTL DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RKHit.sys -- (RkHit) DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\clcvouk.sys -- (yxwxuisq) DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\wnpcvnh.sys -- (igby) DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\Vasyl\USTAWI~1\Temp\3019.sys -- (3019) O33 - MountPoints2\{4d4cddb2-a7d2-11e0-b54e-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{4d4cddb2-a7d2-11e0-b54e-4d6564696130}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{4d4cddb3-a7d2-11e0-b54e-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{4d4cddb3-a7d2-11e0-b54e-4d6564696130}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{746bd458-f095-11dd-b92f-d08ad07ca6c3}\Shell - "" = AutoRun O33 - MountPoints2\{746bd458-f095-11dd-b92f-d08ad07ca6c3}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{ac9722b2-a873-11e0-b54f-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{ac9722b2-a873-11e0-b54f-4d6564696130}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{ac9722b3-a873-11e0-b54f-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{ac9722b3-a873-11e0-b54f-4d6564696130}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe O33 - MountPoints2\{b196fdec-6d19-11e0-bdba-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{b196fdec-6d19-11e0-bdba-4d6564696130}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe :Commands [emptytemp] [/code] Kliknij [b]Wykonaj skrypt[/b] 2.Użyj adwcleaner-a [url="http://general-changelog-team.fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner"]http://general-chang...de/2-adwcleaner[/url] Opcja delete 3.Podaj nowe logi z otl nowe logi niech sprawdzi ci natsuki kuga bo się lepiej zna. 1
proszeopomoc3 komentarz 5 sierpnia 2012 Autor komentarz 5 sierpnia 2012 (edytowane) Nie pomoglo. Reklama wyskakuje dalej. Nowy log z OTL: [log]OTL logfile created on: 2012-08-05 16:04:32 - Run 2 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Vasyl\Moje dokumenty Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,87 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 46,75% Memory free 1,97 Gb Paging File | 1,17 Gb Available in Paging File | 59,12% Paging File free Paging file location(s): C:\pagefile.sys 256 512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 12,77 Gb Total Space | 0,90 Gb Free Space | 7,04% Space Free | Partition Type: NTFS Drive D: | 115,23 Gb Total Space | 0,34 Gb Free Space | 0,29% Space Free | Partition Type: NTFS Drive E: | 78,13 Gb Total Space | 0,18 Gb Free Space | 0,24% Space Free | Partition Type: NTFS Drive G: | 24,42 Gb Total Space | 0,27 Gb Free Space | 1,12% Space Free | Partition Type: NTFS Drive H: | 2,34 Gb Total Space | 0,03 Gb Free Space | 1,35% Space Free | Partition Type: NTFS Drive I: | 538,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: VASYLEQ | User Name: Vasyl | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Vasyl\Moje dokumenty\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Opera\opera.exe (Opera Software) PRC - C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe (Opera Software) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools) PRC - C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe (PC Tools) PRC - C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe (PC Tools) PRC - C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.) PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) PRC - C:\WINDOWS\system32\HPZipm12.exe (HP) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll () MOD - C:\Program Files\PC Tools\PC Tools Security\NetworkLayer\PCTCFHook.dll () MOD - C:\Program Files\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll () MOD - C:\Program Files\PC Tools\PC Tools Security\BDT\BSPatch.dll () MOD - C:\Program Files\Unlocker\UnlockerCOM.dll () MOD - C:\WINDOWS\system32\nvshell.dll () MOD - C:\WINDOWS\system32\msdmo.dll () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (RichVideo) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe File not found SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (sdCoreService) -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe (PC Tools) SRV - (sdAuxService) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe (PC Tools) SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.271\McCHSvc.exe (McAfee, Inc.) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (WDICA) -- File not found DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found DRV - (TfNetMon) -- C:\windows\system32\drivers\TfNetMon.sys File not found DRV - (SBRE) -- C:\windows\system32\drivers\SBREdrv.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found DRV - (PCAMPR5) -- C:\WINDOWS\system32\PCAMPR5.SYS File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (pctplsg) -- C:\WINDOWS\system32\drivers\pctplsg.sys (PC Tools) DRV - (PCTSD) -- C:\WINDOWS\system32\drivers\PCTSD.sys (PC Tools) DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools) DRV - (PCTBD) -- C:\WINDOWS\system32\drivers\PCTBD.sys (PC Tools) DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools) DRV - (pctEFA) -- C:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools) DRV - (pctDS) -- C:\WINDOWS\system32\drivers\pctDS.sys (PC Tools) DRV - (cpuz135) -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys (CPUID) DRV - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys () DRV - (dtscsi) -- C:\WINDOWS\system32\drivers\dtscsi.sys () DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys () DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation) DRV - (nvsmu) -- C:\WINDOWS\system32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (AtcL001) -- C:\WINDOWS\system32\drivers\l151x86.sys (Atheros Communications, Inc.) DRV - (e4usbaw) -- C:\WINDOWS\system32\drivers\e4usbaw.sys (Analog Devices Inc.) DRV - (IKANLOADER2) -- C:\WINDOWS\system32\drivers\e4ldr.sys (Analog Deivces) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (adiusbaw) -- C:\WINDOWS\system32\drivers\adiusbaw.sys (Analog Devices Inc.) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys () DRV - (ACPI) -- C:\WINDOWS\system32\drivers\acpi.sys () DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (ADILOADER) -- C:\WINDOWS\system32\drivers\adildr.sys (Analog Deivces) DRV - (PCANDIS5) -- C:\WINDOWS\system32\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (sfman) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.) DRV - (emu10k1) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.) DRV - (emu10k) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.) DRV - (ctljystk) -- C:\WINDOWS\system32\drivers\ctljystk.sys (Creative Technology Ltd.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [url="http://onet.pl"]http://onet.pl[/url] [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012-08-05 11:53:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-24 16:52:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-01 14:44:28 | 000,000,000 | ---D | M] [2009-05-20 19:40:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Extensions [2012-07-19 20:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\extensions [2012-05-08 20:12:37 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} [2011-08-07 23:55:00 | 000,000,000 | ---D | M] (vshare Add-On) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2010-12-01 22:28:04 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\extensions\vshare@toolbar [2012-01-18 23:19:27 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\searchplugins\startsear.xml [2010-11-29 22:07:05 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\Vasyl\Dane aplikacji\Mozilla\Firefox\Profiles\sx2stv2p.default\searchplugins\web-search.xml [2012-08-05 16:00:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-03-13 01:07:39 | 000,686,359 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\VASYL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\SX2STV2P.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI [2010-01-03 06:13:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-04-24 16:52:17 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-16 13:12:03 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-16 13:12:03 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-16 13:12:03 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-16 13:12:03 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-16 13:12:03 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-16 13:12:03 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-08-04 22:59:44 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools) O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Download all by FlashGet3 - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\GetAllUrl.htm () O8 - Extra context menu item: Download by FlashGet3 - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Vasyl\Dane aplikacji\FlashGetBHO\GetAllUrl.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O15 - HKCU\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} [url="http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab"]http://slimak.onet.p.../ArcaOnline.cab[/url] (MainControl Class) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} [url="http://www.mks.com.pl/skaner/SkanerOnline.cab"]http://www.mks.com.p...kanerOnline.cab[/url] (MksSkanerOnline Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://download.macr...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26B86139-3CD8-439D-AE63-B78FFA73F4F3}: NameServer = 194.204.159.1 194.204.152.34 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2009-02-01 18:57:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-11-25 20:23:40 | 000,000,046 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-05 15:53:20 | 000,000,000 | ---D | C] -- C:\_OTL [2012-08-05 12:18:27 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\OTL.exe [2012-08-05 11:53:01 | 002,267,096 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll [2012-08-05 11:53:01 | 001,689,560 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDRes.dll [2012-08-05 11:53:01 | 000,149,464 | ---- | C] (PC Tools) -- C:\windows\SGDetectionTool.dll [2012-08-05 11:53:01 | 000,070,768 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\PCTBD.sys [2012-08-05 11:52:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PC Tools Security [2012-08-05 00:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus [2012-08-05 00:39:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Vasyl\Recent [2012-08-04 23:53:09 | 000,254,944 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctgntdi.sys [2012-08-04 23:53:02 | 000,017,880 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctBTFix.sys [2012-08-04 23:52:54 | 000,070,568 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctplsg.sys [2012-08-04 23:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools [2012-08-04 23:30:56 | 000,909,728 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctEFA.sys [2012-08-04 23:30:56 | 000,342,168 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\pctDS.sys [2012-08-04 23:30:54 | 000,383,368 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\PCTCore.sys [2012-08-04 23:30:54 | 000,162,584 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\PCTAppEvent.sys [2012-08-04 23:30:53 | 000,203,120 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\PCTSD.sys [2012-08-04 23:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2012-08-04 23:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools [2012-08-04 23:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\TestApp [2012-08-04 23:28:38 | 004,122,616 | ---- | C] (PC Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\sdsetup.exe [2012-08-04 23:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan [2012-08-04 23:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2012-08-04 23:25:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee [2012-08-04 23:25:41 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2012-08-04 23:25:41 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2012-08-04 23:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\Cache [2012-08-04 23:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\Malwarebytes [2012-08-04 23:01:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2012-08-04 23:01:15 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2012-08-04 23:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-08-04 23:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GFI Software [2012-08-04 22:57:01 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Vasyl\Moje dokumenty\mbam-setup-1.62.0.1300.exe [2012-08-04 22:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\Cache.Trash26500 [2012-08-04 22:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\ArcaVirMicroScan [2012-08-04 22:45:21 | 000,260,176 | ---- | C] (ArcaBit) -- C:\Documents and Settings\Vasyl\Moje dokumenty\arcavirmicroscan.exe [2012-08-04 22:06:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Ad-Aware Antivirus [2012-08-04 22:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus [2012-08-04 22:02:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2012-08-04 21:59:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\Ad-Aware Antivirus [2012-08-04 21:58:36 | 005,992,056 | ---- | C] (Lavasoft Limited) -- C:\Documents and Settings\Vasyl\Moje dokumenty\Adaware_2011_Installer_[www.programosy.pl].exe [2012-08-04 20:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\urlfilter_www.Portal24h.pl_21czerwiec2012 [2012-08-04 20:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\CSS [2012-08-04 20:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\Cache.Trash6334 [2012-08-04 20:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\Cache.Trash18467 [2012-08-04 20:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-08-04 20:10:33 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\Vasyl\Moje dokumenty\esetsmartinstaller_plk.exe [2012-08-04 20:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2012-08-04 11:27:02 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Vasyl\M-10-8754-86589-55555 [2012-08-03 16:24:38 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Vasyl\M-10-6897-8685-3464 [2012-07-30 11:39:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVS4YOU [2012-07-28 01:12:52 | 000,000,000 | ---D | C] -- C:\American.Reunion.UNRATED.DVDRip.XviD-COCAIN [2012-07-15 22:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Menu Start\Programy\Knights & Merchants TPR [2012-07-15 22:55:19 | 000,000,000 | ---D | C] -- C:\Km TPR [2012-07-12 23:04:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\DivX [2012-07-11 18:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\SZALIKI [2012-07-11 13:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Pulpit\SZALIKI [2012-07-10 12:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2012-07-09 21:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Dane aplikacji\Media Player Classic [2012-07-06 23:17:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vasyl\Moje dokumenty\DOTC [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-05 16:07:00 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012-08-05 16:02:03 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012-08-05 16:02:01 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2012-08-05 16:00:26 | 000,614,903 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\adwcleaner.exe [2012-08-05 15:57:29 | 000,870,419 | ---- | M] () -- C:\windows\System32\drivers\Cat.DB [2012-08-05 13:33:09 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\PC Tools Spyware Doctor (Setup exe.).exe [2012-08-05 12:18:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\OTL.exe [2012-08-05 12:00:00 | 000,000,944 | ---- | M] () -- C:\windows\tasks\Ad-Aware Antivirus Scheduled Scan.job [2012-08-05 11:52:11 | 000,001,811 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Spyware Doctor.lnk [2012-08-05 11:50:29 | 000,138,056 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2012-08-05 00:41:27 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk [2012-08-04 23:29:12 | 004,122,616 | ---- | M] (PC Tools) -- C:\Documents and Settings\Vasyl\Moje dokumenty\sdsetup.exe [2012-08-04 23:25:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2012-08-04 23:25:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2012-08-04 23:01:17 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-08-04 22:59:44 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts [2012-08-04 22:59:18 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Vasyl\Moje dokumenty\mbam-setup-1.62.0.1300.exe [2012-08-04 22:58:11 | 000,000,011 | ---- | M] () -- C:\windows\System\win32in.dll [2012-08-04 22:45:21 | 000,260,176 | ---- | M] (ArcaBit) -- C:\Documents and Settings\Vasyl\Moje dokumenty\arcavirmicroscan.exe [2012-08-04 21:59:09 | 005,992,056 | ---- | M] (Lavasoft Limited) -- C:\Documents and Settings\Vasyl\Moje dokumenty\Adaware_2011_Installer_[www.programosy.pl].exe [2012-08-04 20:18:00 | 000,034,410 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\urlfilter_www.Portal24h.pl_21czerwiec2012.rar [2012-08-04 20:10:50 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Vasyl\Moje dokumenty\esetsmartinstaller_plk.exe [2012-08-04 19:00:07 | 000,000,017 | ---- | M] () -- C:\windows\System\win32out.dll [2012-08-04 11:20:26 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl [2012-08-03 16:29:30 | 000,000,994 | ---- | M] () -- C:\Documents and Settings\Vasyl\Pulpit\Continue Download Accelerator Installation.lnk [2012-08-02 23:03:40 | 000,128,512 | ---- | M] () -- C:\Documents and Settings\Vasyl\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-01 21:40:36 | 389,179,395 | ---- | M] () -- C:\Continuum.S01E09.HDTV.x264-2HD.mp4 [2012-07-28 00:51:19 | 000,000,514 | ---- | M] () -- C:\Documents and Settings\Vasyl\Pulpit\Knights & Merchants TPR.lnk [2012-07-25 16:41:10 | 606,306,611 | ---- | M] () -- C:\btis_christie_dayna_480p_2000.mp4 [2012-07-23 23:20:27 | 000,224,799 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\anigif_enhanced-buzz-18959-1342715250-0.gif [2012-07-23 19:50:56 | 000,622,090 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\couples.seeking.teens.5.xxx_s.jpg [2012-07-18 22:30:13 | 423,036,633 | ---- | M] () -- C:\dirty_minds_big.mp4 [2012-07-15 22:25:22 | 001,064,924 | ---- | M] ( ) -- C:\Documents and Settings\Vasyl\Moje dokumenty\sr2_polish.exe [2012-07-14 22:03:07 | 000,013,324 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Nowy Dokument sformatowany (2).rtf [2012-07-14 21:01:13 | 000,021,589 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\21a.odt [2012-07-14 11:24:14 | 000,021,391 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Nowy OpenDocument Dokument tekstowy (2).odt [2012-07-13 19:49:54 | 000,040,581 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\2489084240.jpeg [2012-07-13 13:55:28 | 000,040,581 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\o06w03.jpg [2012-07-13 12:10:52 | 000,123,070 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\proj_Kar_cu3.CDR [2012-07-12 23:01:26 | 000,034,496 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Three_Stooges_The_2012_(NAPISY-121380).NS.zip [2012-07-12 13:41:32 | 002,761,431 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\proj_Kar_cu3_wizual.pdf [2012-07-11 14:54:32 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Vasyl\.gtk-bookmarks [2012-07-11 11:44:01 | 000,016,112 | ---- | M] () -- C:\Documents and Settings\Vasyl\Pulpit\sciaga-39829.rtf [2012-07-10 15:56:50 | 000,034,894 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\bigkolbbialy0gf1pl.jpg [2012-07-10 12:07:37 | 000,178,820 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\476naszczesciepodkowast.png [2012-07-10 12:07:33 | 000,032,328 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\bigkolbbialy01pl.jpg [2012-07-09 17:24:55 | 000,051,259 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\dekoracje_15.jpg [2012-07-09 17:13:09 | 000,110,708 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\skanuj0002.jpg [2012-07-09 17:13:06 | 000,155,610 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\skanuj0001.jpg [2012-07-08 16:21:42 | 004,219,090 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\czytania.pdf [2012-07-07 19:54:09 | 000,028,115 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\ring_4_-_4.jpg [2012-07-07 19:54:06 | 000,049,203 | ---- | M] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\ring_4_-_3.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-05 14:27:22 | 000,614,903 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\adwcleaner.exe [2012-08-05 13:33:08 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\PC Tools Spyware Doctor (Setup exe.).exe [2012-08-05 11:53:01 | 000,767,960 | ---- | C] () -- C:\windows\BDTSupport.dll [2012-08-05 11:53:01 | 000,003,488 | ---- | C] () -- C:\windows\UDB.zip [2012-08-05 11:53:01 | 000,000,882 | ---- | C] () -- C:\windows\RegSDImport.xml [2012-08-05 11:53:01 | 000,000,879 | ---- | C] () -- C:\windows\RegISSImport.xml [2012-08-05 11:53:01 | 000,000,131 | ---- | C] () -- C:\windows\IDB.zip [2012-08-04 23:53:02 | 000,001,811 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Spyware Doctor.lnk [2012-08-04 23:30:57 | 000,870,419 | ---- | C] () -- C:\windows\System32\drivers\Cat.DB [2012-08-04 23:25:43 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk [2012-08-04 23:01:17 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-08-04 22:47:44 | 000,000,944 | ---- | C] () -- C:\windows\tasks\Ad-Aware Antivirus Scheduled Scan.job [2012-08-04 20:18:00 | 000,034,410 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\urlfilter_www.Portal24h.pl_21czerwiec2012.rar [2012-08-04 20:17:17 | 000,087,095 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\urlfilter.ini [2012-08-04 20:17:17 | 000,000,050 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\pobrano z www.Portal24h.pl.url [2012-08-03 16:29:30 | 000,000,994 | ---- | C] () -- C:\Documents and Settings\Vasyl\Pulpit\Continue Download Accelerator Installation.lnk [2012-08-01 19:49:30 | 389,179,395 | ---- | C] () -- C:\Continuum.S01E09.HDTV.x264-2HD.mp4 [2012-07-23 23:17:31 | 000,224,799 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\anigif_enhanced-buzz-18959-1342715250-0.gif [2012-07-23 21:37:54 | 606,306,611 | ---- | C] () -- C:\btis_christie_dayna_480p_2000.mp4 [2012-07-23 19:50:53 | 000,622,090 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\couples.seeking.teens.5.xxx_s.jpg [2012-07-18 20:29:25 | 423,036,633 | ---- | C] () -- C:\dirty_minds_big.mp4 [2012-07-15 22:55:45 | 000,000,514 | ---- | C] () -- C:\Documents and Settings\Vasyl\Pulpit\Knights & Merchants TPR.lnk [2012-07-15 22:54:51 | 146,262,815 | R--- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Knights&Merchants.exe [2012-07-15 22:25:16 | 001,064,924 | ---- | C] ( ) -- C:\Documents and Settings\Vasyl\Moje dokumenty\sr2_polish.exe [2012-07-14 22:01:53 | 000,013,324 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Nowy Dokument sformatowany (2).rtf [2012-07-13 19:49:54 | 000,040,581 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\2489084240.jpeg [2012-07-13 13:55:28 | 000,040,581 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\o06w03.jpg [2012-07-13 12:10:52 | 000,123,070 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\proj_Kar_cu3.CDR [2012-07-13 11:54:30 | 000,021,391 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Nowy OpenDocument Dokument tekstowy (2).odt [2012-07-12 23:01:26 | 000,034,496 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\Three_Stooges_The_2012_(NAPISY-121380).NS.zip [2012-07-12 15:09:25 | 000,021,589 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\21a.odt [2012-07-12 13:41:31 | 002,761,431 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\proj_Kar_cu3_wizual.pdf [2012-07-11 11:43:43 | 000,016,112 | ---- | C] () -- C:\Documents and Settings\Vasyl\Pulpit\sciaga-39829.rtf [2012-07-10 15:56:50 | 000,034,894 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\bigkolbbialy0gf1pl.jpg [2012-07-10 12:07:37 | 000,178,820 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\476naszczesciepodkowast.png [2012-07-10 12:07:33 | 000,032,328 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\bigkolbbialy01pl.jpg [2012-07-09 17:24:55 | 000,051,259 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\dekoracje_15.jpg [2012-07-09 17:13:43 | 000,110,708 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\skanuj0002.jpg [2012-07-08 16:21:41 | 004,219,090 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\czytania.pdf [2012-07-07 19:54:09 | 000,028,115 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\ring_4_-_4.jpg [2012-07-07 19:54:06 | 000,049,203 | ---- | C] () -- C:\Documents and Settings\Vasyl\Moje dokumenty\ring_4_-_3.jpg [2012-06-04 20:16:21 | 000,001,409 | ---- | C] () -- C:\windows\System32\settings.dll [2012-01-04 21:21:12 | 000,000,032 | ---- | C] () -- C:\windows\System32\nvapicom.dat.dll [2012-01-04 07:13:22 | 003,158,016 | ---- | C] () -- C:\windows\System32\calcsvr.exe [2012-01-04 07:07:40 | 001,094,144 | ---- | C] () -- C:\windows\System32\ssdpx86.dll [2011-11-22 18:55:38 | 000,000,078 | ---- | C] () -- C:\windows\niepal.INI [2011-11-02 20:08:18 | 000,034,872 | ---- | C] () -- C:\windows\scunin.dat [2011-07-03 14:40:15 | 000,000,008 | ---- | C] () -- C:\windows\System32\nvModes.dat [2011-06-19 14:48:50 | 000,073,216 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2011-05-15 18:40:41 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat [2011-04-19 23:10:32 | 000,059,904 | ---- | C] () -- C:\windows\System32\OVDecode.dll [2011-04-06 01:26:13 | 000,000,204 | ---- | C] () -- C:\windows\System32\secustat.dat [2011-04-06 01:26:05 | 000,000,025 | ---- | C] () -- C:\windows\libem.INI [2010-09-14 23:49:41 | 000,009,879 | ---- | C] () -- C:\windows\System32\mswyneore.dll [2010-09-12 04:30:02 | 000,151,552 | ---- | C] () -- C:\windows\System32\mssyceord.dll [2009-09-26 11:25:52 | 000,069,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-06-05 18:45:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Vasyl\.gtk-bookmarks [2009-06-05 18:43:56 | 000,159,745 | ---- | C] () -- C:\Documents and Settings\Vasyl\.fonts.cache-1 [2009-02-01 21:42:29 | 000,128,512 | ---- | C] () -- C:\Documents and Settings\Vasyl\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:DFC5A2B2 @Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:667565EE @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:8303F807 @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:430C6D84 < End of report >[/log]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.