Net mi strasznie muli

**Posty:** 24 · przez **baton** 09 Lis 2009, 20:32

pare dni temu założyłem sobie radiówkę 4mb od 2 dni tak mi muli że praktycznie nic nie mogę zrobić gadałem z administratorem sieci i mówi że wszystko działa jak powinno myśle że mam wirusy jakieś ale skanowałem i niczego mi nie wykrywało

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 2009-11-09 19:22:46 - Run 1 OTL by OldTimer - Version 3.1.4.0 Folder = C:\Documents and Settings\Rafał\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,87 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 57,03% Memory free 3,72 Gb Paging File | 2,97 Gb Available in Paging File | 79,66% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 1,97 Gb Free Space | 4,04% Space Free | Partition Type: NTFS Drive D: | 137,47 Gb Total Space | 85,24 Gb Free Space | 62,01% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ODBYT666 Current User Name: Rafał Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-11-09 19:16:32 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rafał\Pulpit\OTL.exe PRC - [2009-10-29 21:34:49 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-10-03 12:02:24 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2009-10-03 12:02:22 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2009-08-31 17:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe PRC - [2009-08-31 15:56:26 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe PRC - [2009-08-30 11:58:04 | 00,189,744 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe PRC - [2009-08-18 14:27:15 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-07-18 00:48:28 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009-04-17 19:11:48 | 00,033,136 | ---- | M] () -- C:\WINDOWS\ASScrPro.exe PRC - [2009-03-26 14:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009-03-05 15:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009-02-16 00:10:22 | 02,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe PRC - [2009-02-16 00:10:22 | 00,981,384 | ---- | M] (Check Point Software Technologies LTD) -- D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008-10-16 18:22:20 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe PRC - [2008-01-31 13:01:38 | 00,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe PRC - [2007-11-09 19:51:40 | 00,540,672 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe PRC - [2007-11-05 20:34:58 | 00,741,376 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe PRC - [2007-10-23 18:35:58 | 00,376,921 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe PRC - [2007-10-23 18:35:40 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe PRC - [2007-10-17 18:04:00 | 07,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe PRC - [2007-07-12 09:25:28 | 00,225,280 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControl.exe PRC - [2007-07-10 16:33:58 | 00,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe PRC - [2007-07-05 15:53:44 | 01,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2007-06-28 10:31:38 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2007-05-23 15:56:14 | 02,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe PRC - [2007-04-17 12:39:42 | 00,077,824 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe PRC - [2007-02-02 07:55:08 | 00,446,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2007-02-02 07:55:08 | 00,446,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2007-01-16 15:13:14 | 00,106,496 | ---- | M] (ASUS) -- C:\WINDOWS\system32\ASUSTPE.exe PRC - [2006-11-02 07:27:32 | 00,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe PRC - [2006-09-29 08:57:36 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2006-09-29 08:57:30 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2006-07-26 17:01:06 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe PRC - [2006-03-02 13:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 13:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2006-03-02 13:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2006-03-02 13:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2006-03-02 13:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-11 00:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009-11-09 19:16:32 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rafał\Pulpit\OTL.exe MOD - [2006-03-02 13:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 13:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2006-03-02 13:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll MOD - [2006-03-02 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-10-03 12:02:22 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009-09-25 00:58:00 | 03,022,158 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009-08-30 11:58:04 | 00,189,744 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB) SRV - [2009-08-18 14:27:15 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-07-18 00:48:25 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009-04-24 12:51:50 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9c4d31087d250) SRV - [2009-04-02 15:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009-03-26 14:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009-02-16 00:10:22 | 02,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008-10-16 18:22:20 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService) SRV - [2007-10-23 18:35:40 | 00,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe -- (ACS) SRV - [2007-08-03 11:24:54 | 00,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2007-06-28 10:31:38 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2007-06-01 09:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2007-04-13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2007-02-02 07:55:08 | 00,446,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2006-03-02 13:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2005-09-23 06:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2005-09-23 06:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2004-08-11 00:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-07-03 15:49:08 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2009-04-17 19:25:48 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-03-19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009-02-16 00:10:26 | 00,353,672 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2008-11-17 02:24:00 | 00,051,688 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan) DRV - [2007-10-26 01:20:36 | 00,549,184 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2007-08-24 04:46:48 | 00,005,760 | R--- | M] () -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2007-08-21 09:50:54 | 00,030,208 | R--- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002) DRV - [2007-08-03 05:26:22 | 00,020,936 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2007-07-03 18:46:24 | 00,057,344 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD) DRV - [2007-02-02 08:03:24 | 01,975,296 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-01-24 11:08:40 | 00,005,632 | R--- | M] ( ) -- C:\WINDOWS\system32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2006-11-22 10:35:00 | 00,982,272 | R--- | M] (Motorola Inc.) -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2006-11-03 02:32:30 | 04,394,496 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) DRV - [2006-06-09 23:07:28 | 00,027,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RTSTOR.sys -- (RTSTOR) DRV - [2006-05-25 18:28:44 | 00,684,265 | R--- | M] () -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2006-05-25 12:40:58 | 00,193,088 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-03-02 13:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2005-01-07 16:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-10-15 11:50:20 | 00,015,295 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) DRV - [2004-08-03 22:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) DRV - [2003-08-12 17:51:00 | 00,060,255 | R--- | M] (STMicroelectronics ) -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2003-08-04 12:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-08-17 20:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Ask" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://google.pl/" FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.1 FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15 FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-10-29 21:34:54 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-30 14:16:58 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-04-17 19:04:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Extensions [2009-04-17 19:04:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-11-09 18:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\8k97ddgo.default\extensions [2009-09-14 19:44:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\8k97ddgo.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009-11-09 18:25:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\8k97ddgo.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2009-08-26 20:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\8k97ddgo.default\extensions\searchrecs@veoh.com [2009-07-27 09:20:30 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\8k97ddgo.default\searchplugins\ask.xml [2009-04-17 19:28:02 | 00,002,921 | ---- | M] () -- C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\8k97ddgo.default\searchplugins\daemon-search.xml [2009-07-30 12:09:43 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-10-29 21:34:48 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-10-29 21:34:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2009-10-29 21:34:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2009-02-24 20:34:32 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll [2009-02-24 20:34:14 | 01,337,648 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll [2009-05-20 00:49:50 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2009-01-29 04:08:04 | 00,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll [2009-08-17 06:42:14 | 00,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll [2009-10-29 21:34:49 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2009-10-30 14:16:47 | 00,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll [2009-02-27 11:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2008-09-10 20:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll [2009-04-28 18:16:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll [2009-04-28 18:16:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll [2009-04-28 18:16:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll [2009-04-28 18:16:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll [2009-04-28 18:16:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll [2009-04-28 18:16:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll [2009-04-28 18:16:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll [2008-09-10 20:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll [2009-02-24 20:34:32 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll [2009-07-22 15:56:35 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2008-04-03 18:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2008-04-16 05:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2007-03-31 18:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2006-06-03 17:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2008-03-28 22:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2007-01-05 12:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (305181 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 10509 more lines... O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Rafał\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe () O4 - HKLM..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe (ASUS) O4 - HKLM..\Run: [ATKHOTKEY] C:\Program Files\ATK Hotkey\Hcontrol.exe () O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe () O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.) O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe () O4 - HKLM..\Run: [ZoneAlarm Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [cdoosoft] C:\DOCUME~1\RAFA~1\USTAWI~1\Temp\herss.exe File not found O4 - HKCU..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [SpybotDeletingA851] C:\WINDOWS\System32\command.com () O4 - HKLM..\RunOnce: [SpybotDeletingC9231] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [SpybotDeletingB4911] C:\WINDOWS\System32\command.com () O4 - HKCU..\RunOnce: [SpybotDeletingD5506] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\Rafał\Menu Start\Programy\Autostart\CCC.lnk = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-04-17 17:14:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-11-09 19:22:37 | 00,000,055 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-11-09 19:22:37 | 00,000,055 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{0f681872-6fe0-11de-8876-0015af81f2cc}\Shell\AutoRun\command - "" = J:\a2g21.exe -- File not found O33 - MountPoints2\{0f681872-6fe0-11de-8876-0015af81f2cc}\Shell\open\Command - "" = J:\a2g21.exe -- File not found O33 - MountPoints2\{a56813f8-c793-11de-8947-0015af81f2cc}\Shell\AutoRun\command - "" = H:\gcq6.exe -- File not found O33 - MountPoints2\{a56813f8-c793-11de-8947-0015af81f2cc}\Shell\open\Command - "" = H:\gcq6.exe -- File not found O33 - MountPoints2\{a56813f9-c793-11de-8947-0015af81f2cc}\Shell\AutoRun\command - "" = I:\gcq6.exe -- File not found O33 - MountPoints2\{a56813f9-c793-11de-8947-0015af81f2cc}\Shell\open\Command - "" = I:\gcq6.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-11-09 19:16:19 | 00,528,896 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rafał\Pulpit\OTL.exe [2009-11-09 18:25:43 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis [2009-11-09 18:25:16 | 00,058,248 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll [2009-11-09 18:25:15 | 00,103,816 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll [2009-11-09 18:25:15 | 00,069,000 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll [2009-11-09 18:25:10 | 00,035,208 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll [2009-11-09 18:25:09 | 01,221,512 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll [2009-11-09 18:25:09 | 00,309,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll [2009-11-09 18:25:09 | 00,109,960 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll [2009-11-09 18:25:09 | 00,107,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll [2009-11-09 18:25:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs [2009-11-09 18:25:08 | 00,353,672 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys [2009-11-09 18:23:59 | 00,482,184 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll [2009-11-09 18:23:59 | 00,229,256 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll [2009-11-09 18:23:59 | 00,110,472 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll [2009-11-08 23:46:43 | 05,930,248 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\Rafał\Pulpit\Ad-AwareInstallation.exe.part [2009-10-30 18:49:06 | 00,000,000 | ---D | C] -- C:\Program Files\DevalVR [2009-10-30 17:19:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Pulpit\Nowy folder (2) [2009-10-30 14:17:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\PMB Files [2009-10-30 14:17:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2009-10-30 14:16:23 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2009-10-29 20:58:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Moje dokumenty\Mount&Blade Savegames [2009-10-29 20:24:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Dane aplikacji\Mount&Blade [2009-10-29 20:23:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs [2009-10-27 21:23:17 | 48,909,288 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Rafał\Pulpit\msprod2.exe [2009-10-26 17:15:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Pulpit\ge-good-ending-8 [2009-10-26 09:01:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Pulpit\[2001]Akurat - Pomarancza [2009-10-22 18:07:27 | 00,064,000 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_sfighters_launching.dll [2009-10-22 18:07:27 | 00,061,440 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_atlantica_launching.dll [2009-10-22 18:07:27 | 00,053,248 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_luminary_launching.dll [2009-10-22 18:07:26 | 00,087,472 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\ijjiChannelingPlugin.dll [2009-10-22 18:07:26 | 00,058,800 | ---- | C] (NHN USA Inc.) -- C:\WINDOWS\System32\ijjiProcessRestarter.exe [2009-10-21 18:08:30 | 03,393,208 | ---- | C] (Macrovision Corporation) -- C:\Documents and Settings\Rafał\Pulpit\ijjiAutoInstaller.exe [2009-10-20 06:02:58 | 00,000,000 | ---D | C] -- C:\Program Files\No23 Recorder [2009-10-19 23:03:57 | 02,195,429 | ---- | C] (No23) -- C:\Documents and Settings\Rafał\Pulpit\No23Recorder.exe [2009-10-19 22:33:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-10-19 22:33:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Dane aplikacji\OpenFM [2009-10-19 22:22:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Pulpit\SCIAGA [2009-10-17 11:24:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Pulpit\Nowy folder [2009-10-13 12:54:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Pulpit\matma [2009-10-11 19:16:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Pulpit\2005 - System Of A Down - Hypnotize [2009-10-11 17:40:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rafał\Pulpit\SOAD TOXICITY [2009-04-20 21:18:51 | 01,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\Documents and Settings\All Users\Dane aplikacji\DynuEncrypt.dll [2009-04-17 18:54:02 | 00,005,632 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-11-09 19:23:03 | 00,000,055 | RHS- | M] () -- C:\autorun.inf [2009-11-09 19:17:37 | 00,523,776 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\dds.scr [2009-11-09 19:16:32 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rafał\Pulpit\OTL.exe [2009-11-09 19:16:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009-11-09 19:07:09 | 00,000,223 | ---- | M] () -- C:\WINDOWS\wininit.ini [2009-11-09 18:56:39 | 00,984,778 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-11-09 18:56:39 | 00,448,586 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-11-09 18:56:39 | 00,392,630 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-11-09 18:56:39 | 00,074,648 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-11-09 18:56:39 | 00,058,930 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-11-09 18:52:26 | 00,350,192 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2009-11-09 18:52:15 | 00,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009-11-09 18:52:13 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-11-09 18:52:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-11-09 18:51:08 | 06,815,744 | ---- | M] () -- C:\Documents and Settings\Rafał\ntuser.dat [2009-11-09 18:51:08 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Rafał\ntuser.ini [2009-11-09 18:25:22 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2009-11-09 18:23:46 | 33,952,648 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\zaSetup_80_298_000_en.exe [2009-11-09 18:09:17 | 32,967,993 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\zlsSetup_70_337_000_en.exe [2009-11-09 17:36:57 | 18,417,304 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\ZoneAlarm_Free_7.1.exe [2009-11-09 17:14:51 | 12,174,706 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\zaZA_Setup_en.exe [2009-11-09 16:41:50 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-08 23:50:43 | 05,930,248 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\Rafał\Pulpit\Ad-AwareInstallation.exe.part [2009-11-08 23:46:46 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\Ad-AwareInstallation.exe [2009-11-08 10:12:08 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-11-07 20:21:53 | 00,036,864 | ---- | M] () -- C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-05 18:09:10 | 00,000,400 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\Połączenie lokalne.lnk [2009-11-05 17:41:28 | 01,578,298 | -H-- | M] () -- C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-11-02 13:02:01 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009-11-01 09:33:35 | 00,115,086 | RHS- | M] () -- C:\gcq6.exe [2009-10-30 17:34:25 | 00,143,041 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\PA300085.JPG [2009-10-30 17:25:55 | 00,000,624 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\Atlantica Online.lnk [2009-10-30 14:15:54 | 01,844,920 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\AtlanticaDownloaderV20908.exe [2009-10-30 00:33:58 | 01,837,031 | ---- | M] () -- C:\Documents and Settings\Rafał\Moje dokumenty\Manga_Girls_by_oNichaN_xD.jpg [2009-10-29 20:55:54 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\Mount&Blade.lnk [2009-10-27 22:23:04 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\MS_Office_PowerPoint_2007_PL_Portable.part1(2).rar [2009-10-27 21:27:17 | 48,909,288 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Rafał\Pulpit\msprod2.exe [2009-10-26 17:14:05 | 06,754,404 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\ge.good.ending-8.zip [2009-10-26 09:02:01 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\iTunes.lnk [2009-10-22 18:07:28 | 00,000,752 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ijji REACTOR.lnk [2009-10-22 18:07:28 | 00,000,142 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ijji.url [2009-10-22 09:33:12 | 00,000,099 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\i j j i.url [2009-10-21 18:33:19 | 00,000,493 | -H-- | M] () -- C:\Documents and Settings\Rafał\Pulpit\Siegfried.lektor.DVDRip.XviD-CiNE0S.rmvb.ini [2009-10-21 18:08:44 | 03,393,208 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\Rafał\Pulpit\ijjiAutoInstaller.exe [2009-10-20 06:03:03 | 00,000,772 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\No23 Recorder.lnk [2009-10-19 23:04:06 | 02,195,429 | ---- | M] (No23) -- C:\Documents and Settings\Rafał\Pulpit\No23Recorder.exe [2009-10-19 21:19:55 | 00,045,056 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\bajki_krasickiego.doc [2009-10-14 11:07:16 | 00,000,411 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI [2009-10-11 17:30:55 | 63,019,517 | ---- | M] () -- C:\Documents and Settings\Rafał\Pulpit\SOAD_TOXICITY.rar [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-11-09 19:17:28 | 00,523,776 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\dds.scr [2009-11-09 18:25:22 | 00,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2009-11-09 18:25:08 | 00,350,192 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml [2009-11-09 18:16:32 | 33,952,648 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\zaSetup_80_298_000_en.exe [2009-11-09 17:51:41 | 32,967,993 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\zlsSetup_70_337_000_en.exe [2009-11-09 17:30:06 | 18,417,304 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\ZoneAlarm_Free_7.1.exe [2009-11-09 16:45:02 | 12,174,706 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\zaZA_Setup_en.exe [2009-11-08 23:46:46 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\Ad-AwareInstallation.exe [2009-11-05 18:09:10 | 00,000,400 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\Połączenie lokalne.lnk [2009-11-05 17:39:28 | 00,000,223 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009-11-02 11:00:35 | 00,115,086 | RHS- | C] () -- C:\gcq6.exe [2009-11-02 11:00:35 | 00,000,055 | RHS- | C] () -- C:\autorun.inf [2009-10-30 17:25:54 | 00,000,624 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\Atlantica Online.lnk [2009-10-30 17:19:32 | 00,143,041 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\PA300085.JPG [2009-10-30 14:15:40 | 01,844,920 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\AtlanticaDownloaderV20908.exe [2009-10-30 00:33:31 | 01,837,031 | ---- | C] () -- C:\Documents and Settings\Rafał\Moje dokumenty\Manga_Girls_by_oNichaN_xD.jpg [2009-10-29 20:23:49 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\Mount&Blade.lnk [2009-10-27 21:36:10 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\MS_Office_PowerPoint_2007_PL_Portable.part1(2).rar [2009-10-26 17:13:24 | 06,754,404 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\ge.good.ending-8.zip [2009-10-22 18:07:28 | 00,000,752 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ijji REACTOR.lnk [2009-10-22 18:07:28 | 00,000,142 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ijji.url [2009-10-22 09:33:12 | 00,000,099 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\i j j i.url [2009-10-21 21:46:29 | 11,820,89176 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\U_LUNIA_setup.exe [2009-10-21 21:46:29 | 00,000,112 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\GamersHell.url [2009-10-20 06:03:03 | 00,000,772 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\No23 Recorder.lnk [2009-10-19 21:19:54 | 00,045,056 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\bajki_krasickiego.doc [2009-10-18 12:32:32 | 00,159,568 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\IMG_1451.JPG [2009-10-18 12:32:32 | 00,129,556 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\IMG_1450.JPG [2009-10-16 23:11:45 | 00,000,493 | -H-- | C] () -- C:\Documents and Settings\Rafał\Pulpit\Siegfried.lektor.DVDRip.XviD-CiNE0S.rmvb.ini [2009-10-16 21:49:57 | 00,000,113 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\DW--------------www.darkwarez.pl-------demsi13.url [2009-10-11 16:54:13 | 63,019,517 | ---- | C] () -- C:\Documents and Settings\Rafał\Pulpit\SOAD_TOXICITY.rar [2009-09-16 20:56:42 | 00,000,411 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2009-09-16 20:54:21 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI [2009-08-30 15:14:56 | 00,000,040 | ---- | C] () -- C:\WINDOWS\System32\Sx5363.ini [2009-08-13 20:54:56 | 00,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2009-06-29 09:46:58 | 00,000,024 | ---- | C] () -- C:\WINDOWS\ATKPF.ini [2009-06-26 17:26:13 | 00,036,864 | ---- | C] () -- C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-19 15:26:51 | 00,139,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-06-15 11:42:33 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-04-17 19:27:53 | 00,013,640 | ---- | C] () -- C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-04-17 19:25:48 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-04-17 19:11:45 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll [2009-04-17 19:03:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-04-17 18:52:51 | 00,005,760 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys [2009-04-17 18:44:50 | 00,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini [2009-04-17 18:44:50 | 00,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini [2009-04-17 18:44:49 | 00,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2009-04-17 18:44:14 | 00,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2009-04-17 18:21:22 | 01,578,298 | -H-- | C] () -- C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-04-17 17:19:38 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Rafał\Dane aplikacji\desktop.ini [2007-03-02 11:44:44 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\zmbv.dll [2006-03-02 13:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2006-03-02 13:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2006-03-02 13:00:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2006-03-02 13:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini < End of report >

DSS

Kod: Zaznacz wszystko: DDS (Ver_09-10-26.01) - NTFSx86 Run by Rafa at 19:23:06,18 on 2009-11-09 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.1919.1075 [GMT 1:00] FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\ATK Hotkey\Hcontrol.exe C:\Program Files\ATKOSD2\ATKOSD2.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\Atheros\ACU.exe C:\Program Files\ASUS\ATK Media\DMEDIA.EXE C:\WINDOWS\system32\ASUSTPE.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\WINDOWS\ASScrPro.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Nowe Gadu-Gadu\gg.exe C:\Program Files\ATK Hotkey\ATKOSD.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe C:\Program Files\ATK Hotkey\KBFiltr.exe C:\Program Files\ATK Hotkey\WDC.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Documents and Settings\Rafał\Pulpit\OTL.exe C:\Documents and Settings\Rafał\Pulpit\dds.scr ============== Pseudo HJT Report =============== uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uStart Page = hxxp://www.neostrada.pl mDefault_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll BHO: IEPluginBHO Class: {f5cc7f02-6f4e-4462-b5b1-394a57fd3e0d} - c:\documents and settings\rafał\dane aplikacji\nowe gadu-gadu\_userdata\ggbho.1.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: ZoneAlarm Spy Blocker Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Nowe Gadu-Gadu] "c:\program files\nowe gadu-gadu\gg.exe" uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe uRun: [cdoosoft] c:\docume~1\rafa~1\ustawi~1\temp\herss.exe uRunOnce: [SpybotDeletingB4911] command /c del "c:\documents and settings\rafał\ustawienia lokalne\temp\cvasds1.dll_old" uRunOnce: [SpybotDeletingD5506] cmd /c del "c:\documents and settings\rafał\ustawienia lokalne\temp\cvasds1.dll_old" mRun: [ATKHOTKEY] "c:\program files\atk hotkey\Hcontrol.exe" mRun: [ATKOSD2] "c:\program files\atkosd2\ATKOSD2.exe" mRun: [Alcmtr] ALCMTR.EXE mRun: [Wireless Console 2] "c:\program files\wireless console 2\wcourier.exe" mRun: [ACU] "c:\program files\atheros\ACU.exe" -nogui mRun: [ATKMEDIA] c:\program files\asus\atk media\DMEDIA.EXE mRun: [ASUSTPE] c:\windows\system32\ASUSTPE.exe mRun: [Power_Gear] c:\program files\asus\power4 gear\BatteryLife.exe 1 mRun: [ASUS Camera ScreenSaver] c:\windows\ASScrProlog.exe mRun: [ASUS Screen Saver Protector] c:\windows\ASScrPro.exe mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [ZoneAlarm Client] "d:\program files\zone labs\zonealarm\zlclient.exe" mRunOnce: [SpybotDeletingA851] command /c del "c:\documents and settings\rafał\ustawienia lokalne\temp\cvasds1.dll_old" mRunOnce: [SpybotDeletingC9231] cmd /c del "c:\documents and settings\rafał\ustawienia lokalne\temp\cvasds1.dll_old" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\rafa~1\menust~1\programy\autost~1\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: {0EC874F5-C965-481C-B9FA-76AC4DAE093D} = 82.160.13.20,213.199.225.14 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" mASetup: ccc-core-static - msiexec /fums {857D4360-762B-978B-76AD-491AA719E47A} /qb ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\rafa~1\daneap~1\mozilla\firefox\profiles\8k97ddgo.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.pl/ FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= FF - plugin: c:\documents and settings\rafaĺ‚\dane aplikacji\nowe gadu-gadu\_userdata\npgg.1.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\java\j2re1.4.0_03\bin\NPJava11.dll FF - plugin: c:\program files\java\j2re1.4.0_03\bin\NPJava12.dll FF - plugin: c:\program files\java\j2re1.4.0_03\bin\NPJava13.dll FF - plugin: c:\program files\java\j2re1.4.0_03\bin\NPJava32.dll FF - plugin: c:\program files\java\j2re1.4.0_03\bin\NPJPI140_03.dll FF - plugin: c:\program files\java\j2re1.4.0_03\bin\NPOJI610.dll FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll FF - plugin: c:\program files\mozilla firefox\plugins\npijjiCHPlugin.dll FF - plugin: c:\program files\mozilla firefox\plugins\npijjiFFPlugin1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-8-29 64160] R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-11-9 464264] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1028432] R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l251x86.sys [2009-4-17 30208] R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [2009-4-17 57344] S2 gupdate1c9c4d31087d250;Usługa Google Update (gupdate1c9c4d31087d250);c:\program files\google\update\GoogleUpdate.exe [2009-4-24 133104] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [2009-4-17 60255] S3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [2009-4-17 684265] =============== Created Last 30 ================ 2009-11-09 17:25:43 0 d-----w- c:\program files\AskBarDis 2009-11-09 17:25:22 4212 ---ha-w- c:\windows\system32\zllictbl.dat 2009-11-09 17:25:09 1221512 ----a-w- c:\windows\system32\zpeng25.dll 2009-11-09 17:25:09 0 d-----w- c:\windows\system32\ZoneLabs 2009-11-09 17:25:08 350192 ----a-w- c:\windows\system32\vsconfig.xml 2009-11-05 16:39:28 223 ----a-w- c:\windows\wininit.ini 2009-11-02 10:00:35 55 --sh--r- C:\autorun.inf 2009-11-02 10:00:35 115086 --sh--r- C:\gcq6.exe 2009-10-30 17:49:06 0 d-----w- c:\program files\DevalVR 2009-10-30 13:17:04 0 d-----w- c:\docume~1\alluse~1\daneap~1\PMB Files 2009-10-30 13:16:23 0 d-----w- c:\program files\Pando Networks 2009-10-29 19:24:05 0 d-----w- c:\docume~1\rafa~1\daneap~1\Mount&Blade 2009-10-29 19:23:55 0 d-----w- c:\windows\Logs 2009-10-22 17:07:27 64000 ----a-w- c:\windows\system32\uc_sfighters_launching.dll 2009-10-22 17:07:27 61440 ----a-w- c:\windows\system32\uc_atlantica_launching.dll 2009-10-22 17:07:27 53248 ----a-w- c:\windows\system32\uc_luminary_launching.dll 2009-10-22 17:07:26 87472 ----a-w- c:\windows\system32\ijjiChannelingPlugin.dll 2009-10-22 17:07:26 58800 ----a-w- c:\windows\system32\ijjiProcessRestarter.exe 2009-10-20 05:02:58 0 d-----w- c:\program files\No23 Recorder 2009-10-19 21:33:51 0 d-----w- c:\docume~1\alluse~1\daneap~1\OpenFM 2009-10-19 21:33:50 0 d-----w- c:\docume~1\rafa~1\daneap~1\OpenFM ==================== Find3M ==================== 2009-11-09 17:56:39 74648 ----a-w- c:\windows\system32\perfc015.dat 2009-11-09 17:56:39 448586 ----a-w- c:\windows\system32\perfh015.dat 2009-11-09 17:51:08 6815744 ----a-w- c:\documents and settings\rafał\ntuser.dat 2009-10-03 11:02:52 15688 ----a-w- c:\windows\system32\lsdelete.exe 2009-08-30 10:58:04 189744 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-25 15:04:30 75264 ----a-w- c:\windows\system32\uc_holybeast_launching.dll 2009-08-18 13:27:15 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-13 19:54:56 41872 ----a-w- c:\windows\system32\xfcodec.dll ============= FINISH: 19:23:32,23 ===============

Dziękuje z góry za poświęcony czas

**Posty:** 18165 · przez **wojtas** 09 Lis 2009, 21:21

odinstaluj AskBarDis

wejdź na dysk na którym masz windows zainstalowany, tam w katalog WINDOWS -> system 32 -> drivers -> etc
i tam za pomocą notatnika otwórz plik hosts

Jeśli są jakieś wpisy pod

# 102.54.94.97 rhino.acme.com # serwer źródłowy
# 38.25.63.10 x.acme.com # komputer kliencki x
127.0.0.1 localhost

to usun tylko zostaw te pokazane przeze mnie wyzej zapisz edytowany plik

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKCU..\Run: [cdoosoft] C:\DOCUME~1\RAFA~1\USTAWI~1\Temp\herss.exe File not found
O32 - AutoRun File - [2009-11-09 19:22:37 | 00,000,055 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-11-09 19:22:37 | 00,000,055 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{0f681872-6fe0-11de-8876-0015af81f2cc}\Shell\AutoRun\command - "" = J:\a2g21.exe -- File not found
O33 - MountPoints2\{0f681872-6fe0-11de-8876-0015af81f2cc}\Shell\open\Command - "" = J:\a2g21.exe -- File not found
O33 - MountPoints2\{a56813f8-c793-11de-8947-0015af81f2cc}\Shell\AutoRun\command - "" = H:\gcq6.exe -- File not found
O33 - MountPoints2\{a56813f8-c793-11de-8947-0015af81f2cc}\Shell\open\Command - "" = H:\gcq6.exe -- File not found
O33 - MountPoints2\{a56813f9-c793-11de-8947-0015af81f2cc}\Shell\AutoRun\command - "" = I:\gcq6.exe -- File not found
O33 - MountPoints2\{a56813f9-c793-11de-8947-0015af81f2cc}\Shell\open\Command - "" = I:\gcq6.exe -- File not found

:Files
C:\gcq6.exe
D:\gcq6.exe

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db1b3e60-05ac-11de-a5d3-00001cd72a97}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTL z opcją Run Scan. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia kompa