Log kontrolny - OTL 24.05.10
Prośba o przeanalizowanie loga z otl
Prośba o analizę loga OTL
problem mojego kolegi z cryslerem
Dobór sprzętu dla kolegi
w jakiej aplikacji to wykonaÄ?
sprzedam siemensa c65
FTP zamiast torrent :)
Blog o Ozorkowie
??
chomiki
Witam. Kumpel ma problem z kompem, którego osobiście na oczy nie widziałem... Komp jest zamulony, wykres użycia procesora jest cały czas niepokojący (100%). Komp ma już swoje lata, działa nie stabilnie, muli się, lubi się zawiesić. Podejrzewam w pierwszej kolejności infekcje, choć kolega upiera się, że skanował kompa i wykrył wszystkie wirusy. Jeżeli to nie wirus to pewnie poprosu problem sprzętowy...Kazałem kumplowi zrobić log OTLem, GMERA nie ryzykowałem bo z mam z nim kiepskie doświadczenia (3 godziny skanowania zakończone BSODem)...
OTL logfile created on: 2010-04-14 19:30:48 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Rodzinka\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
767,00 Mb Total Physical Memory | 289,00 Mb Available Physical Memory | 38,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 0,99 Gb Free Space | 5,08% Space Free | Partition Type: NTFS
Drive D: | 25,39 Gb Total Space | 9,64 Gb Free Space | 37,98% Space Free | Partition Type: NTFS
Drive E: | 29,59 Gb Total Space | 6,02 Gb Free Space | 20,33% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DOMEK
Current User Name: Rodzinka
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-04-14 19:29:20 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Downloads\OTL.exe
PRC - [2010-04-07 21:08:52 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010-04-07 21:08:30 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010-04-01 20:05:59 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-01-29 21:12:14 | 000,030,248 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2004-11-02 20:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
PRC - [2004-04-28 11:19:50 | 000,066,048 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
========== Modules (SafeList) ==========
MOD - [2010-04-14 19:29:20 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2010-04-07 21:13:20 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-04-07 21:08:52 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-10-27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-10-25 02:28:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
========== Driver Services (SafeList) ==========
DRV - [2010-04-07 21:09:48 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010-04-07 21:08:36 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-04-07 21:05:12 | 000,140,216 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-03-08 17:14:27 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-10-06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-10-06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-10-06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-10-06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-11-30 15:14:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45unic.sys -- (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM)
DRV - [2006-11-30 15:14:14 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45obex.sys -- (se45obex)
DRV - [2006-11-30 15:14:10 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mgmt.sys -- (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM)
DRV - [2006-11-30 15:14:10 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45nd5.sys -- (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS)
DRV - [2006-11-30 15:14:04 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mdm.sys -- (se45mdm)
DRV - [2006-11-30 15:14:04 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mdfl.sys -- (se45mdfl)
DRV - [2006-11-30 15:13:56 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM)
DRV - [2006-02-17 20:34:18 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm)
DRV - [2006-02-17 20:34:16 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl)
DRV - [2006-02-17 20:34:10 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM)
DRV - [2005-11-11 07:47:00 | 003,532,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-10-15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-06-29 10:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004-04-28 12:10:22 | 000,616,124 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-02-24 05:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com...&ctid=CT1098640
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-02-14 16:43:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-07 17:29:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-07 17:28:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-04-13 17:18:15 | 000,000,000 | ---D | M]
[2008-08-13 22:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Mozilla\Extensions
[2010-04-13 21:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Mozilla\Firefox\Profiles\default.pl2\extensions
[2010-02-23 00:02:59 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Mozilla\Firefox\Profiles\default.pl2\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-04-13 21:10:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007-12-19 14:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (XML Class) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - Reg Error: Value error. File not found
O2 - BHO: (TBSB09293 Class) - {57F9FEF0-6EAE-4030-A68A-30FDC38B1B13} - C:\Program Files\DosPop\DospopToolbar\dospop.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll File not found
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Rodzinka\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (SampleToolbar X) - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\DosPop\DospopToolbar\dospop.dll ()
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SampleToolbar X) - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\DosPop\DospopToolbar\dospop.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe File not found
O4 - HKLM..\Run: [dickngv] C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [okcybda] C:\Program Files\Common Files\System\foqodpx.exe File not found
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SoundMan] C:\windows\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [Cognac] C:\DOCUME~1\Rodzinka\USTAWI~1\Temp\b.exe File not found
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [PowerBar] File not found
O4 - HKCU..\Run: [wsctf.exe] File not found
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\Rodzinka\Menu Start\Programy\Autostart\syspck32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Office12\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedi...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macrom...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\360rpt.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\360Safe.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\360tray.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\adam.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\AgentSvr.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\AppSvc32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\ArSwp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\AST.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\autoruns.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\avconsol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\avgrssvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\AvMonitor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\avp.com: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\avp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\CCenter.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\EGHOST.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\FileDsty.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\FTCleanerShell.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\FYFireWall.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\HijackThis.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\IceSword.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\iparmo.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Iparmor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\isPwdSvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kabaload.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KaScrScn.SCR: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KASMain.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KASTask.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAV32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVDX.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVPF.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVPFW.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVSetup.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVStart.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KISLnchr.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KMailMon.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KMFilter.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KPFW32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KPFW32X.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KPfwSvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KRegEx.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KRepair.com: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KsLoader.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVCenter.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvDetect.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvfwMcl.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVMonXP.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVMonXP_1.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kvol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kvolself.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvReport.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVScan.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVSrvXP.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVStub.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kvupload.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kvwsc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvXP.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvXP_1.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KWatch.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KWatch9x.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KWatchX.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\loaddll.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\MagicSet.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\mcconsol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\mmqczj.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\mmsk.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Navapsvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Navapw32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\nod32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\nod32krn.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\nod32kui.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\NPFMntor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\PFW.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\PFWLiveUpdate.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\QHSET.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\QQDoctor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\QQKav.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Ras.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Rav.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RavMon.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RavMonD.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RavStub.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RavTask.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RegClean.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\rfwcfg.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\rfwmain.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\rfwsrv.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RsAgent.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Rsaupd.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\rstrui.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\runiep.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\safelive.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\scan32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\shcfg32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\SmartUp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\SREng.EXE: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\SysSafe.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\TrojanDetector.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Trojanwall.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\TrojDie.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UIHost.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxAgent.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxAttachment.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxCfg.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxFwHlp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxPol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\upiea.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UpLive.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\USBCleaner.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\vsstat.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\webscanx.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\WoptiClean.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a3194fbf-2765-11de-9405-00110900ff86}\Shell\AutoRun\command - "" = G:\RavMon.exe -- File not found
O33 - MountPoints2\{a3194fbf-2765-11de-9405-00110900ff86}\Shell\explore\Command - "" = G:\RavMon.exe -- File not found
O33 - MountPoints2\{a3194fbf-2765-11de-9405-00110900ff86}\Shell\open\Command - "" = G:\RavMon.exe -- File not found
O33 - MountPoints2\{a3f92668-2ed7-11dd-8881-00110900ff86}\Shell\AutoRun\command - "" = d.com
O33 - MountPoints2\{a3f92668-2ed7-11dd-8881-00110900ff86}\Shell\explore\Command - "" = d.com
O33 - MountPoints2\{a3f92668-2ed7-11dd-8881-00110900ff86}\Shell\open\Command - "" = d.com
O33 - MountPoints2\{ab19fa09-790d-11dd-88fe-00110900ff86}\Shell - "" = AutoRun
O33 - MountPoints2\{ab19fa09-790d-11dd-88fe-00110900ff86}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{ab19fa0a-790d-11dd-88fe-00110900ff86}\Shell - "" = AutoRun
O33 - MountPoints2\{bc1ef5fa-2b24-11de-9414-00110900ff86}\Shell\AutoRun\command - "" = f2kmj.exe
O33 - MountPoints2\{bc1ef5fa-2b24-11de-9414-00110900ff86}\Shell\open\Command - "" = f2kmj.exe
O33 - MountPoints2\{c5a4a00a-3fa9-11dd-889f-00110900ff86}\Shell\AutoRun\command - "" = I:\d.com -- File not found
O33 - MountPoints2\{c5a4a00a-3fa9-11dd-889f-00110900ff86}\Shell\explore\Command - "" = I:\d.com -- File not found
O33 - MountPoints2\{c5a4a00a-3fa9-11dd-889f-00110900ff86}\Shell\open\Command - "" = I:\d.com -- File not found
O33 - MountPoints2\{cf746492-3979-11de-944e-00110900ff86}\Shell\Open(&0)\command - "" = H:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{d3edfd34-66df-11dd-88ce-00110900ff86}\Shell\AutoRun\command - "" = d.com
O33 - MountPoints2\{d3edfd34-66df-11dd-88ce-00110900ff86}\Shell\explore\Command - "" = d.com
O33 - MountPoints2\{d3edfd34-66df-11dd-88ce-00110900ff86}\Shell\open\Command - "" = d.com
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-04-08 17:18:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-04-07 21:09:48 | 000,095,872 | ---- | C] (ESET) -- C:\windows\System32\drivers\epfwtdir.sys
[2010-04-07 21:08:36 | 000,114,984 | ---- | C] (ESET) -- C:\windows\System32\drivers\ehdrv.sys
[2010-04-07 21:05:12 | 000,140,216 | ---- | C] (ESET) -- C:\windows\System32\drivers\eamon.sys
[2010-04-04 23:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\Recover Files
[2010-03-30 23:12:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Prezentacja
[2010-03-22 17:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rodzinka\Pulpit\Matura język polski
[2010-03-19 23:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rodzinka\Moje dokumenty\My Games
[2010-03-19 23:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pocket Tanks Deluxe
[2010-02-14 16:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-02-06 22:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2010-02-06 22:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-02-09 21:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2009-02-02 22:38:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-02-02 22:38:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-02-02 22:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[5 C:\windows\*.tmp files C:\windows\*.tmp ]
[1 C:\windows\System32\*.tmp files C:\windows\System32\*.tmp ]
========== Files - Modified Within 30 Days ==========
[2010-04-14 19:43:32 | 000,804,864 | ---- | M] () -- C:\windows\System32\drivers\wvugzt.sys
[2010-04-14 19:00:01 | 000,000,290 | -H-- | M] () -- C:\windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2010-04-14 19:00:00 | 000,000,246 | -H-- | M] () -- C:\windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010-04-14 18:46:17 | 000,041,237 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2010-04-14 18:46:16 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010-04-14 18:46:03 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2010-04-14 18:04:43 | 020,185,088 | -H-- | M] () -- C:\Documents and Settings\Rodzinka\NTUSER.DAT
[2010-04-14 18:04:43 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Rodzinka\ntuser.ini
[2010-04-13 23:13:04 | 000,101,888 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-13 18:05:10 | 000,000,274 | ---- | M] () -- C:\windows\system.ini
[2010-04-13 16:56:59 | 000,000,116 | ---- | M] () -- C:\windows\NeroDigital.ini
[2010-04-09 09:40:57 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\fiszka_bib_wzor.doc
[2010-04-08 22:45:32 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\oółwiadczenie.doc
[2010-04-08 21:57:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\Nowy Dokument programu Microsoft Office Word.docx
[2010-04-07 21:09:48 | 000,095,872 | ---- | M] (ESET) -- C:\windows\System32\drivers\epfwtdir.sys
[2010-04-07 21:08:36 | 000,114,984 | ---- | M] (ESET) -- C:\windows\System32\drivers\ehdrv.sys
[2010-04-07 21:05:12 | 000,140,216 | ---- | M] (ESET) -- C:\windows\System32\drivers\eamon.sys
[2010-04-07 20:49:45 | 000,863,956 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\Nowy Prezentacja programu Microsoft Office PowerPoint.pptx
[2010-04-07 19:07:57 | 000,019,752 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\N1Vision_modem_router_2.jpg
[2010-04-07 18:35:39 | 000,069,422 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\img_63561_xps_m1730blue_300.jpg
[2010-04-07 17:29:12 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-04-07 12:24:31 | 000,000,116 | ---- | M] () -- C:\windows\System32\fjhdyfhsn.bat
[2010-04-06 19:39:54 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Dane aplikacji\avdrn.dat
[2010-03-31 16:40:14 | 000,029,551 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\d_s60155109z_15g_0045ct_o.jpg
[2010-03-30 23:12:06 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Bibliografia.doc
[2010-03-30 23:02:16 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Office Word 97–2003.doc
[2010-03-28 23:43:47 | 000,016,064 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Hall of fame.docx
[2010-03-28 19:09:57 | 000,765,820 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2010-03-28 19:09:57 | 000,356,508 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2010-03-28 19:09:57 | 000,312,184 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010-03-28 19:09:57 | 000,050,048 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2010-03-28 19:09:57 | 000,040,380 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010-03-25 17:21:26 | 000,069,696 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-03-24 23:51:41 | 000,448,512 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\Marcin Kieliszek IVD.doc
[2010-03-24 23:32:14 | 001,561,848 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010-03-21 18:58:18 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Word (2).doc
[2010-03-21 17:57:48 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Word.doc
[2010-03-21 15:13:00 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Rózne obrazy wsi w literaturze.doc
[2010-03-19 23:42:25 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Pocket Tanks Deluxe.lnk
[2010-03-19 23:19:28 | 000,012,974 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS2.jpg
[2010-03-19 23:16:04 | 000,076,373 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS1.jpg
[2010-03-19 23:08:42 | 000,091,100 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS.jpg
[2010-03-15 23:12:56 | 003,436,536 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\dan balan - chica bomb.mp3
[2010-03-15 23:09:21 | 004,645,691 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\whitney houston - i have nothing.mp3
[5 C:\windows\*.tmp files C:\windows\*.tmp ]
[1 C:\windows\System32\*.tmp files C:\windows\System32\*.tmp ]
========== Files Created - No Company Name ==========
[2010-04-08 21:57:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\Nowy Dokument programu Microsoft Office Word.docx
[2010-04-08 15:07:43 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\oółwiadczenie.doc
[2010-04-08 15:06:23 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\fiszka_bib_wzor.doc
[2010-04-07 19:07:51 | 000,019,752 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\N1Vision_modem_router_2.jpg
[2010-04-07 18:35:28 | 000,069,422 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\img_63561_xps_m1730blue_300.jpg
[2010-04-07 18:15:20 | 000,863,956 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\Nowy Prezentacja programu Microsoft Office PowerPoint.pptx
[2010-04-07 12:24:31 | 000,000,116 | ---- | C] () -- C:\windows\System32\fjhdyfhsn.bat
[2010-04-06 19:40:17 | 000,804,864 | ---- | C] () -- C:\windows\System32\drivers\wvugzt.sys
[2010-04-06 19:39:57 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\jasltw.dat
[2010-04-06 19:39:54 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Dane aplikacji\avdrn.dat
[2010-03-31 16:40:11 | 000,029,551 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\d_s60155109z_15g_0045ct_o.jpg
[2010-03-30 23:01:47 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Office Word 97–2003.doc
[2010-03-28 23:43:26 | 000,016,064 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Hall of fame.docx
[2010-03-24 23:52:27 | 000,448,512 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\Marcin Kieliszek IVD.doc
[2010-03-21 18:58:18 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Word (2).doc
[2010-03-21 17:40:42 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Word.doc
[2010-03-21 15:09:08 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Rózne obrazy wsi w literaturze.doc
[2010-03-19 23:42:25 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Pocket Tanks Deluxe.lnk
[2010-03-19 23:19:28 | 000,012,974 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS2.jpg
[2010-03-19 23:16:03 | 000,076,373 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS1.jpg
[2010-03-19 23:08:41 | 000,091,100 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS.jpg
[2010-03-15 21:43:39 | 003,436,536 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\dan balan - chica bomb.mp3
[2010-02-28 18:34:27 | 000,000,079 | ---- | C] () -- C:\windows\pit2009.ini
[2010-02-28 18:34:27 | 000,000,021 | ---- | C] () -- C:\windows\pit2007.ini
[2010-02-15 19:34:18 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel
[2009-10-24 18:27:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.JIJB2U
[2009-10-24 18:25:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.2OYE2U
[2009-10-24 18:17:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.X4TQ2U
[2009-10-24 18:15:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.QHDN2U
[2009-10-24 17:55:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.CUQP2U
[2009-10-24 17:55:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.SSQP2U
[2009-10-24 17:44:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.PF9A2U
[2009-10-24 17:40:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.CE2J2U
[2009-10-24 17:29:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.D12M2U
[2009-09-08 23:13:08 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2009-09-08 23:13:05 | 000,795,648 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2009-09-08 23:13:05 | 000,130,048 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2009-09-08 23:13:04 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2009-09-08 23:13:03 | 000,084,480 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2009-09-08 23:13:03 | 000,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2008-09-14 09:21:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Podcasting
[2008-09-14 09:21:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Pipe Organ
[2008-09-12 20:16:33 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLdu.DAT
[2008-09-12 20:16:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Pop Flute
[2008-06-25 19:27:03 | 000,000,000 | ---- | C] () -- C:\windows\mngui.INI
[2008-06-01 15:07:27 | 000,000,404 | ---- | C] () -- C:\windows\BRWMARK.INI
[2008-06-01 15:07:27 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI
[2008-06-01 15:04:24 | 000,031,567 | ---- | C] () -- C:\windows\maxlink.ini
[2008-05-30 22:20:27 | 000,000,023 | ---- | C] () -- C:\windows\BlendSettings.ini
[2008-05-30 21:30:24 | 000,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2008-05-30 21:30:00 | 000,101,888 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-05-30 21:28:02 | 000,000,421 | ---- | C] () -- C:\windows\ODBC.INI
[2008-05-30 21:22:59 | 000,157,696 | ---- | C] () -- C:\windows\System32\unrar.dll
[2008-05-30 21:20:01 | 000,691,696 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2008-05-30 21:05:25 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2008-05-30 21:01:12 | 000,155,648 | ---- | C] () -- C:\windows\System32\RTLCPAPI.dll
[2008-05-30 20:52:38 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Rodzinka\ntuser.dat.LOG
[2008-05-30 20:52:38 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Rodzinka\ntuser.ini
[2008-05-30 20:52:36 | 020,185,088 | -H-- | C] () -- C:\Documents and Settings\Rodzinka\NTUSER.DAT
[2005-11-11 07:47:00 | 001,662,976 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2005-11-11 07:47:00 | 001,466,368 | ---- | C] () -- C:\windows\System32\nview.dll
[2005-11-11 07:47:00 | 001,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2005-11-11 07:47:00 | 000,573,440 | ---- | C] () -- C:\windows\System32\nvhwvid.dll
[2005-11-11 07:47:00 | 000,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2005-11-11 07:47:00 | 000,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll
[2005-11-11 07:47:00 | 000,086,016 | ---- | C] () -- C:\windows\System32\nvapi.dll
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\windows\System32\OUTLPERF.INI
========== LOP Check ==========
[2009-04-26 10:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-02-14 16:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2008-09-12 20:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EnterNHelp
[2009-02-05 22:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-02-14 16:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-07-19 11:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-02-14 16:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-06-01 15:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft
[2008-06-26 13:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2009-12-28 21:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2008-09-12 20:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ultima_T15
[2009-05-24 10:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\BearShare
[2009-04-26 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\DAEMON Tools
[2009-04-19 21:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\DAEMON Tools Lite
[2009-04-26 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\DAEMON Tools Pro
[2008-06-01 16:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Datalayer
[2008-09-11 20:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Dev-Cpp
[2008-08-13 22:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Gadu-Gadu
[2010-02-10 19:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\gtk-2.0
[2010-02-10 17:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Inkscape
[2008-05-30 21:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\InterTrust
[2010-02-17 14:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\NFS Underground 2
[2008-09-12 20:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Nikon
[2010-02-14 16:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Nokia
[2009-02-10 21:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Nowe Gadu-Gadu
[2009-04-21 16:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\OpenFM
[2010-02-14 16:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\PC Suite
[2009-05-23 19:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\ScanSoft
[2008-06-25 19:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Teleca
[2009-10-03 01:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\uTorrent
[2010-04-14 19:00:00 | 000,000,246 | -H-- | M] () -- C:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010-04-14 19:00:01 | 000,000,290 | -H-- | M] () -- C:\windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
========== Purity Check ==========
< End of report >
Pobierz The Avenger w pole Input script here wklej poniższy tekst:
Files to delete:
C:\Documents and Settings\Rodzinka\Menu Start\Programy\Autostart\syspck32.exe
C:\windows\System32\drivers\wvugzt.sys
C:\windows\System32\fjhdyfhsn.bat
C:\Documents and Settings\NetworkService\Dane aplikacji\jasltw.dat
C:\Documents and Settings\Rodzinka\Dane aplikacji\avdrn.dat
C:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
C:\windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
Drivers to delete:
wvugzt
klikasz Execute Potwierdzasz i zgadzasz się na restart klikając OK.
Po wykonaniu wklej raport na forum C:\avenger.txt
Uruchom OTL w oknie Custom Scans/Fixes wklej:
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com...&ctid=CT1098640
IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (XML Class) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - Reg Error: Value error. File not found
O2 - BHO: (TBSB09293 Class) - {57F9FEF0-6EAE-4030-A68A-30FDC38B1B13} - C:\Program Files\DosPop\DospopToolbar\dospop.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll File not found
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (SampleToolbar X) - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\DosPop\DospopToolbar\dospop.dll ()
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SampleToolbar X) - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\DosPop\DospopToolbar\dospop.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe File not found
O4 - HKLM..\Run: [dickngv] C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O4 - HKLM..\Run: [okcybda] C:\Program Files\Common Files\System\foqodpx.exe File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found
O4 - HKCU..\Run: [Cognac] C:\DOCUME~1\Rodzinka\USTAWI~1\Temp\b.exe File not found
O4 - HKCU..\Run: [PowerBar] File not found
O4 - HKCU..\Run: [wsctf.exe] File not found
O4 - HKLM..\RunOnceEx: [] File not found
O27 - HKLM IFEO\360rpt.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\360Safe.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\360tray.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\adam.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\AgentSvr.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\AppSvc32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\ArSwp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\AST.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\autoruns.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\avconsol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\avgrssvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\AvMonitor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\avp.com: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\avp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\CCenter.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\EGHOST.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\FileDsty.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\FTCleanerShell.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\FYFireWall.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\HijackThis.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\IceSword.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\iparmo.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Iparmor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\isPwdSvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kabaload.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KaScrScn.SCR: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KASMain.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KASTask.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAV32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVDX.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVPF.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVPFW.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVSetup.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KAVStart.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KISLnchr.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KMailMon.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KMFilter.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KPFW32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KPFW32X.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KPfwSvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KRegEx.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KRepair.com: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KsLoader.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVCenter.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvDetect.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvfwMcl.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVMonXP.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVMonXP_1.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kvol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kvolself.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvReport.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVScan.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVSrvXP.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KVStub.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kvupload.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\kvwsc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvXP.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KvXP_1.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KWatch.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KWatch9x.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\KWatchX.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\loaddll.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\MagicSet.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\mcconsol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\mmqczj.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\mmsk.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Navapsvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Navapw32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\nod32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\nod32krn.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\nod32kui.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\NPFMntor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\PFW.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\PFWLiveUpdate.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\QHSET.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\QQDoctor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\QQKav.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Ras.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Rav.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RavMon.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RavMonD.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RavStub.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RavTask.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RegClean.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\rfwcfg.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\rfwmain.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\rfwsrv.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\RsAgent.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Rsaupd.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\rstrui.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\runiep.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\safelive.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\scan32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\shcfg32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\SmartUp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\SREng.EXE: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\SysSafe.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\TrojanDetector.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\Trojanwall.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\TrojDie.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UIHost.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxAgent.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxAttachment.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxCfg.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxFwHlp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UmxPol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\upiea.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\UpLive.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\USBCleaner.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\vsstat.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\webscanx.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O27 - HKLM IFEO\WoptiClean.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\aibuhpk.exe File not found
O33 - MountPoints2\{a3194fbf-2765-11de-9405-00110900ff86}\Shell\AutoRun\command - "" = G:\RavMon.exe -- File not found
O33 - MountPoints2\{a3194fbf-2765-11de-9405-00110900ff86}\Shell\explore\Command - "" = G:\RavMon.exe -- File not found
O33 - MountPoints2\{a3194fbf-2765-11de-9405-00110900ff86}\Shell\open\Command - "" = G:\RavMon.exe -- File not found
O33 - MountPoints2\{a3f92668-2ed7-11dd-8881-00110900ff86}\Shell\AutoRun\command - "" = d.com
O33 - MountPoints2\{a3f92668-2ed7-11dd-8881-00110900ff86}\Shell\explore\Command - "" = d.com
O33 - MountPoints2\{a3f92668-2ed7-11dd-8881-00110900ff86}\Shell\open\Command - "" = d.com
O33 - MountPoints2\{ab19fa09-790d-11dd-88fe-00110900ff86}\Shell - "" = AutoRun
O33 - MountPoints2\{bc1ef5fa-2b24-11de-9414-00110900ff86}\Shell\AutoRun\command - "" = f2kmj.exe
O33 - MountPoints2\{bc1ef5fa-2b24-11de-9414-00110900ff86}\Shell\open\Command - "" = f2kmj.exe
O33 - MountPoints2\{c5a4a00a-3fa9-11dd-889f-00110900ff86}\Shell\AutoRun\command - "" = I:\d.com -- File not found
O33 - MountPoints2\{c5a4a00a-3fa9-11dd-889f-00110900ff86}\Shell\explore\Command - "" = I:\d.com -- File not found
O33 - MountPoints2\{c5a4a00a-3fa9-11dd-889f-00110900ff86}\Shell\open\Command - "" = I:\d.com -- File not found
O33 - MountPoints2\{cf746492-3979-11de-944e-00110900ff86}\Shell\Open(&0)\command - "" = H:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{d3edfd34-66df-11dd-88ce-00110900ff86}\Shell\AutoRun\command - "" = d.com
O33 - MountPoints2\{d3edfd34-66df-11dd-88ce-00110900ff86}\Shell\explore\Command - "" = d.com
O33 - MountPoints2\{d3edfd34-66df-11dd-88ce-00110900ff86}\Shell\open\Command - "" = d.com
:Files
C:\Program Files\free-downloads.net
C:\Program Files\DosPop\DospopToolbar
C:\Program Files\DAEMON Tools Toolbar
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndexSearch"=-
"NeroFilterCheck"=-
"nwiz"=-
"RemoteControl"=-
"SoundMan"=-
"SSBkgdUpdate"=-
"WinampAgent"=-
:Commands
[emptytemp]
Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL
Jest lepiej Procesor nie jest już dziwnie obciążony ;D
Log The Avenger z usuwania:
http://wklejto.pl/64022
Log OTL z usuwania:
http://www.wklejto.pl/64023
Nowy log OTL:
OTL logfile created on: 2010-04-15 20:44:34 - Run 2
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Rodzinka\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
767,00 Mb Total Physical Memory | 342,00 Mb Available Physical Memory | 45,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,31 Gb Free Space | 16,92% Space Free | Partition Type: NTFS
Drive D: | 25,39 Gb Total Space | 9,65 Gb Free Space | 37,99% Space Free | Partition Type: NTFS
Drive E: | 29,59 Gb Total Space | 6,02 Gb Free Space | 20,33% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DOMEK
Current User Name: Rodzinka
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-04-14 19:29:20 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Downloads\OTL.exe
PRC - [2010-04-07 21:08:52 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010-04-07 21:08:30 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010-04-01 20:05:59 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-01-29 21:12:14 | 000,030,248 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
========== Modules (SafeList) ==========
MOD - [2010-04-14 19:29:20 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2010-04-07 21:13:20 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-04-07 21:08:52 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-10-27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-10-25 02:28:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
========== Driver Services (SafeList) ==========
DRV - [2010-04-07 21:09:48 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010-04-07 21:08:36 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-04-07 21:05:12 | 000,140,216 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-03-08 17:14:27 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-10-06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-10-06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-10-06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-10-06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-11-30 15:14:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45unic.sys -- (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM)
DRV - [2006-11-30 15:14:14 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45obex.sys -- (se45obex)
DRV - [2006-11-30 15:14:10 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mgmt.sys -- (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM)
DRV - [2006-11-30 15:14:10 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45nd5.sys -- (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS)
DRV - [2006-11-30 15:14:04 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mdm.sys -- (se45mdm)
DRV - [2006-11-30 15:14:04 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mdfl.sys -- (se45mdfl)
DRV - [2006-11-30 15:13:56 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM)
DRV - [2006-02-17 20:34:18 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm)
DRV - [2006-02-17 20:34:16 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl)
DRV - [2006-02-17 20:34:10 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM)
DRV - [2005-11-11 07:47:00 | 003,532,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-10-15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-06-29 10:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004-04-28 12:10:22 | 000,616,124 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-02-24 05:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.s...r/fix_homepage/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.s...r/fix_homepage/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.s...r/fix_homepage/
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.s...r/fix_homepage/
IE - HKU\S-1-5-21-2052111302-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2052111302-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2052111302-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2052111302-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-2052111302-1960408961-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2052111302-1960408961-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2052111302-1960408961-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-02-14 16:43:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-07 17:29:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-07 17:28:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-04-13 17:18:15 | 000,000,000 | ---D | M]
[2008-08-13 22:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Mozilla\Extensions
[2010-04-14 21:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Mozilla\Firefox\Profiles\default.pl2\extensions
[2010-02-23 00:02:59 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Mozilla\Firefox\Profiles\default.pl2\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-04-14 21:18:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007-12-19 14:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Rodzinka\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKU\S-1-5-21-2052111302-1960408961-839522115-1004..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-2052111302-1960408961-839522115-1004..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\.DEFAULT..\RunOnce: [] File not found
O4 - HKU\S-1-5-18..\RunOnce: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [] File not found
O4 - HKU\S-1-5-20..\RunOnce: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-2052111302-1960408961-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Office12\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedi...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/updat...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macrom...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ab19fa0a-790d-11dd-88fe-00110900ff86}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-04-15 16:18:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-04-15 16:13:23 | 000,000,000 | ---D | C] -- C:\Avenger
[2010-04-08 17:18:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-04-07 21:09:48 | 000,095,872 | ---- | C] (ESET) -- C:\windows\System32\drivers\epfwtdir.sys
[2010-04-07 21:08:36 | 000,114,984 | ---- | C] (ESET) -- C:\windows\System32\drivers\ehdrv.sys
[2010-04-07 21:05:12 | 000,140,216 | ---- | C] (ESET) -- C:\windows\System32\drivers\eamon.sys
[2010-04-04 23:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\Recover Files
[2010-03-30 23:12:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Prezentacja
[2010-03-22 17:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rodzinka\Pulpit\Matura język polski
[2010-03-19 23:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rodzinka\Moje dokumenty\My Games
[2010-03-19 23:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pocket Tanks Deluxe
[2010-02-14 16:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-02-06 22:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2010-02-06 22:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-02-09 21:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2009-02-02 22:38:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-02-02 22:38:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-02-02 22:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
========== Files - Modified Within 30 Days ==========
[2010-04-15 20:42:00 | 000,041,237 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2010-04-15 20:41:57 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010-04-15 20:41:54 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2010-04-15 17:17:11 | 020,185,088 | -H-- | M] () -- C:\Documents and Settings\Rodzinka\NTUSER.DAT
[2010-04-15 17:17:11 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Rodzinka\ntuser.ini
[2010-04-15 16:41:40 | 000,001,374 | ---- | M] () -- C:\windows\imsins.BAK
[2010-04-14 23:19:07 | 003,597,451 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\hey love - an original alyssa bernal.mp3
[2010-04-14 22:39:53 | 000,073,773 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\36024908_640.jpg
[2010-04-13 23:13:04 | 000,101,888 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-13 18:05:10 | 000,000,274 | ---- | M] () -- C:\windows\system.ini
[2010-04-13 16:56:59 | 000,000,116 | ---- | M] () -- C:\windows\NeroDigital.ini
[2010-04-09 09:40:57 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\fiszka_bib_wzor.doc
[2010-04-08 22:45:32 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\oółwiadczenie.doc
[2010-04-08 21:57:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\Nowy Dokument programu Microsoft Office Word.docx
[2010-04-07 21:09:48 | 000,095,872 | ---- | M] (ESET) -- C:\windows\System32\drivers\epfwtdir.sys
[2010-04-07 21:08:36 | 000,114,984 | ---- | M] (ESET) -- C:\windows\System32\drivers\ehdrv.sys
[2010-04-07 21:05:12 | 000,140,216 | ---- | M] (ESET) -- C:\windows\System32\drivers\eamon.sys
[2010-04-07 20:49:45 | 000,863,956 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\Nowy Prezentacja programu Microsoft Office PowerPoint.pptx
[2010-04-07 19:07:57 | 000,019,752 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\N1Vision_modem_router_2.jpg
[2010-04-07 18:35:39 | 000,069,422 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\img_63561_xps_m1730blue_300.jpg
[2010-04-07 17:29:12 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-03-31 16:40:14 | 000,029,551 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\d_s60155109z_15g_0045ct_o.jpg
[2010-03-30 23:12:06 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Bibliografia.doc
[2010-03-30 23:02:16 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Office Word 97–2003.doc
[2010-03-28 23:43:47 | 000,016,064 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Hall of fame.docx
[2010-03-28 19:09:57 | 000,765,820 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2010-03-28 19:09:57 | 000,356,508 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2010-03-28 19:09:57 | 000,312,184 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010-03-28 19:09:57 | 000,050,048 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2010-03-28 19:09:57 | 000,040,380 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010-03-25 17:21:26 | 000,069,696 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-03-24 23:51:41 | 000,448,512 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\Marcin Kieliszek IVD.doc
[2010-03-24 23:32:14 | 001,561,848 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010-03-21 18:58:18 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Word (2).doc
[2010-03-21 17:57:48 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Word.doc
[2010-03-21 15:13:00 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Rózne obrazy wsi w literaturze.doc
[2010-03-19 23:42:25 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Pocket Tanks Deluxe.lnk
[2010-03-19 23:19:28 | 000,012,974 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS2.jpg
[2010-03-19 23:16:04 | 000,076,373 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS1.jpg
[2010-03-19 23:08:42 | 000,091,100 | ---- | M] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS.jpg
========== Files Created - No Company Name ==========
[2010-04-14 22:48:24 | 003,597,451 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\hey love - an original alyssa bernal.mp3
[2010-04-14 22:39:02 | 000,073,773 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\36024908_640.jpg
[2010-04-08 21:57:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\Nowy Dokument programu Microsoft Office Word.docx
[2010-04-08 15:07:43 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\oółwiadczenie.doc
[2010-04-08 15:06:23 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\fiszka_bib_wzor.doc
[2010-04-07 19:07:51 | 000,019,752 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\N1Vision_modem_router_2.jpg
[2010-04-07 18:35:28 | 000,069,422 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\img_63561_xps_m1730blue_300.jpg
[2010-04-07 18:15:20 | 000,863,956 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\Nowy Prezentacja programu Microsoft Office PowerPoint.pptx
[2010-03-31 16:40:11 | 000,029,551 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\d_s60155109z_15g_0045ct_o.jpg
[2010-03-30 23:01:47 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Office Word 97–2003.doc
[2010-03-28 23:43:26 | 000,016,064 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Hall of fame.docx
[2010-03-24 23:52:27 | 000,448,512 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\Marcin Kieliszek IVD.doc
[2010-03-21 18:58:18 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Word (2).doc
[2010-03-21 17:40:42 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Nowy Dokument programu Microsoft Word.doc
[2010-03-21 15:09:08 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Moje dokumenty\Rózne obrazy wsi w literaturze.doc
[2010-03-19 23:42:25 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Pocket Tanks Deluxe.lnk
[2010-03-19 23:19:28 | 000,012,974 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS2.jpg
[2010-03-19 23:16:03 | 000,076,373 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS1.jpg
[2010-03-19 23:08:41 | 000,091,100 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Pulpit\GPS.jpg
[2010-02-28 18:34:27 | 000,000,079 | ---- | C] () -- C:\windows\pit2009.ini
[2010-02-28 18:34:27 | 000,000,021 | ---- | C] () -- C:\windows\pit2007.ini
[2010-02-15 19:34:18 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel
[2009-10-24 18:27:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.JIJB2U
[2009-10-24 18:25:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.2OYE2U
[2009-10-24 18:17:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.X4TQ2U
[2009-10-24 18:15:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.QHDN2U
[2009-10-24 17:55:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.CUQP2U
[2009-10-24 17:55:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.SSQP2U
[2009-10-24 17:44:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.PF9A2U
[2009-10-24 17:40:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.CE2J2U
[2009-10-24 17:29:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\.recently-used.xbel.D12M2U
[2009-09-08 23:13:08 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2009-09-08 23:13:05 | 000,795,648 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2009-09-08 23:13:05 | 000,130,048 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2009-09-08 23:13:04 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2009-09-08 23:13:03 | 000,084,480 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2009-09-08 23:13:03 | 000,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2008-09-14 09:21:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Podcasting
[2008-09-14 09:21:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Pipe Organ
[2008-09-12 20:16:33 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLdu.DAT
[2008-09-12 20:16:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Pop Flute
[2008-06-25 19:27:03 | 000,000,000 | ---- | C] () -- C:\windows\mngui.INI
[2008-06-01 15:07:27 | 000,000,404 | ---- | C] () -- C:\windows\BRWMARK.INI
[2008-06-01 15:07:27 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI
[2008-06-01 15:04:24 | 000,031,567 | ---- | C] () -- C:\windows\maxlink.ini
[2008-05-30 22:20:27 | 000,000,023 | ---- | C] () -- C:\windows\BlendSettings.ini
[2008-05-30 21:30:24 | 000,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2008-05-30 21:30:00 | 000,101,888 | ---- | C] () -- C:\Documents and Settings\Rodzinka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-05-30 21:28:02 | 000,000,421 | ---- | C] () -- C:\windows\ODBC.INI
[2008-05-30 21:22:59 | 000,157,696 | ---- | C] () -- C:\windows\System32\unrar.dll
[2008-05-30 21:20:01 | 000,691,696 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2008-05-30 21:05:25 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2008-05-30 21:01:12 | 000,155,648 | ---- | C] () -- C:\windows\System32\RTLCPAPI.dll
[2008-05-30 20:52:38 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Rodzinka\ntuser.dat.LOG
[2008-05-30 20:52:38 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Rodzinka\ntuser.ini
[2008-05-30 20:52:36 | 020,185,088 | -H-- | C] () -- C:\Documents and Settings\Rodzinka\NTUSER.DAT
[2005-11-11 07:47:00 | 001,662,976 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2005-11-11 07:47:00 | 001,466,368 | ---- | C] () -- C:\windows\System32\nview.dll
[2005-11-11 07:47:00 | 001,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2005-11-11 07:47:00 | 000,573,440 | ---- | C] () -- C:\windows\System32\nvhwvid.dll
[2005-11-11 07:47:00 | 000,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2005-11-11 07:47:00 | 000,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll
[2005-11-11 07:47:00 | 000,086,016 | ---- | C] () -- C:\windows\System32\nvapi.dll
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\windows\System32\OUTLPERF.INI
========== LOP Check ==========
[2009-04-26 10:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-02-14 16:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2008-09-12 20:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EnterNHelp
[2009-02-05 22:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-02-14 16:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-07-19 11:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-02-14 16:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-06-01 15:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft
[2008-06-26 13:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2009-12-28 21:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2008-09-12 20:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ultima_T15
[2009-05-24 10:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\BearShare
[2009-04-26 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\DAEMON Tools
[2009-04-19 21:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\DAEMON Tools Lite
[2009-04-26 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\DAEMON Tools Pro
[2008-06-01 16:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Datalayer
[2008-09-11 20:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Dev-Cpp
[2008-08-13 22:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Gadu-Gadu
[2010-02-10 19:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\gtk-2.0
[2010-02-10 17:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Inkscape
[2008-05-30 21:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\InterTrust
[2010-02-17 14:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\NFS Underground 2
[2008-09-12 20:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Nikon
[2010-02-14 16:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Nokia
[2009-02-10 21:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Nowe Gadu-Gadu
[2009-04-21 16:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\OpenFM
[2010-02-14 16:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\PC Suite
[2009-05-23 19:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\ScanSoft
[2008-06-25 19:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\Teleca
[2009-10-03 01:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodzinka\Dane aplikacji\uTorrent
========== Purity Check ==========
< End of report >
Uruchom OTL w oknie Custom Scans/Fixes wklej:
:OTL
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
Klikasz Run Fix, później CleanUp
Przeczyść dysk oraz rejestr CCleaner
Wyłącz i włącz przywracanie systemu na wszystkich dyskach Instrukcja
Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport
