Randki pl.Ozo.forum:)
Goetze czy Elring
Urzadzenie wielofunkcyjnie
nie pali przeklęty diesel
mysql
Brak ogrzewania...nagrzewnica?
Super MINI CROSS
Ważność startetu za 5 zeta.
Jak postawic bot'a
Autostrada A2 - czy bedzie spelniala normy UE wzgledem Ozo?
chomiki
Prosze o sprawdzenie logu z [cenzura] obawiam sie keyloggeraLogfile of HijackThis v1.99.1
Scan saved at 15:52:23, on 2010-03-15
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\xampp\apache\bin\apache.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\xampp\mysql\bin\mysqld-nt.exe
C:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\xampp\apache\bin\apache.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AutoConnect\AutoConnect.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\gry\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marcin\Pulpit\hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = £±cza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Marcin\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [menustart] c:\loader.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "d:\gry\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Wy¶lij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wy¶lij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFB2F32A-A6CB-4166-81A2-3074C3A3C16C}: NameServer = 194.204.159.1 194.204.152.34
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apache2.2 - Unknown owner - C:\xampp\apache\bin\apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\Documents and Settings\Marcin\Pulpit\xampp\service.exe
Jest syf, ale HijackThisem tu niewiele zdzia³amy, wiêc podaj inne logi, z: OTL i GMER (przed uruchomieniem u¿yj Defoggera)
Ten syf to keylogger?
Zaraz podam.
Mam nadzieje, ze starczy Ci log z otl, poniewaz gmer skanowal mi juz 2h jedna partycje,a lagowalo strasznie.
Jak chcuialem otworzyc jaks stronke czy cos takiego zobic nie opamietam t mi zrestarowalo kompa ;f
Log z otl:
OTL logfile created on: 2010-03-15 18:30:16 - Run 3
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Marcin\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,30 Gb Total Space | 4,77 Gb Free Space | 16,28% Space Free | Partition Type: NTFS
Drive D: | 214,84 Gb Total Space | 61,49 Gb Free Space | 28,62% Space Free | Partition Type: NTFS
Drive E: | 221,62 Gb Total Space | 170,04 Gb Free Space | 76,73% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MEISSNER-62CCEE
Current User Name: Marcin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010-02-20 11:23:26 | 01,217,872 | ---- | M] (Valve Corporation) -- D:\gry\steam\steam.exe
PRC - [2010-02-20 11:22:54 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-30 19:10:08 | 02,935,480 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009-10-17 10:19:08 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcin\Pulpit\OTL.exe
PRC - [2009-09-12 12:35:23 | 01,172,992 | ---- | M] (Vitalwerks LLC) -- C:\Program Files\No-IP\DUC20.exe
PRC - [2009-08-31 17:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2009-08-31 15:56:26 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-08-05 20:02:22 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-06-11 21:04:34 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009-03-02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009-02-12 19:09:05 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
PRC - [2008-11-18 16:31:04 | 21,633,320 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2008-11-18 16:31:04 | 00,076,744 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2008-06-03 10:09:36 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-04-14 18:21:38 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
PRC - [2008-04-14 18:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-02-13 20:07:30 | 04,653,056 | ---- | M] () -- C:\xampp\mysql\bin\mysqld-nt.exe
PRC - [2008-01-18 00:37:26 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe
PRC - [2006-12-03 00:14:03 | 00,310,784 | ---- | M] (http://autoconnect.prv.pl) -- C:\Program Files\AutoConnect\AutoConnect.exe
PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2005-06-20 23:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe
PRC - [2004-08-23 12:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe
PRC - [1999-12-13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.EXE
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009-09-12 12:35:23 | 01,172,992 | ---- | M] (Vitalwerks LLC) -- C:\Program Files\No-IP\DUC20.exe -- (NoIPDUCService [Auto | Running])
SRV - [2009-08-05 20:02:22 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009-07-09 19:11:04 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2009-06-11 21:04:34 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009-02-12 19:09:05 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2008-07-29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008-07-29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008-07-29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008-07-25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008-07-25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-06-03 10:09:36 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2008-06-02 20:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2008-04-14 18:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008-02-13 20:07:30 | 04,653,056 | ---- | M] () -- C:\xampp\mysql\bin\mysqld-nt.exe -- (mysql [Auto | Running])
SRV - [2008-01-18 00:37:26 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe -- (Apache2.2 [Auto | Running])
SRV - [2007-12-25 22:25:50 | 00,586,240 | ---- | M] (FileZilla Project) -- c:\xampp\FileZillaFTP\FileZillaServer.exe -- (FileZilla Server [On_Demand | Stopped])
SRV - [2007-12-21 03:01:02 | 00,060,928 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\xampp\service.exe -- (XAMPP [Auto | Stopped])
SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2005-11-14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2005-06-20 23:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - [2004-08-23 12:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [1999-12-13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.EXE -- (Creative Service for CDROM Access [Auto | Running])
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009-12-07 16:23:47 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009-06-14 16:45:16 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Disabled | Stopped])
DRV - [2009-06-12 08:11:46 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Stopped])
DRV - [2009-06-11 21:04:34 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2009-03-30 09:33:07 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2009-02-13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2008-12-20 11:20:49 | 00,022,368 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys -- (ggsemc [On_Demand | Stopped])
DRV - [2008-12-20 11:20:49 | 00,010,976 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\DRIVERS\ggflt.sys -- (ggflt [On_Demand | Stopped])
DRV - [2008-09-04 14:31:29 | 00,278,984 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])
DRV - [2008-09-04 14:30:45 | 00,025,416 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])
DRV - [2008-06-03 13:20:54 | 03,100,160 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2008-05-29 11:33:10 | 00,027,672 | R--- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\DRIVERS\ENTECH.sys -- (ENTECH [On_Demand | Stopped])
DRV - [2008-05-19 08:46:30 | 00,150,568 | R--- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx [Boot | Running])
DRV - [2008-04-13 19:56:49 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usb8023.sys -- (USB_RNDIS [On_Demand | Stopped])
DRV - [2008-04-13 17:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2008-04-13 17:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-03-26 19:37:26 | 04,713,472 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2008-02-02 16:54:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\l1e51x86.sys -- (L1e [On_Demand | Running])
DRV - [2007-12-17 10:14:06 | 00,012,400 | R--- | M] () -- C:\WINDOWS\System32\drivers\AsIO.sys -- (AsIO [System | Running])
DRV - [2007-11-14 20:48:20 | 00,084,992 | R--- | M] (ATI Research Inc.) -- C:\WINDOWS\System32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running])
DRV - [2007-10-29 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006-11-30 14:11:28 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se46unic.sys -- (se46unic [On_Demand | Stopped])
DRV - [2006-11-30 14:11:22 | 00,086,432 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se46obex.sys -- (se46obex [On_Demand | Stopped])
DRV - [2006-11-30 14:11:18 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se46nd5.sys -- (se46nd5 [On_Demand | Stopped])
DRV - [2006-11-30 14:11:16 | 00,088,624 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se46mgmt.sys -- (se46mgmt [On_Demand | Stopped])
DRV - [2006-11-30 14:11:12 | 00,097,088 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se46mdm.sys -- (se46mdm [On_Demand | Stopped])
DRV - [2006-11-30 14:11:10 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se46mdfl.sys -- (se46mdfl [On_Demand | Stopped])
DRV - [2006-11-30 14:11:04 | 00,061,536 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se46bus.sys -- (se46bus [On_Demand | Stopped])
DRV - [2006-11-10 17:24:06 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se2Eunic.sys -- (se2Eunic [On_Demand | Stopped])
DRV - [2006-11-10 17:23:58 | 00,086,560 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Eobex.sys -- (SE2Eobex [On_Demand | Stopped])
DRV - [2006-11-10 17:23:56 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se2End5.sys -- (se2End5 [On_Demand | Stopped])
DRV - [2006-11-10 17:23:54 | 00,088,688 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Emgmt.sys -- (SE2Emgmt [On_Demand | Stopped])
DRV - [2006-11-10 17:23:50 | 00,097,184 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Emdm.sys -- (SE2Emdm [On_Demand | Stopped])
DRV - [2006-11-10 17:23:48 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Emdfl.sys -- (SE2Emdfl [On_Demand | Stopped])
DRV - [2006-11-10 17:23:42 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Ebus.sys -- (SE2Ebus [On_Demand | Stopped])
DRV - [2006-09-18 13:59:08 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped])
DRV - [2006-09-18 13:59:02 | 00,086,560 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped])
DRV - [2006-09-18 13:59:00 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped])
DRV - [2006-09-18 13:58:58 | 00,088,688 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped])
DRV - [2006-09-18 13:58:54 | 00,097,184 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped])
DRV - [2006-09-18 13:58:52 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped])
DRV - [2006-09-18 13:58:48 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped])
DRV - [2006-05-25 14:28:44 | 00,684,265 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\torususb.sys -- (TaurusUsb [On_Demand | Running])
DRV - [2004-08-13 11:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2003-08-12 13:51:00 | 00,060,255 | ---- | M] (STMicroelectronics ) -- C:\WINDOWS\System32\DRIVERS\stmatm.sys -- (Stmatm [On_Demand | Running])
DRV - [2003-08-04 12:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
DRV - [2002-09-16 16:14:32 | 00,004,228 | ---- | M] (PowerQuest Corporation) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv [System | Running])
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.27.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-25 08:09:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-20 14:50:58 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-20 11:22:59 | 00,000,000 | ---D | M]
[2008-08-15 00:16:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions
[2008-08-15 00:16:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010-03-15 15:57:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions
[2009-07-02 11:23:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-08-25 12:21:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-07-02 11:23:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009-07-18 10:29:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009-11-07 17:39:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions\battlefieldheroespatcher@ea.com
[2010-01-03 12:28:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions\DTToolbar@toolbarnet.com
[2009-09-16 21:06:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions\SQLiteManager@mrinalkant.blogspot(2).com
[2010-01-03 12:28:45 | 00,002,059 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\FireFox\Profiles\8v8pxpyb.default\searchplugins\daemon-search.xml
[2009-07-02 11:23:55 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\FireFox\Profiles\8v8pxpyb.default\searchplugins\winamp-search.xml
[2010-03-15 15:57:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010-02-20 11:22:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-01-05 17:47:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2008-08-16 10:57:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2010-02-20 11:22:53 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2010-02-20 11:22:53 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007-04-10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2010-02-20 11:22:55 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009-12-30 19:09:28 | 00,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2009-08-24 20:19:13 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-08-24 20:19:13 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-08-24 20:19:13 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-08-24 20:19:13 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-08-24 20:19:13 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-08-24 20:19:13 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-08-24 20:19:13 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Marcin\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.DLL (STMicroelectronics )
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [menustart] c:\loader.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D)
O4 - HKCU..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe (http://autoconnect.prv.pl)
O4 - HKCU..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Steam] d:\gry\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Wy¶lij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wy¶lij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bie¿±ca strona g³ówna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-03-20 16:42:25 | 00,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{358f700d-c249-11de-b5aa-00221517b36e}\Shell\AutoRun\command - "" = I:\1hqup.exe -- File not found
O33 - MountPoints2\{358f700d-c249-11de-b5aa-00221517b36e}\Shell\open\Command - "" = I:\1hqup.exe -- File not found
O33 - MountPoints2\{99800221-6d3d-11dd-b2cb-00221517b36e}\Shell\AutoRun\command - "" = I:\8rcahp.exe -- File not found
O33 - MountPoints2\{99800221-6d3d-11dd-b2cb-00221517b36e}\Shell\open\Command - "" = I:\8rcahp.exe -- File not found
O33 - MountPoints2\{99800222-6d3d-11dd-b2cb-00221517b36e}\Shell\AutoRun\command - "" = J:\8rcahp.exe -- File not found
O33 - MountPoints2\{99800222-6d3d-11dd-b2cb-00221517b36e}\Shell\open\Command - "" = J:\8rcahp.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010-02-14 18:48:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Dane aplikacji\Download Manager
[2010-03-11 17:32:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Dane aplikacji\SecondLife
[2010-03-09 15:18:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Dane aplikacji\Utherverse
[2010-03-11 17:32:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\SecondLife
[2010-02-15 17:36:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-02-15 17:33:41 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-02-15 17:36:44 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010-02-15 17:34:28 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010-02-15 17:37:11 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-03-11 17:32:02 | 00,000,000 | ---D | C] -- C:\Program Files\SecondLife
[2010-03-03 16:33:14 | 00,000,000 | ---D | C] -- C:\Program Files\Utherverse Digital Inc
[2010-03-15 17:01:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Pulpit\gmer
[2010-03-11 15:33:06 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010-03-10 15:30:04 | 03,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010-03-02 18:14:06 | 01,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2010-02-18 15:55:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marcin\Pulpit\sbbymat
[2010-02-15 17:39:10 | 00,032,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2010-02-15 17:33:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010-02-15 17:33:23 | 00,000,000 | RH-D | C] -- C:\MSOCache
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010-03-15 18:28:07 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-03-15 18:27:54 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-03-15 18:27:52 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-03-15 17:01:50 | 00,284,915 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\gmer.zip
[2010-03-15 17:01:46 | 01,287,334 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-15 17:01:46 | 00,566,888 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-03-15 17:01:46 | 00,503,190 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-03-15 17:01:46 | 00,111,192 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-03-15 17:01:46 | 00,089,672 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-03-15 16:55:35 | 00,050,477 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Defogger.exe
[2010-03-13 16:12:18 | 00,000,745 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\TibiaBot NG.lnk
[2010-03-11 17:32:32 | 00,000,764 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Second Life.lnk
[2010-03-11 17:25:37 | 00,356,024 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\Second_Life_Setup.exe
[2010-03-11 16:20:27 | 00,000,649 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk
[2010-03-10 19:47:24 | 00,002,069 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2010-03-10 18:33:53 | 00,000,476 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Marcin.job
[2010-03-02 18:29:25 | 03,175,034 | -H-- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-03-02 18:14:21 | 00,000,632 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2010-03-02 18:14:06 | 01,700,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2010-03-02 06:30:12 | 31,648,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2010-03-01 09:28:56 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-02-21 17:51:17 | 00,035,840 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-20 20:52:21 | 00,071,624 | ---- | M] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-02-16 15:22:53 | 00,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-15 17:34:05 | 00,000,627 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-02-14 10:15:41 | 20,283,410 | ---- | M] () -- C:\Documents and Settings\Marcin\Pulpit\RagMaterials v3.0.rar
[color=#E56717]========== Files - No Company Name ==========[/color]
[2010-03-15 17:01:47 | 00,284,915 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\gmer.zip
[2010-03-15 16:55:34 | 00,050,477 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Defogger.exe
[2010-03-11 17:32:32 | 00,000,764 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Second Life.lnk
[2010-03-11 17:25:35 | 00,356,024 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\Second_Life_Setup.exe
[2010-03-02 18:09:08 | 00,000,632 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2010-02-14 10:10:31 | 20,283,410 | ---- | C] () -- C:\Documents and Settings\Marcin\Pulpit\RagMaterials v3.0.rar
[2009-12-23 18:32:45 | 00,446,976 | ---- | C] () -- C:\WINDOWS\System32\mysqlcppconn.dll
[2009-12-23 18:31:43 | 01,519,616 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2009-12-04 16:17:36 | 00,324,096 | ---- | C] () -- C:\WINDOWS\System32\SDL.dll
[2009-11-28 19:15:26 | 00,348,160 | ---- | C] () -- C:\WINDOWS\System32\SDL_ttf.dll
[2009-10-11 15:12:22 | 01,032,582 | ---- | C] () -- C:\WINDOWS\System32\alleg42.dll
[2009-06-18 20:35:54 | 01,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2009-06-12 15:34:48 | 00,045,936 | ---- | C] () -- C:\WINDOWS\php.ini
[2009-06-12 15:34:48 | 00,000,544 | ---- | C] () -- C:\WINDOWS\my.ini
[2009-04-25 18:41:39 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\12kCUusd.dll
[2008-11-28 08:12:28 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008-11-22 21:29:35 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-09-18 15:36:34 | 00,020,808 | ---- | C] () -- C:\Documents and Settings\Marcin\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2008-08-18 19:02:08 | 00,000,161 | ---- | C] () -- C:\WINDOWS\DSLSetup.ini
[2008-08-18 19:02:07 | 00,684,265 | ---- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2008-08-18 10:23:50 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008-08-18 10:23:49 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008-08-17 18:03:14 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-08-17 16:13:59 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-08-17 16:13:59 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008-08-17 16:13:57 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008-08-17 16:13:57 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-08-17 16:13:57 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008-08-17 16:13:56 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-08-17 16:13:56 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-08-16 14:17:28 | 00,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-08-16 14:17:28 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Marcin\Dane aplikacji\PnkBstrK.sys
[2008-08-16 13:45:51 | 00,035,840 | ---- | C] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-08-16 07:37:57 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008-08-14 15:37:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2008-08-14 15:07:39 | 00,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2008-08-14 15:07:39 | 00,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2008-08-14 15:07:37 | 00,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2008-08-14 15:07:37 | 00,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2008-08-14 14:43:17 | 00,036,025 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008-08-14 14:43:12 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008-08-14 14:43:02 | 00,035,634 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008-08-14 14:43:02 | 00,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-08-14 14:37:57 | 03,175,034 | -H-- | C] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2008-08-14 14:21:44 | 00,071,624 | ---- | C] () -- C:\Documents and Settings\Marcin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2008-08-14 14:12:51 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Marcin\Dane aplikacji\desktop.ini
[2007-10-29 13:00:00 | 00,000,627 | ---- | C] () -- C:\WINDOWS\win.ini
[2007-10-29 13:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 408 bytes C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E41EAF13
@Alternate Data Stream - 143 bytes C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
@Alternate Data Stream - 120 bytes C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4EE74317
< End of report >
Jednak wygl±da to tylko na same resztki.
Uruchom OTL w oknie Custom Scans/Fixes wklej:
:OTL
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
[2010-01-03 12:28:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marcin\Dane aplikacji\mozilla\Firefox\Profiles\8v8pxpyb.default\extensions\DTToolbar@toolbarnet.com
[2010-01-03 12:28:45 | 00,002,059 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\FireFox\Profiles\8v8pxpyb.default\searchplugins\daemon-search.xml
[2009-07-02 11:23:55 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\Marcin\Dane aplikacji\Mozilla\FireFox\Profiles\8v8pxpyb.default\searchplugins\winamp-search.xml
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [menustart] c:\loader.exe File not found
O4 - HKCU..\Run: [SVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe File not found
O33 - MountPoints2\{358f700d-c249-11de-b5aa-00221517b36e}\Shell\AutoRun\command - "" = I:\1hqup.exe -- File not found
O33 - MountPoints2\{358f700d-c249-11de-b5aa-00221517b36e}\Shell\open\Command - "" = I:\1hqup.exe -- File not found
O33 - MountPoints2\{99800221-6d3d-11dd-b2cb-00221517b36e}\Shell\AutoRun\command - "" = I:\8rcahp.exe -- File not found
O33 - MountPoints2\{99800221-6d3d-11dd-b2cb-00221517b36e}\Shell\open\Command - "" = I:\8rcahp.exe -- File not found
O33 - MountPoints2\{99800222-6d3d-11dd-b2cb-00221517b36e}\Shell\AutoRun\command - "" = J:\8rcahp.exe -- File not found
O33 - MountPoints2\{99800222-6d3d-11dd-b2cb-00221517b36e}\Shell\open\Command - "" = J:\8rcahp.exe -- File not found
:Files
C:\Program Files\DAEMON Tools Toolbar
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=-
:Commands
[emptytemp]
Klikasz Run Fix. Nastêpnie:
W OTL kliknij CleanUp
Przeczy¶æ dysk oraz rejestr CCleaner
Wy³±cz i w³±cz przywracanie systemu na wszystkich dyskach Instrukcja
Wykonaj pe³ne skanowanie Malwarebytes' Anti-Malware - je¶li co¶ znajdzie usuñ i daj raport
Log(jeszcze nie zrestartowalem kompa, ale t chyba ni ma roznicy?)
Malwarebytes' Anti-Malware 1.44
Wersja bazy definicji: 3874
Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702
2010-03-16 21:52:36
mbam-log-2010-03-16 (21-52-36).txt
Typ skanowania: Pe³ne skanowanie (C:\|D:\|E:\|)
Przeskanowane obiekty: 533671
Up³ynê³o: 2 hour(s), 32 minute(s), 2 second(s)
Zainfekowane procesy w pamiêci: 0
Zainfekowane modu³y pamiêci: 0
Zainfekowane klucze rejestru: 8
Zainfekowane warto¶ci rejestru: 1
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 0
Zainfekowane pliki: 3
Zainfekowane procesy w pamiêci:
(Nie wykryto gro¼nych plików)
Zainfekowane modu³y pamiêci:
(Nie wykryto gro¼nych plików)
Zainfekowane klucze rejestru:
HKEY_CLASSES_ROOT\myglobalsearchbar.toolbarplugin (Adware.MyWebSearch) Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\myglobalsearchbar.toolbarplugin.1 (Adware.MyWebSearch) Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{37b85a2c-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) Quarantined and deleted successfully.
Zainfekowane warto¶ci rejestru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) Quarantined and deleted successfully.
Zainfekowane pliki rejestru:
(Nie wykryto gro¼nych plików)
Zainfekowane foldery:
(Nie wykryto gro¼nych plików)
Zainfekowane pliki:
E:\ze starego kompa\ca³y dysk D\Install\ACDsee32 3.0\TNT-ACDSee.v3.0.b1209.exe (Trojan.Agent.CK) Quarantined and deleted successfully.
E:\ze starego kompa\Documents and Settings\Meissner\Ustawienia lokalne\Dane aplikacji\Menu.exe (Trojan.Agent) Quarantined and deleted successfully.
C:\WINDOWS\Sysvxd.exe (Trojan.FakeAlert) Quarantined and deleted successfully.
Skoro usuniête, to powinno byæ ok.
OK. dzieki wielkie.
