Forum PC Town

Strona Główna     FAQFAQ  SzukajSzukaj  UżytkownicyUżytkownicy  GrupyGrupy


Forum komputerowe PC Town Strona Główna » Kompiradło » Bezpieczeństwo w sieci » Analiza logów » Prosze o sprawdzenie loga Poprzedni temat :: Następny temat
Prosze o sprawdzenie loga
Autor Wiadomość
vacand

Wysłany: 2010-08-17, 12:52   Prosze o sprawdzenie loga
Witam.
Bardzo proszę o sprawdzenie loga.Strasznie klatkują mi filmiki na wszystkich stronkach.
Mam wrażenie jakby coś mi strasznie obciążało system przy oglądaniu video.


Kod:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:56, on 17-08-2010
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Killer\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 4227 bytes
 
   
@Blade@ 

Pomógł: 8 razy
Wysłany: 2010-08-17, 15:08   
Podaj logi z OTL i GMER, bo HijackThis jest przestarzały.
_________________
 
   
vacand

Wysłany: 2010-08-17, 16:16   
OTL.Txt
Kod:

OTL logfile created on: 17-08-2010 16:36:58 - Run 1
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Documents and Settings\Killer\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yyyy
 
631,00 Mb Total Physical Memory | 219,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 21,78 Gb Total Space | 6,73 Gb Free Space | 30,91% Space Free | Partition Type: FAT32
Drive D: | 23,43 Gb Total Space | 6,18 Gb Free Space | 26,38% Space Free | Partition Type: FAT32
Drive E: | 29,28 Gb Total Space | 24,73 Gb Free Space | 84,48% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: 2000-F769ACE1DA
Current User Name: Killer
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010-08-17 16:24:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Killer\Pulpit\OTL.exe
PRC - [2010-08-02 16:43:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\java.exe
PRC - [2010-07-31 02:18:12 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-06-28 22:57:16 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009-10-28 14:44:08 | 011,539,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2009-10-28 13:43:06 | 000,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2007-10-10 06:29:14 | 001,250,816 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2007-06-13 14:23:50 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010-08-17 16:24:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Killer\Pulpit\OTL.exe
MOD - [2006-08-25 16:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-06-28 22:57:16 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:16 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:16 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Killer\Pulpit\SEMCtool V8.7.7\ntportio.sys -- (ntportio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\vbtenum.sys -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btnetdrv.sys -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - [2010-08-12 17:03:20 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:14 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:46 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:34 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-04-13 15:34:48 | 000,004,589 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\U3SHLPDR.SYS -- (U3SHLPDR)
DRV - [2010-04-13 15:34:38 | 000,004,518 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\U3SHLPDR200.SYS -- (U3SHLPDR200)
DRV - [2010-04-12 17:54:36 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010-03-13 12:22:10 | 000,027,648 | ---- | M] (NIST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\memwdm.sys -- (MemWdm)
DRV - [2010-03-13 12:22:10 | 000,015,360 | ---- | M] (NIST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vpscr.sys -- (MMVSC)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-12-18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009-07-16 17:13:14 | 000,033,920 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2009-05-28 10:52:16 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-04-06 08:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009-04-06 08:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009-03-20 08:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 08:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 08:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009-02-17 10:19:44 | 000,057,672 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009-02-17 10:17:40 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2008-12-18 10:13:18 | 000,025,680 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-06-18 11:13:02 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dk2drv.sys -- (dk2drv)
DRV - [2008-02-22 13:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008-02-22 13:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008-02-22 13:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2008-01-23 17:34:48 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\parldr2k.sys -- (PARLDR2K)
DRV - [2008-01-23 17:34:16 | 000,034,080 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsvcom.sys -- (FLSVCOM)
DRV - [2008-01-23 17:34:16 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsiface.sys -- (FLSIFACE)
DRV - [2008-01-21 16:17:30 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2007-11-08 10:29:52 | 000,458,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007-11-02 15:22:38 | 000,105,896 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s217unic.sys -- (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM)
DRV - [2007-11-02 15:22:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s217mgmt.sys -- (s217mgmt) Sony Ericsson Device 217 USB WMC Device Management Drivers (WDM)
DRV - [2007-11-02 15:22:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s217obex.sys -- (s217obex)
DRV - [2007-11-02 15:22:38 | 000,024,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s217nd5.sys -- (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS)
DRV - [2007-11-02 15:22:36 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s217mdm.sys -- (s217mdm)
DRV - [2007-11-02 15:22:36 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s217bus.sys -- (s217bus) Sony Ericsson Device 217 driver (WDM)
DRV - [2007-11-02 15:22:36 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s217mdfl.sys -- (s217mdfl)
DRV - [2007-11-02 12:47:38 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdm.sys -- (s916mdm)
DRV - [2007-11-02 12:47:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mgmt.sys -- (s916mgmt) Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM)
DRV - [2007-11-02 12:47:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916obex.sys -- (s916obex)
DRV - [2007-11-02 12:47:38 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM)
DRV - [2007-11-02 12:47:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdfl.sys -- (s916mdfl)
DRV - [2007-06-18 15:19:50 | 000,017,920 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2007-06-18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007-05-02 16:32:34 | 000,135,680 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsa.sys -- (nmwcdsa)
DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacm.sys -- (nmwcdsacm)
DRV - [2007-05-02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsacj.sys -- (nmwcdsacj)
DRV - [2007-05-02 16:31:54 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdsac.sys -- (nmwcdsac)
DRV - [2007-05-02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007-05-02 09:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2007-05-02 09:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2007-05-02 09:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2007-04-27 09:20:44 | 000,275,968 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2007-04-24 10:33:46 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)
DRV - [2007-04-24 10:33:46 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125obex.sys -- (s125obex)
DRV - [2007-04-24 10:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007-04-24 10:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007-04-24 10:33:34 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV - [2007-04-03 12:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007-04-03 12:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007-04-03 12:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007-04-03 12:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116  USB WMC Device Management Drivers (WDM)
DRV - [2007-04-03 12:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007-04-03 12:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007-04-03 12:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2007-01-22 19:33:00 | 000,007,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2006-07-17 09:53:20 | 000,030,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb2vcom.sys -- (usb2vcom)
DRV - [2006-05-18 09:48:50 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ufs2xx.sys -- (UFS2XX)
DRV - [2006-04-14 06:55:22 | 000,017,280 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vsb.sys -- (vsbus)
DRV - [2006-04-10 12:09:04 | 000,044,416 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vserial.sys -- (vserial)
DRV - [2005-09-07 21:11:54 | 000,031,452 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtbox.sys -- (MtbUsb)
DRV - [2005-07-25 10:04:08 | 000,048,640 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2005-03-22 03:03:04 | 000,032,910 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120)
DRV - [2005-03-01 11:43:20 | 000,013,312 | ---- | M] (axalto) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\egate.sys -- (Egatecard)
DRV - [2005-03-01 11:43:20 | 000,011,264 | ---- | M] (axalto) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\egatebus.sys -- (Egatebus)
DRV - [2005-03-01 11:43:20 | 000,010,752 | ---- | M] (axalto) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\egaterdr.sys -- (Egaterdr)
DRV - [2005-01-28 11:25:02 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsser.sys -- (FLSSER)
DRV - [2005-01-28 11:12:24 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flspar.sys -- (FLSPAR)
DRV - [2004-12-15 14:22:36 | 000,051,798 | ---- | M] (Data Encryption Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FLSUSB.SYS -- (FLSUSB) NMP FLS USB Driver (flsusb.sys)
DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-07-27 14:37:28 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fle5wnnt.sys -- (FLE5WNNT)
DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003-10-29 11:56:04 | 000,012,800 | ---- | M] (OEM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smccard.sys -- (R5BaseSmc)
DRV - [2003-10-29 11:56:02 | 000,021,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eps2kt1.sys -- (token)
DRV - [2003-10-28 21:57:58 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2001-10-10 09:44:02 | 000,018,487 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vch.sys -- ({A7E39B01-B403-11d4-BD18-00D0B7A1821E})
DRV - [2001-09-03 02:13:42 | 000,806,342 | R--- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)
DRV - [2001-08-17 20:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Usługa instalacyjna sterownika audio Intel(r) 82801 (WDM)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1214440339-484763869-1060284298-1004\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL File not found
IE - HKU\S-1-5-21-1214440339-484763869-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1214440339-484763869-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
O1 HOSTS File: ([2010-08-02 14:10:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Killer\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKU\S-1-5-21-1214440339-484763869-1060284298-1004\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1214440339-484763869-1060284298-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1214440339-484763869-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1214440339-484763869-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1214440339-484763869-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.10.1 10.0.2.254 10.1.2.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003-10-28 14:02:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010-08-17 16:24:33 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Killer\Pulpit\OTL.exe
[2010-08-16 17:57:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Killer\Recent
[2010-08-16 14:21:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-08-16 12:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010-08-16 12:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010-08-16 10:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu
[2010-08-14 10:17:52 | 000,000,000 | -HSD | C] -- C:\FOUND.003
[2010-08-13 10:52:43 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2010-08-13 10:52:43 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010-08-13 10:52:20 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010-08-13 10:52:20 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010-08-13 10:52:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010-08-13 10:52:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2010-08-13 10:52:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010-08-13 10:52:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010-08-13 10:52:19 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010-08-13 10:52:19 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010-08-13 10:52:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010-08-13 10:52:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010-08-13 10:35:50 | 000,048,128 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\Remove.exe
[2010-08-13 10:35:49 | 000,458,752 | ---- | C] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\drivers\PAC7302.SYS
[2010-08-13 10:35:49 | 000,006,656 | ---- | C] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\CoInst_071029.dll
[2010-08-13 10:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\ANC
[2010-08-13 10:35:45 | 000,129,024 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\SP7302.AX
[2010-08-13 10:35:45 | 000,014,336 | ---- | C] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\P7302USD.dll
[2010-08-13 10:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\PixArt
[2010-08-13 10:35:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PAC7302
[2010-08-06 17:45:25 | 000,593,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2010-08-06 15:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Killer\Pulpit\Foto iPhone
[2010-08-05 10:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-08-02 17:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010-08-02 17:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010-08-02 16:49:21 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010-08-02 16:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010-08-02 16:44:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Killer\SystemRequirementsLab
[2010-08-02 16:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-08-02 16:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-08-02 16:43:43 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-08-02 16:43:43 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-08-02 16:43:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-08-02 16:43:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-08-02 16:43:43 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-08-02 16:43:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-08-02 16:13:42 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010-08-02 16:12:17 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-08-02 16:12:16 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-08-02 16:12:16 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-08-02 16:12:15 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-08-02 16:12:13 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-08-02 16:12:13 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-08-02 16:12:13 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-08-02 16:11:58 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-08-02 16:11:57 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-08-02 16:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-08-02 16:11:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-08-02 14:17:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Killer\DoctorWeb
[2010-08-02 14:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010-08-02 13:02:07 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-08-02 12:35:22 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-08-02 12:35:22 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-08-02 12:35:22 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-08-02 12:35:22 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-08-02 12:35:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-08-02 12:34:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[32 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010-08-17 16:25:24 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Killer\Pulpit\gmer.zip
[2010-08-17 16:24:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Killer\Pulpit\OTL.exe
[2010-08-17 13:49:54 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Killer\Pulpit\HiJackThis.lnk
[2010-08-17 11:51:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-484763869-1060284298-1004Core.job
[2010-08-17 10:28:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-17 10:28:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-16 17:57:40 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Killer\NTUSER.DAT
[2010-08-16 17:57:40 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Killer\ntuser.ini
[2010-08-16 16:38:48 | 000,017,655 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-08-16 16:02:44 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Fakturka.ini
[2010-08-16 14:19:16 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Killer\Pulpit\HiJackThis.msi
[2010-08-16 14:08:10 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-08-16 14:08:10 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-08-16 13:53:42 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-16 13:49:24 | 005,855,206 | -H-- | M] () -- C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-16 12:52:30 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-08-12 17:03:20 | 000,042,112 | ---- | M] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys
[2010-08-11 15:46:54 | 000,002,215 | ---- | M] () -- C:\Documents and Settings\Killer\Pulpit\Google Chrome.lnk
[2010-08-05 13:21:36 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NsPro.lnk
[2010-08-02 17:43:00 | 000,138,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-02 17:33:08 | 001,137,904 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-02 17:33:08 | 000,524,028 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-02 17:33:08 | 000,463,070 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-02 17:33:08 | 000,100,456 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-02 17:33:08 | 000,079,772 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-02 17:29:10 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-08-02 16:43:28 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-08-02 16:43:28 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-08-02 16:43:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-08-02 16:43:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-08-02 16:43:28 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-08-02 16:12:16 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-08-02 14:09:46 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[32 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010-08-17 16:25:22 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Killer\Pulpit\gmer.zip
[2010-08-16 14:21:32 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Killer\Pulpit\HiJackThis.lnk
[2010-08-16 14:19:13 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Killer\Pulpit\HiJackThis.msi
[2010-08-16 12:52:29 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-08-13 10:35:50 | 000,000,323 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2010-08-13 10:35:45 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.INI
[2010-08-05 13:21:34 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NsPro.lnk
[2010-08-02 14:09:44 | 000,002,422 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010-08-02 13:02:11 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010-08-02 13:02:08 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-08-02 12:35:23 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-08-02 12:35:22 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-08-02 12:35:22 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-08-02 12:35:22 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-08-02 12:35:22 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-08-02 11:50:44 | 000,002,215 | ---- | C] () -- C:\Documents and Settings\Killer\Pulpit\Google Chrome.lnk
[2010-08-02 11:46:26 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-484763869-1060284298-1004Core.job
[2010-04-13 15:34:46 | 000,004,589 | ---- | C] () -- C:\WINDOWS\System32\drivers\U3SHLPDR.SYS
[2010-04-13 15:34:37 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\drivers\U3SHLPDR200.SYS
[2009-07-16 17:13:13 | 000,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2009-05-28 11:09:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2009-05-28 10:41:04 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-04-16 14:28:10 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009-04-15 16:02:50 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Killer\Dane aplikacji\PnkBstrK.sys
[2009-03-06 12:54:53 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009-03-06 12:54:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009-03-06 12:54:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009-03-06 12:54:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009-03-06 12:54:21 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009-03-06 12:54:19 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-03-06 12:54:12 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-02-02 16:30:38 | 000,000,178 | ---- | C] () -- C:\WINDOWS\ef12.ini
[2008-07-25 15:29:25 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2008-07-18 10:53:37 | 000,000,234 | ---- | C] () -- C:\WINDOWS\Fakturka.ini
[2008-06-18 11:12:59 | 002,325,304 | ---- | C] () -- C:\WINDOWS\System32\DK2INST.DLL
[2008-03-13 15:27:00 | 000,000,089 | ---- | C] () -- C:\WINDOWS\flash.ini
[2008-02-18 12:45:17 | 000,000,019 | ---- | C] () -- C:\WINDOWS\SoundConverter.INI
[2008-02-15 16:25:41 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-01-23 17:34:15 | 000,000,088 | ---- | C] () -- C:\WINDOWS\FLS1.INI
[2008-01-23 17:12:13 | 001,851,392 | ---- | C] () -- C:\WINDOWS\System32\flsinst.dll
[2008-01-23 17:12:13 | 000,004,263 | ---- | C] () -- C:\WINDOWS\System32\flsinst.ini
[2006-06-01 11:52:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\RssN.dll
[2005-05-12 19:10:02 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\epxusb.dll
[2005-03-01 11:43:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\slbmgpg.dll
[2005-01-05 17:29:46 | 000,030,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2004-07-20 14:04:34 | 000,000,096 | ---- | C] () -- C:\WINDOWS\System32\fcun2k.ini
[2004-05-24 18:22:28 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\dsmartcsp.dll
[2004-05-01 21:11:38 | 000,054,272 | -HS- | C] () -- C:\WINDOWS\old_mod_lib.dll
[2003-12-13 17:10:06 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003-11-21 15:16:18 | 000,041,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\Oreans.sys
[2003-11-21 15:14:05 | 000,000,651 | ---- | C] () -- C:\WINDOWS\ToolBox5NewMMI.INI
[2003-11-21 15:08:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\System32\svkp2.dll
[2003-11-21 15:08:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\System32\ispn2.dll
[2003-10-29 14:07:45 | 000,000,086 | ---- | C] () -- C:\WINDOWS\System32\ufs2xxun.ini
[2003-10-29 11:56:02 | 000,021,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\eps2kt1.sys
[2003-10-29 11:56:02 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\R5CoInst.dll
[2003-10-29 11:30:59 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2003-10-28 21:10:50 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2003-10-28 21:10:49 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll
[2003-10-28 14:36:24 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Killer\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2003-10-28 14:06:23 | 000,001,112 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003-10-17 23:42:54 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\tn30CSTK.dll
[2003-07-08 17:00:00 | 000,065,536 | -HS- | C] () -- C:\WINDOWS\Dic32.dll
[2002-03-21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2002-01-14 14:37:00 | 000,459,776 | ---- | C] () -- C:\WINDOWS\System32\converter.dll
[2002-01-09 19:52:04 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\YS6016Pdll.dll
[2001-03-30 20:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2008-08-06 14:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2008-08-06 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-09-09 11:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2009-04-10 13:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth
[2009-05-14 16:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-10-23 12:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-02-23 14:04:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-02-25 10:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-27 12:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010-05-13 15:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010-08-02 16:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2003-10-28 21:43:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\Gadu-Gadu
[2008-07-10 15:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\PC Suite
[2008-07-10 15:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\Nokia
[2008-07-10 15:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\DataLayer
[2009-01-28 16:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\ICAClient
[2009-02-02 18:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\Programer
[2009-02-12 12:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\Nowe Gadu-Gadu
[2009-04-15 16:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\id Software
[2009-05-07 11:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\OpenFM
[2009-05-28 11:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\Samsung
[2009-08-18 13:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\ACD Systems
[2009-10-23 12:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\ipla
[2009-12-11 16:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\Gadu-Gadu 10
[2010-04-07 11:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\GetRightToGo
[2010-05-21 12:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Killer\Dane aplikacji\Pixmantec
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
< End of report >


[ Dodano: 2010-08-17, 17:22 ]
Pewnie lamerskie pytanie ale jak mam wrzucic reszte logow skoro pokazuje mi sie komunikat ze moja wiadomosc jest za dluga a w zalaczniku nie mzna dawac plikow txt.?
 
   
@Blade@ 

Pomógł: 8 razy
Wysłany: 2010-08-17, 16:39   
Cytat:
Pewnie lamerskie pytanie ale jak mam wrzucic reszte logow skoro pokazuje mi sie komunikat ze moja wiadomosc jest za dluga a w zalaczniku nie mzna dawac plikow txt.?

Wrzuć je na http://wklej.eu/, a w poście podaj tylko link.

W tym logu nic szkodliwego nie widać, więc czekam na resztę.
_________________
 
   
vacand
Gość
Wysłany: 2010-08-18, 10:06   
Extras.Txt http://wklej.eu/index.php?id=d12ce3e9d5,
Gmer.Txt http://wklej.eu/index.php?id=fb45266f36,
 
   
vacand

Wysłany: 2010-08-18, 10:38   
To mi jeszcze dzisiaj avast wykryl:
http://a.imageshack.us/img37/7087/avastz.jpg,
 
   
@Blade@ 

Pomógł: 8 razy
Wysłany: 2010-08-18, 15:05   
A jednak mamy tutaj jeszcze Confickera.

Z podłączonymi pamięciami przenośnymi użyj UsbFix z opcji Deletion i podaj utworzony log.

Następnie użyj ComboFix i daj log z niego.
_________________
 
   
vacand

Wysłany: 2010-08-18, 15:47   
UsbFix
Kod:


############################## | UsbFix 7.020 | [Deletion]

User: Killer (Administrator) # 2000-F769ACE1DA [ ]
Updated 12/08/10 by El Desaparecido / C_XX
Started at 16:37:01 | 18/08/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Celeron(TM) CPU 1133MHz
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Dodatek Service Pack 2
Internet Explorer 6.0.2900.2180

Windows Firewall: Enabled
Antivirus: avast! Antivirus 5.0.83886674 [(!) Disabled | Updated]
RAM -> 631 Mb
C:\ (%systemdrive%) -> Fixed drive # 22 Gb (6 Mb free - 29%) [] # FAT32
D:\ -> Fixed drive # 23 Gb (6 Mb free - 26%) [] # FAT32
E:\ -> Fixed drive # 29 Gb (25 Mb free - 84%) [] # FAT32
F:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (2 Mb free - 54%) [] # FAT32

################## | Files # Infected Folders |

Deleted ! E:\1j038ki.exe
Deleted ! E:\eyruu.exe
Deleted ! E:\i8gcgmg.exe
Deleted ! E:\mk28sp.exe
Deleted ! E:\p9rs.exe
Deleted ! E:\r3x0k.exe
Deleted ! E:\rxf.exe
Deleted ! E:\wa.exe

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Listing |

[18/08/2010 - 10:44:50 | ASH | 993140736]     C:\pagefile.sys
[28/10/2003 - 12:35:38 | D ]     C:\WINDOWS
[14/08/2010 - 10:17:52 | SHD ]     C:\FOUND.003
[04/08/2004 - 12:00:00 | RASH | 4952]     C:\Bootfont.bin
[04/08/2004 - 12:00:00 | RASH | 250624]     C:\ntldr
[04/08/2004 - 12:00:00 | RASH | 47564]     C:\NTDETECT.COM
[16/08/2010 - 14:08:10 | RASH | 281]     C:\boot.ini
[28/10/2003 - 12:44:40 | D ]     C:\Documents and Settings
[28/10/2003 - 14:00:32 | D ]     C:\Program Files
[28/10/2003 - 14:02:06 | A | 0]     C:\CONFIG.SYS
[28/10/2003 - 14:02:06 | A | 0]     C:\AUTOEXEC.BAT
[28/10/2003 - 14:02:06 | RASH | 0]     C:\IO.SYS
[28/10/2003 - 14:02:06 | RASH | 0]     C:\MSDOS.SYS
[02/08/2010 - 14:13:30 | A | 15094]     C:\ComboFix.txt
[19/04/2010 - 11:56:34 | D ]     C:\FOUND.000
[11/08/2009 - 10:44:58 | D ]     C:\Config.Msi
[26/02/2009 - 16:58:10 | D ]     C:\TGSoft
[25/05/2010 - 15:59:14 | D ]     C:\mobileEx
[02/08/2010 - 16:13:44 | SHD ]     C:\Recycled
[27/05/2010 - 11:50:42 | A | 380]     C:\DownloadHistory.txt
[18/08/2010 - 16:36:42 | D ]     C:\UsbFix
[18/08/2010 - 16:37:02 | A | 1096]     C:\UsbFix.txt
[17/06/2010 - 16:30:10 | A | 0]     C:\SENTINEL.LOG
[28/10/2003 - 14:06:26 | D ]     C:\AddOn
[02/08/2010 - 13:02:08 | RASHD ]     C:\cmdcons
[03/08/2004 - 23:00:14 | A | 262400]     C:\cmldr
[28/10/2003 - 14:33:08 | SHD ]     C:\System Volume Information
[13/05/2010 - 12:06:06 | D ]     C:\FOUND.001
[25/05/2010 - 15:47:54 | D ]     C:\FOUND.002
[02/08/2010 - 13:08:38 | AD ]     C:\Qoobox
[28/10/2003 - 13:51:16 | A | 211]     C:\Boot.bak
[16/11/2003 - 14:32:40 | D ]     C:\WinTesla
[23/11/2003 - 11:54:30 | D ]     C:\tmp
[19/12/2009 - 11:32:36 | D ]     D:\FOUND.000
[21/11/2008 - 12:43:32 | D ]     D:\Program Files
[31/03/2010 - 22:15:34 | A | 336301679]     D:\RM-244_EMEA_410.34.001_v5.0_E51.exe
[07/07/2008 - 13:11:40 | D ]     D:\100MSDCF
[03/02/2009 - 11:42:56 | D ]     D:\fakturka
[07/07/2008 - 13:11:46 | D ]     D:\TomTom 6
[02/11/2003 - 17:34:06 | A | 20433]     D:\ANTIWPA.rar
[07/07/2010 - 16:24:16 | D ]     D:\KD
[07/07/2010 - 16:24:54 | D ]     D:\Scenes
[28/10/2003 - 14:34:48 | SHD ]     D:\System Volume Information
[07/07/2008 - 13:19:10 | A | 82229995]     D:\RH-70_dp_v_28_00_MCUSW6_40.rar
[28/10/2003 - 14:43:52 | SHD ]     D:\Recycled
[15/07/2010 - 13:47:20 | A | 392204916]     D:\krzychu.zip
[07/07/2008 - 16:42:44 | D ]     D:\pobrania
[10/02/2010 - 13:50:34 | D ]     D:\AM
[15/07/2010 - 13:14:46 | D ]     D:\krzychu
[19/12/2009 - 11:33:04 | D ]     E:\FOUND.000
[26/02/2009 - 17:15:52 | D ]     E:\fakturka
[12/08/2003 - 18:33:06 | SHD ]     E:\System Volume Information
[12/08/2003 - 20:20:40 | SHD ]     E:\Recycled
[26/08/2003 - 15:25:30 | D ]     E:\stary e
[25/07/2010 - 15:43:14 | A | 305122343]     G:\iPhone2,1_3.1.3_7E18_Restore.ipsw
[25/07/2010 - 18:52:46 | A | 396281280]     G:\iPhone2,1_4.0_8A293_Restore.ipsw
[25/07/2010 - 17:13:30 | A | 77690152]     G:\iTunesSetup2stary.exe
[25/07/2010 - 22:59:48 | A | 93107496]     G:\iTunesSetup9.exe
[25/07/2010 - 13:52:14 | A | 96962344]     G:\iTunesSetup.exe
[30/07/2010 - 23:47:00 | A | 2654504]     G:\sp27732.exe
[31/07/2010 - 01:40:34 | A | 2901576]     G:\sp28533.exe
[31/07/2010 - 14:24:02 | D ]     G:\Instalki
[31/07/2010 - 03:11:24 | A | 5604752]     G:\sp29294.exe
[20/02/2010 - 20:19:50 | A | 47667289]     G:\nero7lite_full_key.rar
[31/07/2010 - 18:13:32 | A | 68049156]     G:\sp42209.exe
[31/07/2010 - 18:09:22 | A | 322713128]     G:\windowsxp-kb936929-sp3-x86-plk_7cbe718131e9c71b322f1149e86bedba351ba11c.exe
[31/07/2010 - 20:20:38 | A | 272993000]     G:\WindowsXP-KB835935-SP2-PLK.exe
[31/07/2010 - 18:57:32 | A | 1589448]     G:\sp23859.exe
[31/07/2010 - 18:38:48 | A | 13824]     G:\RemoveWGA.exe

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_2000-F769ACE1DA.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |


[ Dodano: 2010-08-18, 17:11 ]
ComboFix
Kod:


ComboFix 10-08-17.03 - Killer 18-08-2010  16:58:18.2.1 - FAT32x86
Microsoft Windows XP Home Edition  5.1.2600.2.1250.48.1045.18.631.286 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Killer\Moje dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
 * Utworzono nowy punkt przywracania
.

(((((((((((((((((((((((((   Pliki utworzone od 2010-07-18 do 2010-08-18  )))))))))))))))))))))))))))))))
.

2010-08-18 14:41 . 2010-08-18 14:41    842711    ----a-w-    C:\UsbFix_Upload_Me_2000-F769ACE1DA.zip
2010-08-18 14:36 . 2010-08-18 14:36    --------    d-----w-    C:\UsbFix
2010-08-18 08:46 . 2010-08-18 08:46    --------    d-----w-    c:\windows\LastGood
2010-08-18 08:46 . 2010-08-18 08:46    --------    d-----w-    c:\program files\Feitian
2010-08-16 12:21 . 2010-08-16 12:21    388096    ----a-r-    c:\documents and settings\Killer\Dane aplikacji\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-16 12:21 . 2010-08-16 12:21    --------    d-----w-    c:\program files\Trend Micro
2010-08-16 10:53 . 2010-08-16 10:53    --------    d-----w-    c:\program files\QuickTime
2010-08-16 10:52 . 2010-08-16 10:52    --------    d-----w-    c:\program files\Apple Software Update
2010-08-16 08:56 . 2010-08-16 08:56    --------    d-----w-    c:\program files\Nowe Gadu-Gadu
2010-08-14 08:17 . 2010-08-14 08:17    --------    d-----w-    C:\FOUND.003
2010-08-13 08:52 . 2004-08-03 21:07    59264    ----a-w-    c:\windows\system32\drivers\USBAUDIO.sys
2010-08-13 08:52 . 2004-08-03 21:07    59264    ----a-w-    c:\windows\system32\dllcache\usbaudio.sys
2010-08-13 08:52 . 2004-08-03 22:44    54784    ----a-w-    c:\windows\system32\vfwwdm32.dll
2010-08-13 08:52 . 2004-08-03 22:44    54784    ----a-w-    c:\windows\system32\dllcache\vfwwdm32.dll
2010-08-13 08:35 . 2007-10-04 15:42    48128    ----a-w-    c:\windows\system32\Remove.exe
2010-08-13 08:35 . 2007-11-08 08:29    458752    ----a-w-    c:\windows\system32\drivers\PAC7302.SYS
2010-08-13 08:35 . 2007-11-02 09:07    6656    ----a-w-    c:\windows\system32\CoInst_071029.dll
2010-08-13 08:35 . 2010-08-13 08:35    --------    d-----w-    c:\program files\ANC
2010-08-13 08:35 . 2006-10-12 09:57    14336    ----a-w-    c:\windows\system32\P7302USD.dll
2010-08-13 08:35 . 2010-08-13 08:35    --------    d-----w-    c:\windows\PixArt
2010-08-13 08:35 . 2010-08-13 08:35    --------    d-----w-    c:\program files\Common Files\PAC7302
2010-08-09 10:29 . 2010-08-09 10:29    503808    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-44509afc-n\msvcp71.dll
2010-08-09 10:29 . 2010-08-09 10:29    499712    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-44509afc-n\jmc.dll
2010-08-09 10:29 . 2010-08-09 10:29    348160    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-44509afc-n\msvcr71.dll
2010-08-09 10:29 . 2010-08-09 10:29    12800    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5d5fe1d6-n\decora-d3d.dll
2010-08-09 10:29 . 2010-08-09 10:29    61440    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5d5fe1d6-n\decora-sse.dll
2010-08-06 15:45 . 2001-10-09 22:13    593920    ----a-w-    c:\windows\system32\igfxres.dll
2010-08-05 08:45 . 2010-08-05 08:45    --------    d-----w-    c:\program files\Bonjour
2010-08-02 15:28 . 2010-08-02 15:28    --------    d-----w-    c:\program files\MSXML 6.0
2010-08-02 15:04 . 2010-08-02 15:04    --------    d-----w-    c:\program files\MSXML 4.0
2010-08-02 14:49 . 2010-02-12 10:03    293376    ------w-    c:\windows\system32\browserchoice.exe
2010-08-02 14:44 . 2010-08-02 14:44    --------    d-----w-    c:\program files\SystemRequirementsLab
2010-08-02 14:44 . 2010-08-02 14:44    --------    d-----w-    c:\documents and settings\Killer\SystemRequirementsLab
2010-08-02 14:44 . 2010-08-02 14:44    503808    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4cd8871d-n\msvcp71.dll
2010-08-02 14:44 . 2010-08-02 14:44    499712    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4cd8871d-n\jmc.dll
2010-08-02 14:44 . 2010-08-02 14:44    348160    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4cd8871d-n\msvcr71.dll
2010-08-02 14:44 . 2010-08-02 14:44    61440    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7584e976-n\decora-sse.dll
2010-08-02 14:44 . 2010-08-02 14:44    12800    ----a-w-    c:\documents and settings\Killer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7584e976-n\decora-d3d.dll
2010-08-02 14:44 . 2010-08-02 14:44    --------    d-----w-    c:\program files\Common Files\Java
2010-08-02 14:43 . 2010-08-02 14:43    423656    ----a-w-    c:\windows\system32\deployJava1.dll
2010-08-02 14:43 . 2010-08-02 14:43    --------    d-----w-    c:\program files\Java
2010-08-02 14:12 . 2010-06-28 20:32    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-08-02 14:12 . 2010-06-28 20:37    165456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2010-08-02 14:12 . 2010-06-28 20:33    23376    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2010-08-02 14:12 . 2010-06-28 20:37    46672    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2010-08-02 14:12 . 2010-06-28 20:32    100176    ----a-w-    c:\windows\system32\drivers\aswmon2.sys
2010-08-02 14:12 . 2010-06-28 20:32    94544    ----a-w-    c:\windows\system32\drivers\aswmon.sys
2010-08-02 14:12 . 2010-06-28 20:32    28880    ----a-w-    c:\windows\system32\drivers\aavmker4.sys
2010-08-02 14:11 . 2010-06-28 20:57    38848    ----a-w-    c:\windows\avastSS.scr
2010-08-02 14:11 . 2010-06-28 20:57    165032    ----a-w-    c:\windows\system32\aswBoot.exe
2010-08-02 14:11 . 2010-08-02 14:11    --------    d-----w-    c:\program files\Alwil Software
2010-08-02 14:11 . 2010-08-02 14:11    --------    d-----w-    c:\documents and settings\All Users\Dane aplikacji\Alwil Software
2010-08-02 12:17 . 2010-08-02 12:17    --------    d-----w-    c:\documents and settings\Killer\DoctorWeb
2010-07-21 23:23 . 2010-07-21 23:23    397312    ----a-w-    c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.3.dll

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-18 08:46 . 2003-10-29 09:56    4608    ----a-w-    c:\windows\system32\R5CoInst.dll
2010-08-18 08:46 . 2003-10-29 09:56    21888    ----a-w-    c:\windows\system32\drivers\eps2kt1.sys
2010-08-18 08:46 . 2003-10-29 09:56    12800    ----a-w-    c:\windows\system32\drivers\smccard.sys
2010-08-12 15:03 . 2010-02-15 14:05    42112    ----a-w-    c:\windows\system32\drivers\motodrv.sys
2010-08-02 15:33 . 2004-08-04 10:00    524028    ----a-w-    c:\windows\system32\perfh015.dat
2010-08-02 15:33 . 2004-08-04 10:00    100456    ----a-w-    c:\windows\system32\perfc015.dat
2010-06-16 10:00 . 2010-06-16 09:59    3351812    ----a-w-    c:\documents and settings\All Users\Dane aplikacji\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\msxml6Exec.exe
2010-06-16 09:59 . 2010-06-16 09:59    36864    ----a-w-    c:\documents and settings\All Users\Dane aplikacji\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\Sleep.exe
2010-06-16 09:59 . 2010-06-16 09:59    3203453    ----a-w-    c:\documents and settings\All Users\Dane aplikacji\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\vcredistExec.exe
2010-06-16 09:59 . 2010-06-16 10:00    35798496    ----a-w-    c:\documents and settings\All Users\Dane aplikacji\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NokiaSoftwareUpdaterSetup_2.5.2PL.exe
2010-06-14 14:30 . 2003-10-28 11:58    743936    ----a-w-    c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
2003-07-08 15:00 . 2003-07-08 15:00    65536    --sh--w-    c:\windows\Dic32.dll
2004-05-01 19:11 . 2004-05-01 19:11    54272    --sh--w-    c:\windows\old_mod_lib.dll
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^TSS Instrument API Tray Utility.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\TSS Instrument API Tray Utility.lnk
backup=c:\windows\pss\TSS Instrument API Tray Utility.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16    39792    ----a-w-    d:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
2008-11-24 18:44    869888    ----a-w-    c:\program files\ALLPlayer\ALLUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-03 22:44    110592    ------w-    c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLSDeviceControlPanel]
2008-01-23 15:34    91696    ----a-w-    c:\windows\system32\FLSDEVCP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-02 09:46    136176    ----a-w-    c:\documents and settings\Killer\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2001-10-09 22:04    98304    ------w-    c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2001-10-09 22:12    151552    ----a-w-    c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTSMMSG]
2001-09-03 00:13    45056    ----a-r-    c:\windows\LTSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]
2006-11-03 09:01    319488    ----a-w-    c:\windows\PixArt\PAC7302\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18    413696    ----a-w-    c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44    248552    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Tss\\Instrument API\\bin\\root.exe"=
"c:\\Program Files\\Nokia\\Phoenix\\phoenix.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\Mozilla Firefox\\r1q2_multi_2\\r1q2.exe"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2103:TCP"= 2103:TCP:uvwvypg

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [02-08-2010 16:12 165456]
R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [18-06-2008 11:13 49720]
R1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [07-07-2010 16:24 25680]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [16-07-2009 17:13 33920]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [02-08-2010 16:12 17744]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [23-01-2008 17:12 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [23-01-2008 17:12 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [23-01-2008 17:12 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [23-01-2008 17:12 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [23-01-2008 17:12 34080]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [23-01-2008 17:34 10454]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [28-10-2003 21:57 2368]
R2 U3SHLPDR200;U3SHLPDR200;c:\windows\system32\drivers\U3SHLPDR200.SYS [13-04-2010 15:34 4518]
R3 {A7E39B01-B403-11d4-BD18-00D0B7A1821E};AIM 3.0 Part 01 Codec Driver VCH-A;c:\windows\system32\drivers\vch.sys [28-10-2003 21:10 18487]
R3 Egatebus;Egatebus;c:\windows\system32\drivers\egatebus.sys [01-03-2005 11:43 11264]
R3 Egaterdr;Egaterdr;c:\windows\system32\drivers\egaterdr.sys [01-03-2005 11:43 10752]
R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [28-10-2003 21:09 806342]
R3 MemWdm;MemWdm;c:\windows\system32\drivers\memwdm.sys [09-07-2009 15:08 27648]
R3 MMVSC;Virtual Smart Card Reader;c:\windows\system32\drivers\vpscr.sys [09-07-2009 15:08 15360]
R3 R5BaseSmc;USB Token Holder Service;c:\windows\system32\drivers\smccard.sys [29-10-2003 11:56 12800]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [12-04-2010 17:54 27632]
R3 UFS2XX;UFS2XX.SYS UFS2 device driver;c:\windows\system32\drivers\ufs2xx.sys [29-10-2003 14:07 47249]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18-12-2009 10:58 11336]
S3 Egatecard;Egatecard;c:\windows\system32\drivers\egate.sys [01-03-2005 11:43 13312]
S3 FLSUSB;NMP FLS USB Driver (flsusb.sys);c:\windows\system32\drivers\FLSUSB.SYS [23-01-2008 17:12 51798]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [06-04-2009 08:13 13224]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [15-02-2010 16:05 17920]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [15-02-2010 16:05 7680]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [15-02-2010 16:05 42112]
S3 MtbUsb;Universal Flashing Interface;c:\windows\system32\drivers\mtbox.sys [09-01-2004 13:54 31452]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [16-06-2010 12:03 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [16-06-2010 12:03 8320]
S3 nmwcdsa;Samsung USB Phone Parent;c:\windows\system32\drivers\nmwcdsa.sys [09-03-2010 16:03 135680]
S3 nmwcdsac;Samsung USB Generic;c:\windows\system32\drivers\nmwcdsac.sys [09-03-2010 16:03 8320]
S3 nmwcdsacj;Samsung USB Port;c:\windows\system32\drivers\nmwcdsacj.sys [09-03-2010 16:03 12288]
S3 nmwcdsacm;Samsung USB Modem;c:\windows\system32\drivers\nmwcdsacm.sys [09-03-2010 16:03 12288]
S3 ntportio;ntportio;\??\c:\documents and settings\Killer\Pulpit\SEMCtool V8.7.7\ntportio.sys --> c:\documents and settings\Killer\Pulpit\SEMCtool V8.7.7\ntportio.sys [?]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbser.sys [17-04-2009 23:52 275968]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [02-11-2007 12:47 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [02-11-2007 12:47 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [02-11-2007 12:47 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [02-11-2007 12:47 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [02-11-2007 12:47 100008]
S3 SER120;OTI Serial port driver;c:\windows\system32\drivers\ser120.sys [03-03-2010 17:13 32910]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [26-09-2009 03:38 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [26-09-2009 03:38 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [26-09-2009 03:38 121856]
S3 token;USB Token Service;c:\windows\system32\drivers\eps2kt1.sys [29-10-2003 11:56 21888]
S3 usb2vcom;USB to Serial Bridge Controller;c:\windows\system32\drivers\usb2vcom.sys [05-01-2005 17:29 30368]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
tkycubc
.
Zawartość folderu 'Zaplanowane zadania'

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-484763869-1060284298-1004Core.job
- c:\documents and settings\Killer\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-08-02 09:46]

2010-08-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Skan uzupełniający -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&ksportuj do programu Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-18 17:06
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

skanowanie ukrytych procesów ... 

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ... 

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1214440339-484763869-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4FF9BFE7-EE69-AEC6-63F4-F8004D2D460E}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"kalaemncdlmkngflbpkknf"=hex:62,61,6e,62,00,02

[HKEY_USERS\S-1-5-21-1214440339-484763869-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7D516EEF-8235-6157-BCA5-B961D82874AE}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"kabphggpjepflkgcpbbipf"=hex:62,61,70,68,00,00

[HKEY_USERS\S-1-5-21-1214440339-484763869-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BC89D4C3-3FB5-0F09-C641-E79188BE81EC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"kanfpninhmpoapnpkihjmn"=hex:62,61,70,63,00,92

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(492)
c:\windows\system32\slbcsp.dll
.
Czas ukończenia: 2010-08-18  17:09:00
ComboFix-quarantined-files.txt  2010-08-18 15:08
ComboFix2.txt  2010-08-02 12:13

Przed: 6 651 527 168 bajtów wolnych
Po: 7 000 588 288 bajtów wolnych

- - End Of File - - FF7737C68F9E914F3E6913AFB89D9BD4
 
   
@Blade@ 

Pomógł: 8 razy
Wysłany: 2010-08-18, 17:05   
Wklej do notatnika:
Kod:
Folder::
C:\FOUND.003
C:\FOUND.002
C:\FOUND.001
C:\FOUND.000

NetSvc::
tkycubc

Driver::
tkycubc

File::
c:\windows\Tasks\AppleSoftwareUpdate.job

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2103:TCP"=-

Plik -> zapisz jako -> CFScript.txt
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe


Rozpocznie się usuwanie i powstanie log, który dajesz na forum.
_________________
 
   
vacand

Wysłany: 2010-08-19, 13:21   
http://wklej.eu/index.php?id=c599216c1a
 
   
@Blade@ 

Pomógł: 8 razy
Wysłany: 2010-08-19, 14:53   
Ok, usunięte.

W OTL kliknij Sprzątanie

W UsbFix kliknij Uninstall

Przeczyść dysk oraz rejestr CCleaner

Wyłącz i włącz przywracanie systemu na wszystkich dyskach -> Instrukcja

Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport

Zainstaluj SP3 -> http://www.instalki.pl/pr...ice_Pack_3.html

Zaktualizuj IE do najnowszej wersji (nawet jeśli go nie używasz) -> http://www.instalki.pl/pr...lorer_8_XP.html

Zainstaluj tą poprawkę -> http://www.microsoft.com/...76-2067b73d6a03
_________________
 
   
Wyświetl posty z ostatnich:   
Forum komputerowe PC Town Strona Główna » Kompiradło » Bezpieczeństwo w sieci » Analiza logów » Prosze o sprawdzenie loga
Odpowiedz do tematu
Możesz pisać nowe tematy
Możesz odpowiadać w tematach
Nie możesz zmieniać swoich postów
Nie możesz usuwać swoich postów
Nie możesz głosować w ankietach
Nie możesz załączać plików na tym forum
Możesz ściągać załączniki na tym forum
 Dodaj temat do Ulubionych
Wersja do druku

Skocz do:  

Powered by phpBB modified by Przemo © 2003 phpBB Group
system walidacji dla gości opracował Petermechanic
Forum komputerowe
Strona wygenerowana w 0,4 sekundy. Zapytań do SQL: 10