Forum komputerowe PC Town :: Zobacz temat - Bardzo proszę o analizę loga z Hijackthis

Forum PC Town

Strona Główna

FAQ

Szukaj

Użytkownicy

Grupy

Rejestracja

Zaloguj

Forum komputerowe PC Town Strona Główna » Kompiradło » Bezpieczeństwo w sieci » Analiza logów » Bardzo proszę o analizę loga z Hijackthis - help

Poprzedni temat :: Następny temat

Bardzo proszę o analizę loga z Hijackthis - help

Autor

Wiadomość

lordbarth

Wysłany: 2010-03-04, 19:30

Próbowałem nainstalować windę z innej płyty ale na samym początku wyskoczył błąd że nie można skopiować pliku a8n3mljo.sys i pytanie czy pominąć plik, próbować ponownie czy zakończyć instalację - próbowałem ponownie ale nic, nie wiem na ile ważny to plik bo nie mogę o nim nic znaleźć w sieci Nie wiem co w takiej sytuacji robić. Płyta ok - dopiero co z niej instalowałem windę na innym kompie.

@Blade@

Pomógł: 8 razy

Wysłany: 2010-03-04, 20:05

No to daj pomiń.
_________________

lordbarth

Wysłany: 2010-03-04, 20:22

Niestety nie powiodło się, po chwili napisał na czarnym tle "brak pliku..... " - nie można kontynuować instalacji i tyle

ExeQtoR

Moderator

Pomógł: 36 razy
Skąd: K.P.

Wysłany: 2010-03-04, 20:34

masz płytę czyszczącą ? albo możesz rozebrać CD-rom mi takie coś wyskakiwało... przeczyściłem laser płytkę delikatnie przetarłem i poszło )
_________________ Moderatora grzecznie się słuchamy, nie spamujemy, nie bluzgamy...

lordbarth

Wysłany: 2010-03-08, 18:01

Więc tak - wrzuciłem inną kopię, nainstalowałem windę od nowa i tu porażka - przedtem był home a teraz mam drugi - profesional, tyle że nic nie śmiga bo brak do więksozści urzadzeń sterowników - wkurzyłem sie i zainstaluję wszystko od nowa, skombinowałem duzy dysk, zrzuciłem tam wszystko co ważne ale zanim zrobię reinstal to proszę jeszcze o sprawdzenie loga z kompa z podpiętymi dyskami, bo obawiam się że na nich może być co nieco syfu - niby wczesniej przejechałem je mailwarebytesem ale coś tam nie mógł i tak usunąć. Proszę więc jeszcze raz o analizę i ewentualną pomoc w oczyszczeniu tych pamięci, a sam komp zrobię i tak od nowa. OTL logfile created on: 2010-03-08 21:24:23 - Run 1 OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 \| Country: Polska \| Language: PLK \| Date Format: yyyy-MM-dd 502,00 Mb Total Physical Memory \| 377,00 Mb Available Physical Memory \| 75,00% Memory free 1,00 Gb Paging File \| 1,00 Gb Available in Paging File \| 95,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 74,53 Gb Total Space \| 46,67 Gb Free Space \| 62,62% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded Drive E: \| 183,60 Gb Total Space \| 85,25 Gb Free Space \| 46,43% Space Free \| Partition Type: NTFS Drive F: \| 49,27 Gb Total Space \| 6,01 Gb Free Space \| 12,21% Space Free \| Partition Type: FAT32 Drive G: \| 3,76 Gb Total Space \| 1,72 Gb Free Space \| 45,83% Space Free \| Partition Type: FAT32 Drive H: \| 122,51 Mb Total Space \| 122,51 Mb Free Space \| 100,00% Space Free \| Partition Type: FAT32 I: Drive not present or media not loaded Computer Name: GADŻET Current User Name: Administrator Logged in as Administrator. Current Boot Mode: SafeMode Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-02-27 16:18:08 \| 000,549,888 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2008-04-14 18:21:16 \| 001,035,264 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-02-07 16:35:58 \| 000,163,840 \| ---- \| M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe ========== Modules (SafeList) ========== MOD - [2010-02-27 16:18:08 \| 000,549,888 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe MOD - [2008-04-14 18:20:35 \| 000,586,240 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll MOD - [2008-04-14 18:20:34 \| 000,019,968 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll ========== Win32 Services (SafeList) ========== SRV - [2010-02-11 19:53:39 \| 000,040,384 \| ---- \| M] (ALWIL Software) [On_Demand \| Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-02-11 19:53:39 \| 000,040,384 \| ---- \| M] (ALWIL Software) [On_Demand \| Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-02-11 19:53:39 \| 000,040,384 \| ---- \| M] (ALWIL Software) [Auto \| Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-02-10 15:33:16 \| 000,194,032 \| ---- \| M] (Google) [Auto \| Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2010-02-10 14:35:52 \| 000,135,664 \| ---- \| M] (Google Inc.) [Auto \| Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate) SRV - [2006-05-25 17:30:16 \| 000,114,688 \| ---- \| M] (TOSHIBA Corporation) [Auto \| Stopped] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv) SRV - [2005-11-28 11:31:32 \| 000,540,745 \| ---- \| M] (Intel Corporation ) [Auto \| Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2005-11-28 11:29:00 \| 000,114,753 \| ---- \| M] (Intel Corporation) [Auto \| Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2005-11-28 11:28:14 \| 000,217,164 \| ---- \| M] (Intel Corporation) [Auto \| Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005-01-18 00:38:38 \| 000,040,960 \| ---- \| M] (TOSHIBA CORPORATION) [Auto \| Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004-07-15 00:49:26 \| 000,032,768 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state) SRV - [2003-07-28 19:28:22 \| 000,089,136 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2010-02-11 19:42:34 \| 000,046,672 \| ---- \| M] (ALWIL Software) [Kernel \| System \| Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-02-11 19:42:13 \| 000,162,512 \| ---- \| M] (ALWIL Software) [Kernel \| System \| Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2010-02-11 19:39:01 \| 000,023,376 \| ---- \| M] (ALWIL Software) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-02-11 19:38:34 \| 000,100,432 \| ---- \| M] (ALWIL Software) [File_System \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-02-11 19:38:23 \| 000,019,024 \| ---- \| M] (ALWIL Software) [File_System \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-02-11 19:38:07 \| 000,028,880 \| ---- \| M] (ALWIL Software) [Kernel \| System \| Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-02-10 16:12:24 \| 000,691,696 \| ---- \| M] (Duplex Secure Ltd.) [Kernel \| Boot \| Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-02-10 14:12:41 \| 000,021,275 \| ---- \| M] (Meetinghouse Data Communications) [Kernel \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x) DRV - [2008-11-20 20:19:06 \| 000,043,872 \| ---- \| M] (Sonic Solutions) [Kernel \| Boot \| Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2008-04-13 17:36:05 \| 000,144,384 \| ---- \| M] (Windows (R) Server 2003 DDK provider) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006-04-25 08:01:48 \| 000,043,776 \| ---- \| M] (TOSHIBA Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2006-04-25 01:00:46 \| 000,083,584 \| ---- \| M] (Realtek Semiconductor Corporation ) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-04-18 14:12:00 \| 000,098,816 \| ---- \| M] (TOSHIBA Corporation) [File_System \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf) DRV - [2006-04-18 00:31:26 \| 004,262,912 \| ---- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-03-23 17:59:36 \| 000,037,888 \| ---- \| M] (ENE Technology Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR) DRV - [2006-03-23 17:59:32 \| 000,074,752 \| ---- \| M] (ENE Technology Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR) DRV - [2006-03-23 17:59:28 \| 000,061,056 \| ---- \| M] (ENE Technology Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR) DRV - [2006-03-18 15:36:42 \| 001,155,584 \| R--- \| M] (Agere Systems) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-03-02 17:49:50 \| 000,015,360 \| ---- \| M] (TOSHIBA Corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006-02-07 17:04:34 \| 001,399,615 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm) DRV - [2006-01-05 15:31:20 \| 000,011,264 \| ---- \| M] (TOSHIBA ) [Kernel \| System \| Stopped] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav) DRV - [2005-12-05 09:55:30 \| 001,428,096 \| ---- \| M] (Intel® Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2005-11-28 12:09:26 \| 000,013,568 \| ---- \| M] (Intel Corporation) [Kernel \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2004-11-16 00:22:08 \| 000,101,874 \| ---- \| M] (Alps Electric Co., Ltd.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2004-08-04 11:00:00 \| 000,017,792 \| ---- \| M] (Parallel Technologies, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2003-09-19 00:47:00 \| 000,010,368 \| ---- \| M] (Padus, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003-09-10 22:36:54 \| 000,021,060 \| ---- \| M] (InterVideo, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003-01-29 22:35:00 \| 000,012,032 \| ---- \| M] (TOSHIBA Corporation.) [Kernel \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\S-1-5-21-3441589714-2377351355-1460125659-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-08 21:16:42 \| 000,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-19 15:41:48 \| 000,000,000 \| ---D \| M] [2010-03-08 21:16:59 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2010-03-08 21:16:59 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\9z8nqkak.default\extensions [2010-02-10 15:46:36 \| 000,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions [2009-12-22 04:48:34 \| 000,002,767 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-12-22 04:48:34 \| 000,001,406 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-12-22 04:48:34 \| 000,000,917 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-12-22 04:48:34 \| 000,000,858 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-12-22 04:48:34 \| 000,001,183 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-12-22 04:48:34 \| 000,001,683 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-03-01 20:28:10 \| 000,000,027 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.) O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe () O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA) O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA) O4 - HKLM..\Run: [TFncKy] File not found O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA) O4 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500..\Run: [swg] File not found O4 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Documents and Settings\Michał\Menu Start\Programy\Autostart\Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.5.0_06) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.134.128.19 213.134.128.20 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-06-07 17:05:15 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-03-05 07:45:34 \| 000,000,708 \| ---- \| M] () - G:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2010-02-27 17:46:36 \| 000,000,000 \| ---D \| M] - H:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk ) - File not found O35 - comfile [open] -- "%1" % O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-03-08 21:16:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla [2010-03-08 21:16:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla [2010-03-08 17:51:04 \| 000,549,888 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-03-06 19:24:36 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS.0 [2010-03-06 18:46:44 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Media Connect 2 [2010-03-05 12:16:05 \| 000,293,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010-03-04 21:19:56 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Doctor [2010-03-04 20:15:09 \| 000,000,000 \| ---D \| C] -- C:\$WIN_NT$.~BT [2010-03-02 21:10:11 \| 000,038,224 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-02 21:10:09 \| 000,019,160 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-02 21:10:09 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-03-02 21:10:09 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-03-02 20:58:19 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Administrator\Recent [2010-03-02 20:58:19 \| 000,000,000 \| -HSD \| C] -- C:\RECYCLER [2010-03-02 20:57:33 \| 000,000,000 \| ---D \| C] -- C:\Program Files\CCleaner [2010-03-02 20:52:54 \| 003,370,400 \| ---- \| C] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Pulpit\ccsetup228.exe [2010-03-01 20:25:25 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\temp [2010-02-28 15:38:45 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ERDNT [2010-02-28 09:38:03 \| 001,830,424 \| ---- \| C] (Smallfrogs Studio) -- C:\Documents and Settings\Administrator\Pulpit\SREngLdr.EXE [2010-02-28 09:38:03 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Upload [2010-02-27 20:07:14 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\DoctorWeb [2010-02-27 20:01:16 \| 005,115,824 \| ---- \| C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Pulpit\mbam-setup.exe [2010-02-27 19:59:21 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\autorun.inf [2010-02-27 14:54:23 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\Administrator\IETldCache [2010-02-27 14:53:38 \| 000,000,000 \| --SD \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2010-02-27 14:53:38 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Administrator\SendTo [2010-02-27 14:53:38 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Ulubione [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Menu Start [2010-02-27 14:53:38 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\Administrator\Cookies [2010-02-27 14:53:38 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2010-02-27 14:53:38 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Administrator\Szablony [2010-02-27 14:53:38 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Administrator\PrintHood [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\WINDOWS [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\toshiba [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Nethood [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Intel [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Identities [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Application Data [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\{3248F0A6-6813-11D6-A77B-00B0D0150060} [2010-02-21 16:47:11 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-02-21 16:46:55 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Prefetch [2010-02-21 16:12:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\l2schemas [2010-02-21 16:12:42 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\pl [2010-02-21 16:12:42 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\bits [2010-02-21 16:06:05 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\network diagnostic [2010-02-21 16:01:30 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010-02-21 16:01:28 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\EHome [2010-02-13 08:20:00 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ie8updates [2010-02-13 08:19:16 \| 001,985,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010-02-13 08:19:16 \| 000,594,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010-02-13 08:19:16 \| 000,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010-02-13 08:19:15 \| 011,070,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010-02-13 08:18:51 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\WBEM [2010-02-13 08:17:37 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\ie8 [2010-02-13 08:17:37 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\pl-PL [2010-02-13 07:47:20 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Temp [2010-02-12 21:28:12 \| 000,025,471 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2010-02-12 21:28:12 \| 000,022,271 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2010-02-12 21:28:12 \| 000,011,935 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2010-02-12 21:28:12 \| 000,011,871 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2010-02-12 21:28:12 \| 000,011,807 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2010-02-12 21:28:12 \| 000,011,295 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2010-02-12 21:28:07 \| 000,095,424 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2010-02-12 21:28:07 \| 000,013,240 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2010-02-12 21:28:06 \| 000,404,990 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2010-02-12 21:28:06 \| 000,166,912 \| ---- \| C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2010-02-12 21:28:06 \| 000,129,535 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2010-02-12 21:28:05 \| 000,013,776 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2010-02-12 21:28:04 \| 001,897,408 \| ---- \| C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [2010-02-12 21:28:04 \| 000,180,360 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2010-02-12 21:28:03 \| 001,309,184 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2010-02-12 21:28:03 \| 000,452,736 \| ---- \| C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2010-02-12 21:28:03 \| 000,126,686 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2010-02-12 21:28:00 \| 000,011,868 \| ---- \| C] (Conexant) -- C:\WINDOWS\System32\drivers\mdmxsdk.sys [2010-02-12 21:27:49 \| 001,041,536 \| ---- \| C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys [2010-02-12 21:27:49 \| 000,685,056 \| ---- \| C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys [2010-02-12 21:27:49 \| 000,220,032 \| ---- \| C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys [2010-02-12 21:26:10 \| 000,073,216 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2010-02-12 21:26:10 \| 000,063,488 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2010-02-12 21:26:10 \| 000,031,744 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2010-02-12 21:26:10 \| 000,013,824 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2010-02-12 21:26:09 \| 000,701,440 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2010-02-12 21:26:09 \| 000,327,040 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2010-02-12 21:26:09 \| 000,104,960 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2010-02-12 21:26:09 \| 000,063,663 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2010-02-12 21:26:09 \| 000,057,856 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2010-02-12 21:26:09 \| 000,056,623 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2010-02-12 21:26:09 \| 000,052,224 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2010-02-12 21:26:09 \| 000,036,463 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2010-02-12 21:26:09 \| 000,034,735 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2010-02-12 21:26:09 \| 000,030,671 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2010-02-12 21:26:09 \| 000,029,455 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2010-02-12 21:26:09 \| 000,028,672 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2010-02-12 21:26:09 \| 000,026,367 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2010-02-12 21:26:09 \| 000,021,343 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2010-02-12 21:26:09 \| 000,014,336 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2010-02-12 21:26:09 \| 000,013,824 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2010-02-12 21:26:09 \| 000,012,047 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2010-02-12 21:26:09 \| 000,011,615 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2010-02-10 22:33:31 \| 000,000,000 \| --SD \| M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-02-10 22:33:31 \| 000,000,000 \| --SD \| M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-02-10 22:33:31 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-02-10 16:27:20 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ServicePackFiles [2010-02-10 16:26:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MSXML 4.0 [2010-02-10 16:23:25 \| 000,017,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2010-02-10 16:22:30 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\DESIGNER [2010-02-10 16:22:13 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\SHELLNEW [2010-02-10 16:12:24 \| 000,691,696 \| ---- \| C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys [2010-02-10 16:12:08 \| 000,000,000 \| ---D \| C] -- C:\Program Files\DAEMON Tools Lite [2010-02-10 16:11:49 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-10 16:10:10 \| 000,000,000 \| ---D \| C] -- C:\Program Files\GRETECH [2010-02-10 16:08:18 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\pss [2010-02-10 16:01:51 \| 000,038,848 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr [2010-02-10 15:51:44 \| 000,839,680 \| ---- \| C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm [2010-02-10 15:51:44 \| 000,118,784 \| ---- \| C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm [2010-02-10 15:51:43 \| 000,217,088 \| ---- \| C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll [2010-02-10 15:51:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\K-Lite Codec Pack [2010-02-10 15:47:51 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2010-02-10 15:46:21 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox [2010-02-10 15:07:12 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2010-02-10 15:07:12 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2010-02-10 15:06:57 \| 000,273,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010-02-10 15:06:03 \| 000,353,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010-02-10 15:04:46 \| 000,471,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010-02-10 14:55:55 \| 000,203,136 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2010-02-10 14:55:31 \| 002,190,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2010-02-10 14:55:30 \| 000,732,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2010-02-10 14:55:29 \| 002,146,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010-02-10 14:55:28 \| 002,025,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010-02-10 14:54:05 \| 000,455,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010-02-10 14:53:51 \| 000,331,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2010-02-10 14:53:25 \| 000,691,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2010-02-10 14:46:34 \| 000,019,024 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-02-10 14:46:33 \| 000,162,512 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-02-10 14:46:31 \| 000,023,376 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-02-10 14:46:28 \| 000,046,672 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-02-10 14:46:26 \| 000,100,432 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-02-10 14:46:26 \| 000,094,800 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-02-10 14:46:25 \| 000,028,880 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010-02-10 14:45:16 \| 000,337,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2010-02-10 14:45:02 \| 000,153,184 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-02-10 14:44:33 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Alwil Software [2010-02-10 14:44:33 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-02-10 14:43:20 \| 002,066,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll [2010-02-10 14:41:04 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2010-02-10 14:38:30 \| 001,172,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2010-02-10 14:36:57 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2010-02-10 14:35:01 \| 000,009,200 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010-02-10 14:35:01 \| 000,009,072 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010-02-10 14:35:00 \| 000,072,176 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2010-02-10 14:34:59 \| 000,543,216 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010-02-10 14:34:58 \| 000,088,560 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010-02-10 14:34:57 \| 000,379,376 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010-02-10 14:34:54 \| 000,186,864 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010-02-10 14:34:52 \| 000,588,272 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010-02-10 14:34:46 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\IOSUBSYS [2010-02-10 14:31:43 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Google Updater [2010-02-10 14:31:39 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Google [2010-02-10 14:30:46 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\PreInstall [2010-02-10 14:30:45 \| 000,018,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010-02-10 14:24:42 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-02-10 14:24:09 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Adobe [2010-02-10 14:19:00 \| 000,012,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2010-02-10 14:18:54 \| 000,010,368 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [2010-02-10 14:18:49 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\SoftwareDistribution [2010-02-10 14:18:35 \| 000,026,368 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2010-02-10 14:14:55 \| 000,000,000 \| -H-D \| C] -- C:\Program Files\Uninstall Information [2010-02-10 14:13:26 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ltmoh [2010-02-10 14:12:41 \| 000,021,275 \| ---- \| C] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\AegisP.sys [2010-02-10 14:12:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Intel [1 C:\WINDOWS\System32\.tmp files C:\WINDOWS\System32\.tmp ] [1 C:\WINDOWS\.tmp files C:\WINDOWS\.tmp ] ========== Files - Modified Within 30 Days ========== [2010-03-08 21:16:22 \| 000,786,432 \| -H-- \| M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-03-08 21:14:10 \| 000,001,158 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-08 21:14:02 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2010-03-07 17:41:27 \| 000,000,188 \| -HS- \| M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-03-07 17:41:21 \| 001,930,896 \| -H-- \| M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-03-07 00:13:37 \| 000,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-06 22:46:05 \| 000,001,036 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-03-06 22:45:54 \| 000,000,972 \| ---- \| M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2010-03-06 22:45:39 \| 000,001,032 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-03-06 18:36:44 \| 000,000,325 \| -HS- \| M] () -- C:\boot.ini [2010-03-05 12:25:30 \| 000,001,537 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Gwarancja firmy Toshiba.lnk [2010-03-02 21:10:13 \| 000,000,696 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-02 20:58:58 \| 000,032,976 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\cc_20100302_205845.reg [2010-03-02 20:57:37 \| 000,001,548 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk [2010-03-02 20:48:22 \| 000,122,928 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-02 20:13:06 \| 003,370,400 \| ---- \| M] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Pulpit\ccsetup228.exe [2010-03-01 20:28:36 \| 000,000,227 \| ---- \| M] () -- C:\WINDOWS\system.ini [2010-03-01 20:28:10 \| 000,000,027 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-02-27 23:31:12 \| 000,001,977 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\DrWeb.csv [2010-02-27 22:06:48 \| 000,000,077 \| ---- \| M] () -- C:\WINDOWS\System32\tmp.files0 [2010-02-27 17:35:58 \| 032,270,296 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe [2010-02-27 16:28:52 \| 005,115,824 \| ---- \| M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Pulpit\mbam-setup.exe [2010-02-27 16:20:34 \| 000,684,619 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\sreng2.zip [2010-02-27 16:19:52 \| 000,132,597 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\Flash_Disinfector.exe [2010-02-27 16:19:02 \| 000,284,915 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\gmer.zip [2010-02-27 16:18:08 \| 000,549,888 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-02-25 22:44:30 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\ToDisc.INI [2010-02-21 16:48:37 \| 000,946,272 \| ---- \| M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-02-21 16:48:37 \| 000,436,560 \| ---- \| M] () -- C:\WINDOWS\System32\perfh015.dat [2010-02-21 16:48:37 \| 000,380,684 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2010-02-21 16:48:37 \| 000,067,496 \| ---- \| M] () -- C:\WINDOWS\System32\perfc015.dat [2010-02-21 16:48:37 \| 000,053,098 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2010-02-21 16:47:21 \| 000,316,640 \| ---- \| M] () -- C:\WINDOWS\WMSysPr9.prx [2010-02-21 10:55:20 \| 000,001,624 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Microsoft Office OneNote 2003.lnk [2010-02-13 07:50:30 \| 000,001,915 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-02-12 20:55:18 \| 000,002,645 \| ---- \| M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-02-12 11:03:03 \| 000,293,376 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010-02-11 19:53:57 \| 000,038,848 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr [2010-02-11 19:53:36 \| 000,153,184 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-02-11 19:42:34 \| 000,046,672 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-02-11 19:42:13 \| 000,162,512 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-02-11 19:39:01 \| 000,023,376 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-02-11 19:38:34 \| 000,100,432 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-02-11 19:38:31 \| 000,094,800 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-02-11 19:38:23 \| 000,019,024 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-02-11 19:38:07 \| 000,028,880 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010-02-10 16:23:30 \| 000,000,421 \| ---- \| M] () -- C:\WINDOWS\ODBC.INI [2010-02-10 16:12:26 \| 000,001,613 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-02-10 16:12:24 \| 000,691,696 \| ---- \| M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys [2010-02-10 16:10:31 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\nsreg.dat [2010-02-10 16:10:22 \| 000,000,762 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\GOM Player.lnk [2010-02-10 16:09:04 \| 000,000,477 \| ---- \| M] () -- C:\WINDOWS\win.ini [2010-02-10 16:09:04 \| 000,000,211 \| -HS- \| M] () -- C:\BOOT.BAK [2010-02-10 15:47:05 \| 000,001,602 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-02-10 14:24:48 \| 000,001,729 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-02-10 14:14:50 \| 000,000,000 \| RHS- \| M] () -- C:\WINDOWS\System32\drivers\TOSHIBA_Satellite A110_04440-PL_PSAB0E-00G00.MRK [2010-02-10 14:13:30 \| 000,000,332 \| ---- \| M] () -- C:\WINDOWS\System32\$winnt$.inf [2010-02-10 14:13:28 \| 000,262,144 \| ---- \| M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-02-10 14:12:41 \| 000,021,275 \| ---- \| M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\AegisP.sys [2010-02-10 14:07:59 \| 000,008,192 \| ---- \| M] () -- C:\WINDOWS\REGLOCS.OLD [1 C:\WINDOWS\System32\.tmp files C:\WINDOWS\System32\.tmp ] [1 C:\WINDOWS\.tmp files C:\WINDOWS\.tmp ] ========== Files Created - No Company Name ========== [2010-03-04 20:15:34 \| 000,000,211 \| -HS- \| C] () -- C:\BOOT.BAK [2010-03-04 20:15:24 \| 000,441,363 \| R--- \| C] () -- C:\txtsetup.sif [2010-03-04 20:15:24 \| 000,262,416 \| R--- \| C] () -- C:\$LDR$ [2010-03-02 21:10:13 \| 000,000,696 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-02 20:58:54 \| 000,032,976 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\cc_20100302_205845.reg [2010-03-02 20:57:36 \| 000,001,548 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk [2010-02-28 15:38:50 \| 000,261,632 \| ---- \| C] () -- C:\WINDOWS\PEV.exe [2010-02-28 15:38:50 \| 000,077,312 \| ---- \| C] () -- C:\WINDOWS\MBR.exe [2010-02-27 23:31:12 \| 000,001,977 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\DrWeb.csv [2010-02-27 22:06:48 \| 000,000,077 \| ---- \| C] () -- C:\WINDOWS\System32\tmp.files0 [2010-02-27 20:02:37 \| 000,284,915 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\gmer.zip [2010-02-27 20:01:41 \| 000,684,619 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\sreng2.zip [2010-02-27 20:00:48 \| 000,132,597 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\Flash_Disinfector.exe [2010-02-27 19:59:59 \| 032,270,296 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe [2010-02-27 14:53:39 \| 000,000,135 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-02-27 14:53:38 \| 000,000,188 \| -HS- \| C] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-02-27 14:53:37 \| 000,786,432 \| -H-- \| C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-02-27 08:03:13 \| 000,000,012 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Dane aplikacji\pdytbs.dat [2010-02-25 22:44:30 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ToDisc.INI [2010-02-13 07:50:30 \| 000,001,915 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-02-12 21:28:03 \| 000,067,866 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2010-02-12 21:27:31 \| 000,129,045 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-02-12 21:26:10 \| 000,064,352 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010-02-10 16:12:26 \| 000,001,613 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-02-10 16:11:19 \| 000,178,176 \| ---- \| C] () -- C:\WINDOWS\System32\unrar.dll [2010-02-10 16:11:19 \| 000,000,038 \| ---- \| C] () -- C:\WINDOWS\avisplitter.ini [2010-02-10 16:10:31 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\nsreg.dat [2010-02-10 16:10:22 \| 000,000,762 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\GOM Player.lnk [2010-02-10 15:51:44 \| 000,000,414 \| ---- \| C] () -- C:\WINDOWS\System32\lame_acm.xml [2010-02-10 15:51:42 \| 000,881,664 \| ---- \| C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-10 15:51:42 \| 000,205,824 \| ---- \| C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-02-10 15:51:36 \| 000,000,547 \| ---- \| C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-02-10 15:51:34 \| 000,085,504 \| ---- \| C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-02-10 15:47:04 \| 000,001,602 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-02-10 14:36:44 \| 000,001,036 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-02-10 14:36:42 \| 000,001,032 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-02-10 14:31:42 \| 000,000,972 \| ---- \| C] () -- C:\WINDOWS\tasks\Google Software Updater.job [2010-02-10 14:24:48 \| 000,001,729 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-02-10 14:14:50 \| 000,000,000 \| RHS- \| C] () -- C:\WINDOWS\System32\drivers\TOSHIBA_Satellite A110_04440-PL_PSAB0E-00G00.MRK [2010-02-10 14:14:49 \| 003,072,054 \| ---- \| C] () -- C:\WINDOWS\TOSHIBA SATELLITE.bmp [2010-02-10 14:13:28 \| 000,262,144 \| ---- \| C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-02-10 14:07:59 \| 000,008,192 \| ---- \| C] () -- C:\WINDOWS\REGLOCS.OLD [2006-06-08 10:58:25 \| 000,000,061 \| ---- \| C] () -- C:\WINDOWS\smscfg.ini [2006-06-08 10:10:06 \| 000,000,421 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2006-06-08 09:13:05 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\NDSTray.INI [2006-06-08 09:12:36 \| 000,204,800 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006-06-08 09:12:36 \| 000,200,704 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006-06-08 09:12:36 \| 000,192,512 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006-06-08 09:12:36 \| 000,192,512 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006-06-08 09:12:36 \| 000,188,416 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006-06-08 09:12:36 \| 000,020,480 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresize.dll [2006-06-08 09:09:14 \| 000,036,736 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys [2006-06-08 09:09:14 \| 000,029,184 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2006-06-08 08:48:31 \| 000,032,768 \| ---- \| C] () -- C:\WINDOWS\System32\EBLib.DLL [2006-06-08 08:43:47 \| 000,128,113 \| ---- \| C] () -- C:\WINDOWS\System32\csellang.ini [2006-06-08 08:43:47 \| 000,045,056 \| ---- \| C] () -- C:\WINDOWS\System32\csellang.dll [2006-06-08 08:43:47 \| 000,010,147 \| ---- \| C] () -- C:\WINDOWS\System32\tosmreg.ini [2006-06-08 08:43:47 \| 000,007,671 \| ---- \| C] () -- C:\WINDOWS\System32\cseltbl.ini [2006-06-08 08:33:06 \| 000,356,352 \| ---- \| C] () -- C:\WINDOWS\EMCRI.dll [2006-06-08 08:27:32 \| 000,135,168 \| ---- \| C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-06-07 16:52:59 \| 000,028,672 \| ---- \| C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2006-06-07 16:52:59 \| 000,000,083 \| ---- \| C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006-01-05 17:49:34 \| 000,036,864 \| ---- \| C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll [2006-01-05 16:36:22 \| 000,024,576 \| ---- \| C] () -- C:\WINDOWS\System32\EKECioCtl.dll [2006-01-04 09:59:52 \| 000,028,672 \| ---- \| C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2005-12-09 13:36:30 \| 000,028,672 \| ---- \| C] () -- C:\WINDOWS\System32\TPeculiarity.dll [2005-11-23 12:55:42 \| 000,024,576 \| ---- \| C] () -- C:\WINDOWS\System32\SPCtl.dll < End of report > [2010-03-08 21:16:22 \| 000,786,432 \| -H-- \| M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-03-07 17:41:27 \| 000,000,188 \| -HS- \| M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-03-07 17:41:21 \| 001,930,896 \| -H-- \| M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-03-07 00:13:37 \| 000,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-06 22:46:05 \| 000,001,036 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-03-06 22:45:54 \| 000,000,972 \| ---- \| M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2010-03-06 22:45:39 \| 000,001,032 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-03-05 12:25:30 \| 000,001,537 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Gwarancja firmy Toshiba.lnk [2010-03-02 21:10:13 \| 000,000,696 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-02 20:58:58 \| 000,032,976 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\cc_20100302_205845.reg [2010-03-02 20:57:37 \| 000,001,548 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk [2010-03-02 20:13:06 \| 003,370,400 \| ---- \| M] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Pulpit\ccsetup228.exe [2010-02-27 23:31:12 \| 000,001,977 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\DrWeb.csv [2010-02-27 17:35:58 \| 032,270,296 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe [2010-02-27 16:28:52 \| 005,115,824 \| ---- \| M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Pulpit\mbam-setup.exe [2010-02-27 16:20:34 \| 000,684,619 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\sreng2.zip [2010-02-27 16:19:52 \| 000,132,597 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\Flash_Disinfector.exe [2010-02-27 16:19:02 \| 000,284,915 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\gmer.zip [2010-02-27 16:18:08 \| 000,549,888 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-02-21 16:47:21 \| 000,316,640 \| ---- \| M] () -- C:\WINDOWS\WMSysPr9.prx [2010-02-21 10:55:20 \| 000,001,624 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Microsoft Office OneNote 2003.lnk [2010-02-13 07:50:30 \| 000,001,915 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-02-10 16:12:26 \| 000,001,613 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-02-10 16:10:22 \| 000,000,762 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\GOM Player.lnk [2010-02-10 15:47:05 \| 000,001,602 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-02-10 14:24:48 \| 000,001,729 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-02-10 14:13:28 \| 000,262,144 \| ---- \| M] () -- C:\Documents and Settings\All Users\NTUSER.DAT < End of report >

@Blade@

Pomógł: 8 razy

Wysłany: 2010-03-08, 21:57

To podaj raport z tamtego skanu Malwarebytes, bo akurat OTL pokazuje tylko partycję systemową, więc trudno określić czy coś na innych jest.

Uruchom OTL

w oknie Custom Scans/Fixes wklej:

Cytat:

:OTL
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500..\Run: [swg] File not found

:Files
C:\Documents and Settings\LocalService\Dane aplikacji\pdytbs.dat
C:\WINDOWS\System32\tmp.files0
C:\Documents and Settings\Michał\Menu Start\Programy\Autostart\Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk

:Commands
[emptytemp]

Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL

_________________

lordbarth

Wysłany: 2010-03-08, 23:05

Wszystko jest zainstalowane na jednej partycji - reszta to dwie partycje dysku wymiennego i dwie pamięci przenośne - podpiąłem wszystko na wszelki wypadek. Zrobiłem malwarem... potem naprawę otlem - poniżej wszystkie trzy: Malwarebytes' Anti-Malware 1.44 Database version: 3510 Windows 5.1.2600 Dodatek Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 2010-03-09 00:05:40 mbam-log-2010-03-09 (00-05-40).txt Scan type: Full Scan (C:\\|E:\\|F:\\|G:\\|) Objects scanned: 225009 Time elapsed: 1 hour(s), 9 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TFncKy deleted successfully. Registry value HKEY_USERS\S-1-5-21-3441589714-2377351355-1460125659-500\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully. ========== FILES ========== C:\Documents and Settings\LocalService\Dane aplikacji\pdytbs.dat moved successfully. C:\WINDOWS\System32\tmp.files0 moved successfully. C:\Documents and Settings\Michał\Menu Start\Programy\Autostart\Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 3272836 bytes User: All Users User: All Users.WINDOWS.0 User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32768 bytes User: Default User.WINDOWS.0 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Gadżet ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 493376 bytes User: Intel User: LocalService ->Temp folder emptied: 82513 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: LocalService.ZARZĄDZANIE NT ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Michał ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 61759939 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService.ZARZĄDZANIE NT ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19569 bytes %systemroot%\System32 .tmp files removed: 2596 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 63,00 mb OTL by OldTimer - Version 3.1.30.3 log created on 03092010_020752 Files\Folders moved on Reboot... Registry entries deleted on Reboot... OTL logfile created on: 2010-03-09 02:25:59 - Run 2 OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 \| Country: Polska \| Language: PLK \| Date Format: yyyy-MM-dd 502,00 Mb Total Physical Memory \| 390,00 Mb Available Physical Memory \| 78,00% Memory free 1,00 Gb Paging File \| 1,00 Gb Available in Paging File \| 95,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 74,53 Gb Total Space \| 46,68 Gb Free Space \| 62,64% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: \| 183,60 Gb Total Space \| 85,25 Gb Free Space \| 46,43% Space Free \| Partition Type: NTFS Drive G: \| 3,76 Gb Total Space \| 1,72 Gb Free Space \| 45,83% Space Free \| Partition Type: FAT32 Drive H: \| 122,51 Mb Total Space \| 122,40 Mb Free Space \| 99,91% Space Free \| Partition Type: FAT32 Drive I: \| 49,27 Gb Total Space \| 6,01 Gb Free Space \| 12,21% Space Free \| Partition Type: FAT32 Computer Name: GADŻET Current User Name: Administrator Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-02-27 16:18:08 \| 000,549,888 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2008-04-14 18:21:16 \| 001,035,264 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (SafeList) ========== MOD - [2010-02-27 16:18:08 \| 000,549,888 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe ========== Win32 Services (SafeList) ========== SRV - [2010-02-11 19:53:39 \| 000,040,384 \| ---- \| M] (ALWIL Software) [On_Demand \| Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-02-11 19:53:39 \| 000,040,384 \| ---- \| M] (ALWIL Software) [On_Demand \| Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-02-11 19:53:39 \| 000,040,384 \| ---- \| M] (ALWIL Software) [Auto \| Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-02-10 15:33:16 \| 000,194,032 \| ---- \| M] (Google) [Auto \| Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2010-02-10 14:35:52 \| 000,135,664 \| ---- \| M] (Google Inc.) [Auto \| Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate) SRV - [2006-05-25 17:30:16 \| 000,114,688 \| ---- \| M] (TOSHIBA Corporation) [Auto \| Stopped] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv) SRV - [2005-11-28 11:31:32 \| 000,540,745 \| ---- \| M] (Intel Corporation ) [Auto \| Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2005-11-28 11:29:00 \| 000,114,753 \| ---- \| M] (Intel Corporation) [Auto \| Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2005-11-28 11:28:14 \| 000,217,164 \| ---- \| M] (Intel Corporation) [Auto \| Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005-01-18 00:38:38 \| 000,040,960 \| ---- \| M] (TOSHIBA CORPORATION) [Auto \| Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004-07-15 00:49:26 \| 000,032,768 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state) SRV - [2003-07-28 19:28:22 \| 000,089,136 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2010-02-11 19:42:34 \| 000,046,672 \| ---- \| M] (ALWIL Software) [Kernel \| System \| Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-02-11 19:42:13 \| 000,162,512 \| ---- \| M] (ALWIL Software) [Kernel \| System \| Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2010-02-11 19:39:01 \| 000,023,376 \| ---- \| M] (ALWIL Software) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-02-11 19:38:34 \| 000,100,432 \| ---- \| M] (ALWIL Software) [File_System \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-02-11 19:38:23 \| 000,019,024 \| ---- \| M] (ALWIL Software) [File_System \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-02-11 19:38:07 \| 000,028,880 \| ---- \| M] (ALWIL Software) [Kernel \| System \| Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-02-10 16:12:24 \| 000,691,696 \| ---- \| M] (Duplex Secure Ltd.) [Kernel \| Boot \| Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-02-10 14:12:41 \| 000,021,275 \| ---- \| M] (Meetinghouse Data Communications) [Kernel \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x) DRV - [2008-11-20 20:19:06 \| 000,043,872 \| ---- \| M] (Sonic Solutions) [Kernel \| Boot \| Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2008-04-13 17:36:05 \| 000,144,384 \| ---- \| M] (Windows (R) Server 2003 DDK provider) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006-04-25 08:01:48 \| 000,043,776 \| ---- \| M] (TOSHIBA Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2006-04-25 01:00:46 \| 000,083,584 \| ---- \| M] (Realtek Semiconductor Corporation ) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-04-18 14:12:00 \| 000,098,816 \| ---- \| M] (TOSHIBA Corporation) [File_System \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf) DRV - [2006-04-18 00:31:26 \| 004,262,912 \| ---- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-03-23 17:59:36 \| 000,037,888 \| ---- \| M] (ENE Technology Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR) DRV - [2006-03-23 17:59:32 \| 000,074,752 \| ---- \| M] (ENE Technology Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR) DRV - [2006-03-23 17:59:28 \| 000,061,056 \| ---- \| M] (ENE Technology Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR) DRV - [2006-03-18 15:36:42 \| 001,155,584 \| R--- \| M] (Agere Systems) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-03-02 17:49:50 \| 000,015,360 \| ---- \| M] (TOSHIBA Corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006-02-07 17:04:34 \| 001,399,615 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm) DRV - [2006-01-05 15:31:20 \| 000,011,264 \| ---- \| M] (TOSHIBA ) [Kernel \| System \| Stopped] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav) DRV - [2005-12-05 09:55:30 \| 001,428,096 \| ---- \| M] (Intel® Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2005-11-28 12:09:26 \| 000,013,568 \| ---- \| M] (Intel Corporation) [Kernel \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2004-11-16 00:22:08 \| 000,101,874 \| ---- \| M] (Alps Electric Co., Ltd.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2004-08-04 11:00:00 \| 000,017,792 \| ---- \| M] (Parallel Technologies, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2003-09-19 00:47:00 \| 000,010,368 \| ---- \| M] (Padus, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003-09-10 22:36:54 \| 000,021,060 \| ---- \| M] (InterVideo, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003-01-29 22:35:00 \| 000,012,032 \| ---- \| M] (TOSHIBA Corporation.) [Kernel \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\S-1-5-21-3441589714-2377351355-1460125659-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-08 21:16:42 \| 000,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-19 15:41:48 \| 000,000,000 \| ---D \| M] [2010-03-08 21:16:59 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2010-03-08 21:16:59 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\9z8nqkak.default\extensions [2010-02-10 15:46:36 \| 000,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions [2009-12-22 04:48:34 \| 000,002,767 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-12-22 04:48:34 \| 000,001,406 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-12-22 04:48:34 \| 000,000,917 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-12-22 04:48:34 \| 000,000,858 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-12-22 04:48:34 \| 000,001,183 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-12-22 04:48:34 \| 000,001,683 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-03-01 20:28:10 \| 000,000,027 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.) O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe () O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA) O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA) O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA) O4 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-3441589714-2377351355-1460125659-500_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.5.0_06) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.134.128.19 213.134.128.20 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-06-07 17:05:15 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-03-05 07:45:34 \| 000,000,708 \| ---- \| M] () - G:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2010-02-27 17:46:36 \| 000,000,000 \| ---D \| M] - H:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk ) - File not found O35 - comfile [open] -- "%1" % O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-03-09 02:07:53 \| 000,000,000 \| ---D \| C] -- C:\_OTL [2010-03-08 22:41:53 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes [2010-03-08 21:16:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla [2010-03-08 21:16:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla [2010-03-08 17:51:04 \| 000,549,888 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-03-06 19:24:36 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS.0 [2010-03-06 18:46:44 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Media Connect 2 [2010-03-05 12:16:05 \| 000,293,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010-03-04 21:19:56 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Doctor [2010-03-04 20:15:09 \| 000,000,000 \| ---D \| C] -- C:\$WIN_NT$.~BT [2010-03-02 21:10:11 \| 000,038,224 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-02 21:10:09 \| 000,019,160 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-02 21:10:09 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-03-02 21:10:09 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-03-02 20:58:19 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Administrator\Recent [2010-03-02 20:58:19 \| 000,000,000 \| -HSD \| C] -- C:\RECYCLER [2010-03-02 20:57:33 \| 000,000,000 \| ---D \| C] -- C:\Program Files\CCleaner [2010-03-02 20:52:54 \| 003,370,400 \| ---- \| C] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Pulpit\ccsetup228.exe [2010-03-01 20:25:25 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\temp [2010-02-28 15:38:45 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ERDNT [2010-02-28 09:38:03 \| 001,830,424 \| ---- \| C] (Smallfrogs Studio) -- C:\Documents and Settings\Administrator\Pulpit\SREngLdr.EXE [2010-02-28 09:38:03 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\Upload [2010-02-27 20:07:14 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\DoctorWeb [2010-02-27 20:01:16 \| 005,115,824 \| ---- \| C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Pulpit\mbam-setup.exe [2010-02-27 19:59:21 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit\autorun.inf [2010-02-27 14:54:23 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\Administrator\IETldCache [2010-02-27 14:53:38 \| 000,000,000 \| --SD \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2010-02-27 14:53:38 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Administrator\SendTo [2010-02-27 14:53:38 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Ulubione [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka [2010-02-27 14:53:38 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Menu Start [2010-02-27 14:53:38 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\Administrator\Cookies [2010-02-27 14:53:38 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2010-02-27 14:53:38 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Administrator\Szablony [2010-02-27 14:53:38 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\Administrator\PrintHood [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\WINDOWS [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\toshiba [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Pulpit [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Nethood [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Intel [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Identities [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Application Data [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe [2010-02-27 14:53:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\{3248F0A6-6813-11D6-A77B-00B0D0150060} [2010-02-21 16:47:11 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-02-21 16:46:55 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Prefetch [2010-02-21 16:12:43 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\l2schemas [2010-02-21 16:12:42 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\pl [2010-02-21 16:12:42 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\bits [2010-02-21 16:06:05 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\network diagnostic [2010-02-21 16:01:30 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010-02-21 16:01:28 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\EHome [2010-02-13 08:20:00 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ie8updates [2010-02-13 08:19:16 \| 001,985,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010-02-13 08:19:16 \| 000,594,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010-02-13 08:19:16 \| 000,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010-02-13 08:19:15 \| 011,070,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010-02-13 08:18:51 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\WBEM [2010-02-13 08:17:37 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\ie8 [2010-02-13 08:17:37 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\pl-PL [2010-02-13 07:47:20 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Temp [2010-02-12 21:28:12 \| 000,025,471 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2010-02-12 21:28:12 \| 000,022,271 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2010-02-12 21:28:12 \| 000,011,935 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2010-02-12 21:28:12 \| 000,011,871 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2010-02-12 21:28:12 \| 000,011,807 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2010-02-12 21:28:12 \| 000,011,295 \| ---- \| C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2010-02-12 21:28:07 \| 000,095,424 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2010-02-12 21:28:07 \| 000,013,240 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2010-02-12 21:28:06 \| 000,404,990 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2010-02-12 21:28:06 \| 000,166,912 \| ---- \| C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2010-02-12 21:28:06 \| 000,129,535 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2010-02-12 21:28:05 \| 000,013,776 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2010-02-12 21:28:04 \| 001,897,408 \| ---- \| C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [2010-02-12 21:28:04 \| 000,180,360 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2010-02-12 21:28:03 \| 001,309,184 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2010-02-12 21:28:03 \| 000,452,736 \| ---- \| C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2010-02-12 21:28:03 \| 000,126,686 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2010-02-12 21:28:00 \| 000,011,868 \| ---- \| C] (Conexant) -- C:\WINDOWS\System32\drivers\mdmxsdk.sys [2010-02-12 21:27:49 \| 001,041,536 \| ---- \| C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys [2010-02-12 21:27:49 \| 000,685,056 \| ---- \| C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys [2010-02-12 21:27:49 \| 000,220,032 \| ---- \| C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys [2010-02-12 21:26:10 \| 000,073,216 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2010-02-12 21:26:10 \| 000,063,488 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2010-02-12 21:26:10 \| 000,031,744 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2010-02-12 21:26:10 \| 000,013,824 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2010-02-12 21:26:09 \| 000,701,440 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2010-02-12 21:26:09 \| 000,327,040 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2010-02-12 21:26:09 \| 000,104,960 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2010-02-12 21:26:09 \| 000,063,663 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2010-02-12 21:26:09 \| 000,057,856 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2010-02-12 21:26:09 \| 000,056,623 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2010-02-12 21:26:09 \| 000,052,224 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2010-02-12 21:26:09 \| 000,036,463 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2010-02-12 21:26:09 \| 000,034,735 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2010-02-12 21:26:09 \| 000,030,671 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2010-02-12 21:26:09 \| 000,029,455 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2010-02-12 21:26:09 \| 000,028,672 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2010-02-12 21:26:09 \| 000,026,367 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2010-02-12 21:26:09 \| 000,021,343 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2010-02-12 21:26:09 \| 000,014,336 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2010-02-12 21:26:09 \| 000,013,824 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2010-02-12 21:26:09 \| 000,012,047 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2010-02-12 21:26:09 \| 000,011,615 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2010-02-10 22:33:31 \| 000,000,000 \| --SD \| M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-02-10 22:33:31 \| 000,000,000 \| --SD \| M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-02-10 22:33:31 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-02-10 16:27:20 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ServicePackFiles [2010-02-10 16:26:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MSXML 4.0 [2010-02-10 16:23:25 \| 000,017,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2010-02-10 16:22:30 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\DESIGNER [2010-02-10 16:22:13 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\SHELLNEW [2010-02-10 16:12:24 \| 000,691,696 \| ---- \| C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys [2010-02-10 16:12:08 \| 000,000,000 \| ---D \| C] -- C:\Program Files\DAEMON Tools Lite [2010-02-10 16:11:49 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-10 16:10:10 \| 000,000,000 \| ---D \| C] -- C:\Program Files\GRETECH [2010-02-10 16:08:18 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\pss [2010-02-10 16:01:51 \| 000,038,848 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr [2010-02-10 15:51:44 \| 000,839,680 \| ---- \| C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm [2010-02-10 15:51:44 \| 000,118,784 \| ---- \| C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm [2010-02-10 15:51:43 \| 000,217,088 \| ---- \| C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll [2010-02-10 15:51:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\K-Lite Codec Pack [2010-02-10 15:47:51 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2010-02-10 15:46:21 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox [2010-02-10 15:07:12 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2010-02-10 15:07:12 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2010-02-10 15:06:57 \| 000,273,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010-02-10 15:06:03 \| 000,353,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010-02-10 15:04:46 \| 000,471,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010-02-10 14:55:55 \| 000,203,136 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2010-02-10 14:55:31 \| 002,190,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2010-02-10 14:55:30 \| 000,732,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2010-02-10 14:55:29 \| 002,146,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010-02-10 14:55:28 \| 002,025,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010-02-10 14:54:05 \| 000,455,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010-02-10 14:53:51 \| 000,331,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2010-02-10 14:53:25 \| 000,691,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2010-02-10 14:46:34 \| 000,019,024 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-02-10 14:46:33 \| 000,162,512 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-02-10 14:46:31 \| 000,023,376 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-02-10 14:46:28 \| 000,046,672 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-02-10 14:46:26 \| 000,100,432 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-02-10 14:46:26 \| 000,094,800 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-02-10 14:46:25 \| 000,028,880 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010-02-10 14:45:16 \| 000,337,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2010-02-10 14:45:02 \| 000,153,184 \| ---- \| C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-02-10 14:44:33 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Alwil Software [2010-02-10 14:44:33 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-02-10 14:43:20 \| 002,066,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll [2010-02-10 14:41:04 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2010-02-10 14:38:30 \| 001,172,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2010-02-10 14:36:57 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2010-02-10 14:35:01 \| 000,009,200 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010-02-10 14:35:01 \| 000,009,072 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010-02-10 14:35:00 \| 000,072,176 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2010-02-10 14:34:59 \| 000,543,216 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010-02-10 14:34:58 \| 000,088,560 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010-02-10 14:34:57 \| 000,379,376 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010-02-10 14:34:54 \| 000,186,864 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010-02-10 14:34:52 \| 000,588,272 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010-02-10 14:34:46 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\IOSUBSYS [2010-02-10 14:31:43 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Google Updater [2010-02-10 14:31:39 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Google [2010-02-10 14:30:46 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\PreInstall [2010-02-10 14:30:45 \| 000,018,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010-02-10 14:24:42 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-02-10 14:24:09 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Adobe [2010-02-10 14:19:00 \| 000,012,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2010-02-10 14:18:54 \| 000,010,368 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [2010-02-10 14:18:49 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\SoftwareDistribution [2010-02-10 14:18:35 \| 000,026,368 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2010-02-10 14:14:55 \| 000,000,000 \| -H-D \| C] -- C:\Program Files\Uninstall Information [2010-02-10 14:13:26 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ltmoh [2010-02-10 14:12:41 \| 000,021,275 \| ---- \| C] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\AegisP.sys [2010-02-10 14:12:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Dane aplikacji\Intel ========== Files - Modified Within 30 Days ========== [2010-03-09 02:23:02 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2010-03-09 02:10:02 \| 000,000,972 \| ---- \| M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2010-03-09 02:09:33 \| 000,001,032 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-03-09 02:09:31 \| 000,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-09 02:08:08 \| 000,000,188 \| -HS- \| M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-03-09 02:08:07 \| 000,786,432 \| -H-- \| M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-03-08 21:14:10 \| 000,001,158 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-07 17:41:21 \| 001,930,896 \| -H-- \| M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-03-06 22:46:05 \| 000,001,036 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-03-06 18:36:44 \| 000,000,325 \| -HS- \| M] () -- C:\boot.ini [2010-03-05 12:25:30 \| 000,001,537 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Gwarancja firmy Toshiba.lnk [2010-03-02 21:10:13 \| 000,000,696 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-02 20:58:58 \| 000,032,976 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\cc_20100302_205845.reg [2010-03-02 20:57:37 \| 000,001,548 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk [2010-03-02 20:48:22 \| 000,122,928 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-02 20:13:06 \| 003,370,400 \| ---- \| M] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Pulpit\ccsetup228.exe [2010-03-01 20:28:36 \| 000,000,227 \| ---- \| M] () -- C:\WINDOWS\system.ini [2010-03-01 20:28:10 \| 000,000,027 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-02-27 23:31:12 \| 000,001,977 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\DrWeb.csv [2010-02-27 17:35:58 \| 032,270,296 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe [2010-02-27 16:28:52 \| 005,115,824 \| ---- \| M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Pulpit\mbam-setup.exe [2010-02-27 16:20:34 \| 000,684,619 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\sreng2.zip [2010-02-27 16:19:52 \| 000,132,597 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\Flash_Disinfector.exe [2010-02-27 16:19:02 \| 000,284,915 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Pulpit\gmer.zip [2010-02-27 16:18:08 \| 000,549,888 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2010-02-25 22:44:30 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\ToDisc.INI [2010-02-21 16:48:37 \| 000,946,272 \| ---- \| M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-02-21 16:48:37 \| 000,436,560 \| ---- \| M] () -- C:\WINDOWS\System32\perfh015.dat [2010-02-21 16:48:37 \| 000,380,684 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2010-02-21 16:48:37 \| 000,067,496 \| ---- \| M] () -- C:\WINDOWS\System32\perfc015.dat [2010-02-21 16:48:37 \| 000,053,098 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2010-02-21 16:47:21 \| 000,316,640 \| ---- \| M] () -- C:\WINDOWS\WMSysPr9.prx [2010-02-21 10:55:20 \| 000,001,624 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Microsoft Office OneNote 2003.lnk [2010-02-13 07:50:30 \| 000,001,915 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-02-12 20:55:18 \| 000,002,645 \| ---- \| M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-02-12 11:03:03 \| 000,293,376 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010-02-11 19:53:57 \| 000,038,848 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr [2010-02-11 19:53:36 \| 000,153,184 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-02-11 19:42:34 \| 000,046,672 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-02-11 19:42:13 \| 000,162,512 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-02-11 19:39:01 \| 000,023,376 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-02-11 19:38:34 \| 000,100,432 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-02-11 19:38:31 \| 000,094,800 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-02-11 19:38:23 \| 000,019,024 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-02-11 19:38:07 \| 000,028,880 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010-02-10 16:23:30 \| 000,000,421 \| ---- \| M] () -- C:\WINDOWS\ODBC.INI [2010-02-10 16:12:26 \| 000,001,613 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-02-10 16:12:24 \| 000,691,696 \| ---- \| M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys [2010-02-10 16:10:31 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\nsreg.dat [2010-02-10 16:10:22 \| 000,000,762 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\GOM Player.lnk [2010-02-10 16:09:04 \| 000,000,477 \| ---- \| M] () -- C:\WINDOWS\win.ini [2010-02-10 16:09:04 \| 000,000,211 \| -HS- \| M] () -- C:\BOOT.BAK [2010-02-10 15:47:05 \| 000,001,602 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-02-10 14:24:48 \| 000,001,729 \| ---- \| M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-02-10 14:14:50 \| 000,000,000 \| RHS- \| M] () -- C:\WINDOWS\System32\drivers\TOSHIBA_Satellite A110_04440-PL_PSAB0E-00G00.MRK [2010-02-10 14:13:30 \| 000,000,332 \| ---- \| M] () -- C:\WINDOWS\System32\$winnt$.inf [2010-02-10 14:13:28 \| 000,262,144 \| ---- \| M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-02-10 14:12:41 \| 000,021,275 \| ---- \| M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\AegisP.sys [2010-02-10 14:07:59 \| 000,008,192 \| ---- \| M] () -- C:\WINDOWS\REGLOCS.OLD ========== Files Created - No Company Name ========== [2010-03-04 20:15:34 \| 000,000,211 \| -HS- \| C] () -- C:\BOOT.BAK [2010-03-04 20:15:24 \| 000,441,363 \| R--- \| C] () -- C:\txtsetup.sif [2010-03-04 20:15:24 \| 000,262,416 \| R--- \| C] () -- C:\$LDR$ [2010-03-02 21:10:13 \| 000,000,696 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-03-02 20:58:54 \| 000,032,976 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\cc_20100302_205845.reg [2010-03-02 20:57:36 \| 000,001,548 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk [2010-02-28 15:38:50 \| 000,261,632 \| ---- \| C] () -- C:\WINDOWS\PEV.exe [2010-02-28 15:38:50 \| 000,077,312 \| ---- \| C] () -- C:\WINDOWS\MBR.exe [2010-02-27 23:31:12 \| 000,001,977 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\DrWeb.csv [2010-02-27 20:02:37 \| 000,284,915 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\gmer.zip [2010-02-27 20:01:41 \| 000,684,619 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\sreng2.zip [2010-02-27 20:00:48 \| 000,132,597 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\Flash_Disinfector.exe [2010-02-27 19:59:59 \| 032,270,296 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe [2010-02-27 14:53:39 \| 000,000,135 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-02-27 14:53:38 \| 000,000,188 \| -HS- \| C] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-02-27 14:53:37 \| 000,786,432 \| -H-- \| C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-02-25 22:44:30 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ToDisc.INI [2010-02-13 07:50:30 \| 000,001,915 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-02-12 21:28:03 \| 000,067,866 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2010-02-12 21:27:31 \| 000,129,045 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-02-12 21:26:10 \| 000,064,352 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010-02-10 16:12:26 \| 000,001,613 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-02-10 16:11:19 \| 000,178,176 \| ---- \| C] () -- C:\WINDOWS\System32\unrar.dll [2010-02-10 16:11:19 \| 000,000,038 \| ---- \| C] () -- C:\WINDOWS\avisplitter.ini [2010-02-10 16:10:31 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\nsreg.dat [2010-02-10 16:10:22 \| 000,000,762 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\GOM Player.lnk [2010-02-10 15:51:44 \| 000,000,414 \| ---- \| C] () -- C:\WINDOWS\System32\lame_acm.xml [2010-02-10 15:51:42 \| 000,881,664 \| ---- \| C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-10 15:51:42 \| 000,205,824 \| ---- \| C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-02-10 15:51:36 \| 000,000,547 \| ---- \| C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-02-10 15:51:34 \| 000,085,504 \| ---- \| C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-02-10 15:47:04 \| 000,001,602 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-02-10 14:36:44 \| 000,001,036 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-02-10 14:36:42 \| 000,001,032 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-02-10 14:31:42 \| 000,000,972 \| ---- \| C] () -- C:\WINDOWS\tasks\Google Software Updater.job [2010-02-10 14:24:48 \| 000,001,729 \| ---- \| C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-02-10 14:14:50 \| 000,000,000 \| RHS- \| C] () -- C:\WINDOWS\System32\drivers\TOSHIBA_Satellite A110_04440-PL_PSAB0E-00G00.MRK [2010-02-10 14:14:49 \| 003,072,054 \| ---- \| C] () -- C:\WINDOWS\TOSHIBA SATELLITE.bmp [2010-02-10 14:13:28 \| 000,262,144 \| ---- \| C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2010-02-10 14:07:59 \| 000,008,192 \| ---- \| C] () -- C:\WINDOWS\REGLOCS.OLD [2006-06-08 10:58:25 \| 000,000,061 \| ---- \| C] () -- C:\WINDOWS\smscfg.ini [2006-06-08 10:10:06 \| 000,000,421 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2006-06-08 09:13:05 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\NDSTray.INI [2006-06-08 09:12:36 \| 000,204,800 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006-06-08 09:12:36 \| 000,200,704 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006-06-08 09:12:36 \| 000,192,512 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006-06-08 09:12:36 \| 000,192,512 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006-06-08 09:12:36 \| 000,188,416 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006-06-08 09:12:36 \| 000,020,480 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresize.dll [2006-06-08 09:09:14 \| 000,036,736 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys [2006-06-08 09:09:14 \| 000,029,184 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2006-06-08 08:48:31 \| 000,032,768 \| ---- \| C] () -- C:\WINDOWS\System32\EBLib.DLL [2006-06-08 08:43:47 \| 000,128,113 \| ---- \| C] () -- C:\WINDOWS\System32\csellang.ini [2006-06-08 08:43:47 \| 000,045,056 \| ---- \| C] () -- C:\WINDOWS\System32\csellang.dll [2006-06-08 08:43:47 \| 000,010,147 \| ---- \| C] () -- C:\WINDOWS\System32\tosmreg.ini [2006-06-08 08:43:47 \| 000,007,671 \| ---- \| C] () -- C:\WINDOWS\System32\cseltbl.ini [2006-06-08 08:33:06 \| 000,356,352 \| ---- \| C] () -- C:\WINDOWS\EMCRI.dll [2006-06-08 08:27:32 \| 000,135,168 \| ---- \| C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-06-07 16:52:59 \| 000,028,672 \| ---- \| C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2006-06-07 16:52:59 \| 000,000,083 \| ---- \| C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006-01-05 17:49:34 \| 000,036,864 \| ---- \| C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll [2006-01-05 16:36:22 \| 000,024,576 \| ---- \| C] () -- C:\WINDOWS\System32\EKECioCtl.dll [2006-01-04 09:59:52 \| 000,028,672 \| ---- \| C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2005-12-09 13:36:30 \| 000,028,672 \| ---- \| C] () -- C:\WINDOWS\System32\TPeculiarity.dll [2005-11-23 12:55:42 \| 000,024,576 \| ---- \| C] () -- C:\WINDOWS\System32\SPCtl.dll < End of report >

@Blade@

Pomógł: 8 razy

Wysłany: 2010-03-09, 09:00

Dobra, więcej nic nie widać. W OTL kliknij CleanUp
_________________

Beny8884

Wysłany: 2010-04-17, 23:25 Jak rozwiązac bład 0x0eedfade?

Mam przglądarke Internet Explore i wchdze na strone nasza-klasa i wyskakuje błąd 0x0eedfade pod adresem 0x7c812aeb. Ściągałem program HiJackThis jaki wpis mam usunąć? A to jest scan: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 00:24:38, on 2010-04-18 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE D:\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe D:\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Nero\Nero8\InCD\NBHGui.exe C:\Program Files\Nero\Nero8\InCD\InCD.exe C:\Program Files\AutoConnect\AutoConnect.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\GamersFirst\LIVE!\Live.exe D:\Mozilla Firefox\firefox.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing) O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [RemoteControl] D:\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\User\USTAWI~1\Temp\herss.exe O4 - HKCU\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macrom...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2959EFF0-97B8-45F7-B0B2-EB1B109AFEC8}: NameServer = 213.241.79.37 87.204.204.204 O17 - HKLM\System\CS1\Services\Tcpip\..\{2959EFF0-97B8-45F7-B0B2-EB1B109AFEC8}: NameServer = 213.241.79.37 87.204.204.204 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Usługa bramy warstwy aplikacji (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 8044 bytes

ExeQtoR

Moderator

Pomógł: 36 razy
Skąd: K.P.

Wysłany: 2010-04-18, 09:29

a czy inna przeglądarka też tak reaguje lub podobnie? czy tylko Nasza Klasa, czy inne strony/portale też?

co do loga, to specem nie jestem xD ale:
1. zaktualizuj IE do najnowszej wersji czyli 8 bo masz 7

Cytat:

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

2. usuwasz wpisy:

Cytat:

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing)

O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\User\USTAWI~1\Temp\herss.exe

C:\DOCUME~1\User\USTAWI~1\Temp\herss.exe
pogrubiony plik idzie do usunięcia a wpis do za FIXowania, aby go zobaczyć to musisz włączyć "pokaż pliku ukryte i systemowe"

reszty bym nie ruszał, ale dla pewności podaj loga z OTL i przeskanuj kompa GAMER'em ;-)

_________________
Moderatora grzecznie się słuchamy,
nie spamujemy, nie bluzgamy...

@Blade@

Pomógł: 8 razy

Wysłany: 2010-04-18, 12:35

Infekcja z pendrive, ale HijackThis jej w całości nie widzi, więc tak jak napisał poprzednik podaj logi z: OTL i GMER (przed uruchomieniem użyj Defoggera) Odinstaluj Ask Toolbar
_________________

Beny8884
Gość

Wysłany: 2010-04-18, 12:41

Usunołem plik HERSS.exe i cin nie dało

@Blade@

Pomógł: 8 razy

Wysłany: 2010-04-18, 12:57

Podaj logi, o które prosiłem.
_________________

Beny8884

Wysłany: 2010-04-18, 13:53

robiłem scan z OTL wyszedł ze brakuje plik C:\Documentc and Settings\User\Pulpit\Extras.Txt i scan został przerwany i pusty. co robic mozesz napisac na gg 6877210 z gory dziekuje.

@Blade@

Pomógł: 8 razy

Wysłany: 2010-04-18, 19:25

W takim razie podaj logi z RSIT
_________________

Forum komputerowe PC Town Strona Główna » Kompiradło » Bezpieczeństwo w sieci » Analiza logów » Bardzo proszę o analizę loga z Hijackthis - help

Możesz pisać nowe tematy
Możesz odpowiadać w tematach
Nie możesz zmieniać swoich postów
Nie możesz usuwać swoich postów
Nie możesz głosować w ankietach
Nie możesz załączać plików na tym forum
Możesz ściągać załączniki na tym forum

Dodaj temat do Ulubionych
Wersja do druku

system walidacji dla gości opracował Petermechanic Forum komputerowe

Strona wygenerowana w 0,48 sekundy. Zapytań do SQL: 10