Aktualizacja avira antivir - łączenie się z internetem

**Posty:** 300 · przez **sgsman** 16 Maj 2009, 17:27

Witam,
kilka dni temu zauważyłem, że moja AviraAntivir miała problemy z aktualizacją i moja baza wirusów się zdeaktualizowała.
jako że nie mogłem owej bazy uaktualnić, postanowiłem zainstalować ESEta SS 4, co też uczyniłem. Jednak po jego instalacji nie mogłem łączyć się ze stronami (komputer pokazywał połączenie z internetem, ale strony nie wyświetlały się mimo prób połączenia). Sam program też nie chciał się zaktualizować. Dostępu do internetu nie miałem nawet wtedy, gdy wyłączyłem zaporę. Dopiero odinstalowanie programu umożliwiło surfowanie po internecie.
Ktoś na forum ESETa zasugerował, że to może być wina wirusa.
W dodatku Firefox zaczął w ciągu ostatnich dni "wykrzaczać się" z różnych powodów (z logów programu wynikało że raz to z przyczyny aplikacji, raz z innej).
Teraz działam bez żadnego antyvira.
Załączam logi z OTlista i GMERa i proszę o pomoc.

Otlist:

Kod: Zaznacz wszystko: OTListIt logfile created on: 2009-05-15 17:26:26 - Run 1 OTListIt2 by OldTimer - Version 2.0.15.7 Folder = C:\otlist i gmer Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,48 Mb Total Physical Memory | 337,08 Mb Available Physical Memory | 43,92% Memory free 1,83 Gb Paging File | 1,48 Gb Available in Paging File | 80,83% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 24,40 Gb Total Space | 2,50 Gb Free Space | 10,25% Space Free | Partition Type: FAT32 Drive D: | 74,53 Gb Total Space | 9,34 Gb Free Space | 12,53% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 50,11 Gb Total Space | 1,56 Gb Free Space | 3,12% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HALINKA Current User Name: User Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - [2005-06-10 17:19:38 | 00,869,888 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe PRC - [2008-09-10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe PRC - [2003-12-08 17:35:14 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe PRC - [2005-06-10 15:20:06 | 01,397,760 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCD.exe PRC - [2007-09-25 01:11:36 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe PRC - [2005-02-16 17:15:20 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2006-08-08 21:03:52 | 00,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe PRC - [2008-12-29 11:40:30 | 00,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [1997-10-06 00:00:00 | 00,051,984 | ---- | M] () -- C:\Program Files\Microsoft Office\Office\OSA.EXE PRC - [2006-01-19 16:54:34 | 00,925,696 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.exe PRC - [2002-05-31 18:00:00 | 00,020,992 | ---- | M] (Antony Lewis) -- F:\WordWeb\wweb32.exe PRC - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2008-07-25 18:32:16 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2001-10-26 17:29:52 | 00,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe PRC - [2008-04-14 19:21:50 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2009-04-28 16:45:52 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2009-05-15 17:24:56 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\otlist i gmer\OTListIt2.exe [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - [2008-09-10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running]) SRV - [2007-10-24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2004-07-20 14:15:20 | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService [Auto | Running]) SRV - [2007-10-24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2005-11-17 15:18:52 | 01,527,900 | ---- | M] (MAGIX®) -- D:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance [On_Demand | Stopped]) SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2005-06-10 17:19:38 | 00,869,888 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running]) SRV - File not found -- -- (NVSvc [Auto | Stopped]) SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2008-07-25 18:32:16 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running]) SRV - [2006-12-14 16:00:00 | 00,544,768 | ---- | M] (Magix AG) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService [On_Demand | Stopped]) SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - [2008-04-13 20:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped]) DRV - [2008-10-14 11:55:12 | 00,110,304 | ---- | M] (Protect Software GmbH) -- C:\WINDOWS\system32\drivers\ACEDRV09.sys -- (ACEDRV09 [Auto | Running]) DRV - [2004-07-20 14:19:16 | 00,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt [System | Running]) DRV - [2008-04-13 20:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped]) DRV - [2001-08-17 20:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Running]) DRV - [2008-10-20 22:04:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT [System | Stopped]) DRV - [2004-12-14 16:55:22 | 00,009,472 | R--- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO [Auto | Running]) DRV - [2001-08-17 20:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k [On_Demand | Running]) DRV - [2001-08-17 20:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1 [On_Demand | Running]) DRV - [2004-10-25 20:02:58 | 00,021,664 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\system32\DRIVERS\ENTECH.sys -- (ENTECH [On_Demand | Stopped]) DRV - [2008-04-13 20:45:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running]) DRV - [2001-08-17 22:02:32 | 00,008,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\hidgame.sys -- (hidgame [On_Demand | Stopped]) DRV - [2005-06-10 17:12:12 | 00,099,584 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running]) DRV - [2005-06-10 17:11:50 | 00,029,696 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys -- (InCDPass [System | Running]) DRV - [2005-06-10 15:11:44 | 00,028,160 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm [System | Running]) DRV - [2000-03-29 17:11:20 | 00,008,096 | ---- | M] (MicroStaff Co.,Ltd.) -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT [Auto | Running]) DRV - [2008-04-13 20:46:10 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped]) DRV - [2006-10-22 12:22:00 | 03,994,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2008-10-20 22:04:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5 [System | Stopped]) DRV - [2003-12-05 10:46:36 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running]) DRV - [2002-09-23 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2004-08-04 06:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running]) DRV - [2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running]) DRV - [2005-08-10 13:44:06 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running]) DRV - [2005-05-16 14:20:40 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running]) DRV - [2001-08-17 20:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman [On_Demand | Running]) DRV - [2005-11-03 16:40:08 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running]) DRV - [2005-12-22 14:45:18 | 00,402,432 | ---- | M] (ZyDAS Technology Corporation) -- C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys -- (SG762_XP [On_Demand | Running]) DRV - [2009-02-09 14:18:22 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2008-08-17 18:48:52 | 00,002,368 | ---- | M] (AntiCracking) -- C:\WINDOWS\system32\SVKP.sys -- (SVKP [Auto | Running]) DRV - [2004-07-06 19:56:26 | 00,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\System32\Drivers\Video3D.sys -- (Video3D [On_Demand | Running]) DRV - [2008-10-20 22:04:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\system32\ZDCndis5.SYS -- (ZDCndis5 [System | Stopped]) DRV - [2006-01-18 14:09:40 | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys -- (ZDPSp50 [On_Demand | Running]) DRV - [2008-10-20 22:04:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\system32\ZDPNDIS5.SYS -- (ZDPNDIS5 [On_Demand | Stopped]) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1614895754-484061587-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1614895754-484061587-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-1614895754-484061587-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-1614895754-484061587-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-1614895754-484061587-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-1614895754-484061587-725345543-1004\S-1-5-21-1614895754-484061587-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=orange]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://onet.pl/" FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.1.8.7 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03 FF - prefs.js..extensions.enabledItems: {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10 FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2006-02-12 15:11:18 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2006-02-12 15:11:18 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2009-01-09 19:50:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Extensions [2009-01-09 19:50:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2006-02-12 15:13:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\4hsbxv9g.default\extensions [2009-04-17 18:05:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\4hsbxv9g.default\extensions\{0620B69D-7B58-416d-A92A-0198860C2757} [2009-05-06 18:49:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\4hsbxv9g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009-03-29 12:11:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\4hsbxv9g.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb} [2006-03-26 14:15:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\4hsbxv9g.default\extensions\blueshift@shift.themes [2009-05-06 18:49:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\4hsbxv9g.default\extensions\firefox@tvunetworks.com [2008-12-21 21:00:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\4hsbxv9g.default\extensions\minesweeper@clav.mozdev.org [2009-03-26 17:48:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\4hsbxv9g.default\extensions\toolbar@duckduckgo.com [2006-02-12 15:13:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2006-02-12 15:13:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008-01-14 12:31:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2009-04-28 16:45:52 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-04-28 16:45:52 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-01-09 19:49:48 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-01-09 19:49:50 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-01-09 19:49:50 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-01-09 19:49:50 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-01-09 19:49:50 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-01-09 19:49:50 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-01-09 19:49:50 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O3 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Reg Error: Key error. File not found O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] nwiz.exe /install () O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.) O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" (Cyberlink Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-1614895754-484061587-725345543-1004..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start (ASUSTeK Inc.) O4 - HKU\S-1-5-21-1614895754-484061587-725345543-1004..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd) O4 - HKU\S-1-5-21-1614895754-484061587-725345543-1004..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Uruchamianie pakietu Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.exe ( ) O4 - Startup: C:\Documents and Settings\User\Menu Start\Programy\Autostart\WordWeb.lnk = F:\WordWeb\wweb32.exe (Antony Lewis) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1614895754-484061587-725345543-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm () O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm () O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\..Trusted Domains: com.pl ([mks] http in Trusted sites) O15 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {070CA17A-4BD2-4612-83B4-32B1B9159B47} http://uc.sina.com.cn/download/live/weblive2.4.0.0.cab (ULiveCtrl Control) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class) O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139765895750 (WUWebControl Class) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (ActiveScan Installer Class) O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} http://www.euchannels.net/UKooPlayer.ocx (KooPlayer Control) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} http://www.mks.com.pl/skaner/SkanerOnline.cab (MainControl Class) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\textwareilluminatorbase {CE5CD329-1650-414A-8DB0-4CBF72FAED87} - C:\WINDOWS\system32\textwareilluminatorbaseProtocol.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-02-12 14:59:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O33 - MountPoints2\{36dc96a6-8ab9-11dc-93af-0060b30a1a0b}\Shell\Auto\command - "" = activexdebugger32.exe f O33 - MountPoints2\{36dc96a6-8ab9-11dc-93af-0060b30a1a0b}\Shell\explore\Command - "" = activexdebugger32.exe f O33 - MountPoints2\{36dc96a6-8ab9-11dc-93af-0060b30a1a0b}\Shell\open\Command - "" = activexdebugger32.exe f O33 - MountPoints2\{6094e14c-ad64-11dd-96f0-0060b30a1a0b}\Shell\AutoRun\command - "" = abk.bat O33 - MountPoints2\{6094e14c-ad64-11dd-96f0-0060b30a1a0b}\Shell\explore\Command - "" = abk.bat O33 - MountPoints2\{6094e14c-ad64-11dd-96f0-0060b30a1a0b}\Shell\open\Command - "" = abk.bat O33 - MountPoints2\{f4848f78-27fb-11dc-92b0-0060b30a1a0b}\Shell - "" = AutoRun O33 - MountPoints2\{f4848f78-27fb-11dc-92b0-0060b30a1a0b}\Shell\Open\command - "" = E:\resycled\boot.com -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-05-15 17:25:01 | 00,000,000 | ---D | C] -- C:\otlist i gmer [2009-05-14 16:33:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\ese [2009-05-13 19:35:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\ESET [2009-05-13 19:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-04-24 15:50:18 | 00,000,769 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Kurs Tańca.lnk [2008-12-27 14:59:44 | 00,000,039 | ---- | C] () -- C:\WINDOWS\holt.ini [2008-12-21 13:19:53 | 00,000,196 | ---- | C] () -- C:\WINDOWS\GMonkey.ini [2008-12-20 20:52:41 | 00,000,147 | ---- | C] () -- C:\WINDOWS\hexmine.ini [2008-10-20 22:32:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ZDPNDIS5.SYS [2008-10-20 22:32:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ZDCndis5.SYS [2008-10-20 22:32:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\PCANDIS5.SYS [2008-10-20 22:32:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\EagleNT.sys [2008-10-05 17:29:00 | 00,000,292 | ---- | C] () -- C:\WINDOWS\cncscore.ini [2008-09-27 17:27:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MusicEditor.INI [2008-09-27 14:07:45 | 00,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI [2008-09-27 13:57:12 | 00,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2008-09-27 12:34:12 | 00,000,130 | ---- | C] () -- C:\WINDOWS\musicmaker.INI [2008-09-27 12:33:11 | 00,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll [2008-08-13 13:07:33 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008-08-10 14:23:39 | 00,000,090 | ---- | C] () -- C:\WINDOWS\wa.INI [2008-07-25 18:33:02 | 00,137,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-07-23 10:50:23 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-07-03 13:40:30 | 00,000,001 | ---- | C] () -- C:\WINDOWS\hlp-fastamr.dll [2008-07-02 13:07:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll [2008-07-02 12:52:48 | 00,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2008-06-11 17:15:43 | 00,000,322 | ---- | C] () -- C:\WINDOWS\entpack.ini [2007-11-10 19:34:08 | 00,000,034 | ---- | C] () -- C:\WINDOWS\Powerplayer.ini [2007-11-10 19:34:04 | 00,000,519 | ---- | C] () -- C:\WINDOWS\psnetwork.ini [2007-09-04 11:17:59 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL [2007-09-04 11:17:59 | 00,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini [2007-03-23 17:41:04 | 00,448,512 | ---- | C] () -- C:\WINDOWS\System32\avformat-50.dll [2007-03-23 17:41:04 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\avutil-49.dll [2007-03-23 17:41:03 | 03,345,408 | ---- | C] () -- C:\WINDOWS\System32\avcodec-51.dll [2007-03-21 18:47:43 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll [2006-11-03 17:50:53 | 00,000,137 | ---- | C] () -- C:\WINDOWS\TDW.INI [2006-11-03 17:50:53 | 00,000,091 | ---- | C] () -- C:\WINDOWS\TPW.INI [2006-11-03 17:50:53 | 00,000,041 | ---- | C] () -- C:\WINDOWS\WORKSHOP.INI [2006-10-22 12:22:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-10-22 12:22:00 | 00,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006-10-08 14:18:30 | 00,000,113 | ---- | C] () -- C:\WINDOWS\EXCEL4.INI [2006-08-31 17:44:33 | 00,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006-05-28 17:06:12 | 00,000,006 | ---- | C] () -- C:\WINDOWS\quickie2.ini [2006-05-27 14:10:25 | 00,000,025 | ---- | C] () -- C:\WINDOWS\2pic.ini [2006-05-21 12:51:31 | 00,000,098 | ---- | C] () -- C:\WINDOWS\Mod_h3maped.INI [2006-05-20 11:51:11 | 00,000,022 | ---- | C] () -- C:\WINDOWS\exchng.ini [2006-05-06 15:07:45 | 00,000,076 | ---- | C] () -- C:\WINDOWS\vstudio.INI [2006-05-06 15:07:00 | 00,001,141 | ---- | C] () -- C:\WINDOWS\ulead32.ini [2006-05-06 15:07:00 | 00,000,200 | ---- | C] () -- C:\WINDOWS\vidwiz.ini [2006-05-06 15:07:00 | 00,000,132 | ---- | C] () -- C:\WINDOWS\dswplug.ini [2006-05-06 15:07:00 | 00,000,049 | ---- | C] () -- C:\WINDOWS\Msdevctl.ini [2006-04-19 16:19:25 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2006-04-15 12:28:16 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll.off [2006-04-15 12:28:16 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll.off [2006-04-09 16:54:34 | 00,000,914 | ---- | C] () -- C:\WINDOWS\ARPR.INI [2006-03-25 14:26:33 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2006-03-25 10:39:13 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2006-03-22 21:24:29 | 00,000,063 | ---- | C] () -- C:\WINDOWS\TEXTware.ini [2006-03-22 21:24:24 | 00,321,024 | ---- | C] () -- C:\WINDOWS\System32\textwareilluminatorbaseProtocol.dll [2006-03-22 21:24:23 | 00,113,288 | ---- | C] () -- C:\WINDOWS\System32\bass.dll [2006-03-22 21:24:22 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\ILXTBS.DLL [2006-03-22 21:24:21 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\Twavbx32.dll [2006-03-22 21:24:20 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\TWAIED02.DLL [2006-03-05 11:57:37 | 00,000,093 | ---- | C] () -- C:\WINDOWS\dinksmallwood.ini [2006-02-20 15:22:29 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-02-16 20:40:40 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2006-02-16 12:08:48 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL [2006-02-16 12:08:48 | 00,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2006-02-16 12:08:47 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll [2006-02-15 18:10:10 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2006-02-12 17:31:20 | 00,000,731 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-02-12 15:39:13 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2006-02-12 15:10:50 | 00,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini [2004-12-15 05:01:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2004-12-15 05:01:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2004-12-15 05:01:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2004-12-15 05:01:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2004-12-15 05:01:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-10-11 11:19:00 | 00,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL [2004-09-28 06:38:30 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\wmatimer.dll [2004-06-09 22:38:01 | 00,184,320 | ---- | C] () -- C:\WINDOWS\System32\JPeg32.dll [2002-10-04 07:01:42 | 00,503,808 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2002-09-23 12:00:00 | 00,001,359 | ---- | C] () -- C:\WINDOWS\win.ini [2002-09-23 12:00:00 | 00,000,455 | ---- | C] () -- C:\WINDOWS\system.ini [1999-11-11 02:39:00 | 00,481,792 | ---- | C] () -- C:\WINDOWS\System32\RFFTW2dll.dll [1997-10-06 00:00:00 | 00,093,456 | ---- | C] () -- C:\WINDOWS\System32\GAPI32.DLL [1997-10-06 00:00:00 | 00,031,232 | ---- | C] () -- C:\WINDOWS\System32\XLREC.DLL [1997-10-06 00:00:00 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\RECNCL.DLL [1997-10-06 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL [1997-10-06 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\VAPL232.DLL [1997-10-06 00:00:00 | 00,006,976 | ---- | C] () -- C:\WINDOWS\System32\CMC.DLL [1997-04-01 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL [1997-04-01 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL [color=orange]========== Files - Modified Within 30 Days ==========[/color] [2009-05-15 08:47:48 | 00,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-05-15 08:47:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-05-15 08:46:58 | 01,033,494 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-05-15 08:46:44 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\desktop.ini [2009-05-15 08:46:42 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-05-15 08:46:40 | 80,483,5328 | -HS- | M] () -- C:\hiberfil.sys [2009-05-14 07:57:38 | 00,000,372 | ---- | M] () -- C:\Documents and Settings\User\Moje dokumenty\spider.sav [2009-05-13 16:12:26 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009-05-12 20:59:00 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-05-07 17:39:22 | 00,001,359 | ---- | M] () -- C:\WINDOWS\win.ini [2009-05-07 09:16:30 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-05-04 10:51:52 | 00,000,114 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Alveo Akuna.url [2009-04-28 16:12:02 | 00,017,014 | ---- | M] () -- C:\WINDOWS\User.acl [2009-04-25 14:31:18 | 00,224,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-04-24 15:50:20 | 00,000,769 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Kurs Tańca.lnk [2009-04-24 13:14:36 | 00,000,455 | ---- | M] () -- C:\WINDOWS\system.ini [2009-04-17 16:51:28 | 00,000,147 | ---- | M] () -- C:\WINDOWS\hexmine.ini < End of report >

Otlist (2):
http://wklej.org/id/91400/
GMER:
http://wklej.org/id/91402/

Jeśli trzeba, mogę dać log z HiJackThisa.

**Posty:** 18165 · przez **wojtas** 16 Maj 2009, 18:50

Uruchom OTListIt2 i w oknie Custom Scans/Fixes wklej :

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O3 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Reg Error: Key error. File not found
O33 - MountPoints2\{36dc96a6-8ab9-11dc-93af-0060b30a1a0b}\Shell\Auto\command - "" = activexdebugger32.exe f
O33 - MountPoints2\{36dc96a6-8ab9-11dc-93af-0060b30a1a0b}\Shell\explore\Command - "" = activexdebugger32.exe f
O33 - MountPoints2\{36dc96a6-8ab9-11dc-93af-0060b30a1a0b}\Shell\open\Command - "" = activexdebugger32.exe f
O33 - MountPoints2\{6094e14c-ad64-11dd-96f0-0060b30a1a0b}\Shell\AutoRun\command - "" = abk.bat
O33 - MountPoints2\{6094e14c-ad64-11dd-96f0-0060b30a1a0b}\Shell\explore\Command - "" = abk.bat
O33 - MountPoints2\{6094e14c-ad64-11dd-96f0-0060b30a1a0b}\Shell\open\Command - "" = abk.bat
O33 - MountPoints2\{f4848f78-27fb-11dc-92b0-0060b30a1a0b}\Shell - "" = AutoRun
O33 - MountPoints2\{f4848f78-27fb-11dc-92b0-0060b30a1a0b}\Shell\Open\command - "" = E:\resycled\boot.com -- File not found

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTListIt2 z opcją Run Scan. Pokazujesz nowy log OTListIt.txt (czyszczenie i skan )

oraz

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5. Wykonaj skan Dr. Web CureIt
6. Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym:

FixIEDef.

Jeśli masz Adobe Reader to zaaktualizuj go do najnowszej wersji

**Posty:** 300 · przez **sgsman** 16 Maj 2009, 19:37

Dzięki, już nie aktualne. Pomógł ten temat:
http://forum.eset.pl/viewtopic.php?f=15&t=371

Teraz pytanie do tego skryptu do OTlista - czy on usuwa jakieś wirusy, czy tylko naprawia mountpointy? Bo jeśli ma tylko przywrócić autoplaya dla dysków, to ja dziękuję, bo nie chcę łapać wirusów z autoruna

ale jeśli coś jeszcze, to proszę powiedzieć.

**Posty:** 18165 · przez **wojtas** 16 Maj 2009, 19:40

usuwa

jak zrobisz odpowiedni skrypt

**Posty:** 300 · przez **sgsman** 16 Maj 2009, 20:13

Chciałem się spytać, czy ten skrypt, co Ty wrzuciłeś wyżej to przewiduje usuwanie czegoś, bo ja tam widzę naprawianie mountpointów, czyszczenie tempa i to:

Kod: Zaznacz wszystko: PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) O3 - HKU\S-1-5-21-1614895754-484061587-725345543-1004\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Reg Error: Key error. File not found

A że nie wiem, co to jest, to się pytam

bo jeśli w mych logach nie znalazłeś wirusów, to dziękuję i temat chyba do zamknięcia

**Posty:** 18165 · przez **wojtas** 17 Maj 2009, 14:25

skasowac je trzeba ponieważ zawieraja wpisy od wirusa z pendriva

... wyzej to

to zamkniecie explorera na czas usuwania i skasowanie pustego wpisu po toolbarze

Aktualizacja avira antivir - łączenie się z internetem

Aktualizacja avira antivir - łączenie się z internetem

Problemy z aktualizacyją antyvira, łączeniem się z internete

Problemy z aktualizacyją antyvira, łączeniem się z internete

Problemy z aktualizacyją antyvira, łączeniem się z internete

Problemy z aktualizacyją antyvira, łączeniem się z internete

Problemy z aktualizacyją antyvira, łączeniem się z internete

Kto jest na forum