Problem z otwieraniem stron internetowych.

[Ryuuk]

Witam. Moim problemem są bardzo wolno a najczęściej wcale nie otwierające się strony internetowe. Ping mam niby niski, gry mmo smigają, tlen dziala, ściąganie flashgetem też bezproblemowe, natomiast same strony bardzo ciężko się otwierają, muszę wiele razy odświeżać, bo najczęsciej wywala komunikat, że strona długo nie odpowiada i połączenie zostało zresetowane. Czasami są przebłyski i przez krótką chwilę wszystko śmiga jak należy. Nie wiem czy to wina mojego dostawcy netu, czy u mnie coś siedzi dlatego też proszę o sprawdzenie logów. Dodam tylko, że wczoraj zainstalowałem zonealarma, zupdatowalem avasta do professional, co wymagało też kilku ponownych uruchomień, a dzisiaj rano komputer wieszał się chwilę po włączeniu i musiałem zrobić przywracanie systemu.

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:58, on 2010-02-10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\V0420Mon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PLANET WL-8314\WLANMON.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mat\Pulpit\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WL-8314 Configuration Utility.lnk = ?
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 5887 bytes

Kod: Zaznacz wszystko

OTL logfile created on: 2010-02-10 13:07:48 - Run 1
OTL by OldTimer - Version 3.1.28.0     Folder = C:\Documents and Settings\Mat\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 81,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 3,00 Gb Free Space | 30,72% Space Free | Partition Type: NTFS
Drive D: | 185,55 Gb Total Space | 151,72 Gb Free Space | 81,77% Space Free | Partition Type: NTFS
Drive E: | 185,55 Gb Total Space | 161,80 Gb Free Space | 87,20% Space Free | Partition Type: NTFS
Drive F: | 84,88 Gb Total Space | 29,76 Gb Free Space | 35,06% Space Free | Partition Type: NTFS
Drive G: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BOND
Current User Name: Mat
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-02-10 12:57:04 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mat\Pulpit\OTL.exe
PRC - [2010-01-07 20:17:18 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-10-11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-10-11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-06-07 13:28:34 | 001,648,640 | ---- | M] () -- E:\Program Files\foobar2000\foobar2000.exe
PRC - [2009-05-16 04:15:52 | 000,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009-02-05 13:43:26 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2009-01-17 15:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe
PRC - [2009-01-13 07:37:06 | 018,084,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007-04-30 01:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0420Mon.exe
PRC - [2006-11-16 19:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-11-16 18:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2005-03-08 16:46:06 | 000,299,008 | ---- | M] (PLANET Technology Corp.) -- C:\Program Files\PLANET WL-8314\WLANMON.exe
PRC - [2004-08-03 23:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-10-31 19:42:40 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-02-10 12:57:04 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mat\Pulpit\OTL.exe
MOD - [2009-11-25 00:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008-06-19 13:20:08 | 000,017,408 | ---- | M] () -- C:\Program Files\Tlen.pl\hook.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-10-11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-05-16 04:15:52 | 000,602,112 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-05-15 21:05:00 | 000,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009-02-05 13:43:26 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2006-11-10 19:18:02 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- E:\Program Files\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-10-26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-02-10 12:42:55 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-11-22 01:39:55 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-11-22 01:39:55 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-11-16 23:55:09 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2009-11-16 23:38:01 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-09-15 12:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-09-15 12:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 12:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-05-16 04:58:44 | 004,069,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-04-01 12:28:32 | 000,093,184 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009-01-20 11:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-12-25 10:32:32 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008-10-30 14:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-05-31 09:32:34 | 000,099,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
DRV - [2007-04-16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004-09-01 20:10:32 | 000,253,696 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MRV8335XP.sys -- (W8335XP)
DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2004-08-03 21:59:44 | 000,095,360 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2004-04-30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2001-08-17 22:49:56 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "allegro.pl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 0
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-07 20:17:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-07 20:17:20 | 000,000,000 | ---D | M]

[2009-11-09 18:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Extensions
[2009-11-09 18:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Extensions\mozswing@mozswing.org
[2010-02-10 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions
[2010-02-10 12:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010-02-10 12:15:39 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2)
[2009-11-09 18:24:52 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-02-10 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions\staged-xpis
[2009-11-29 13:23:13 | 000,002,458 | ---- | M] () -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\searchplugins\wikicytaty-pl.xml
[2010-02-10 12:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-15 20:00:25 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-15 20:00:25 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-07-15 20:00:25 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-07-15 20:00:25 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-07-15 20:00:25 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-07-15 20:00:25 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\WL-8314 Configuration Utility.lnk = C:\Program Files\PLANET WL-8314\WLANMON.exe (PLANET Technology Corp.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.101.1 194.204.152.34
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-09 17:42:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5774854e-d2c1-11de-88eb-00304f4aaea2}\Shell\AutoRun\command - "" = ph.exe
O33 - MountPoints2\{5774854e-d2c1-11de-88eb-00304f4aaea2}\Shell\open\Command - "" = ph.exe
O33 - MountPoints2\{5774854f-d2c1-11de-88eb-00304f4aaea2}\Shell\AutoRun\command - "" = J:\ph.exe -- File not found
O33 - MountPoints2\{5774854f-d2c1-11de-88eb-00304f4aaea2}\Shell\open\Command - "" = J:\ph.exe -- File not found
O33 - MountPoints2\{673efebc-0c52-11df-894c-00304f4aaea2}\Shell\AutoRun\command - "" = H:\ph.exe -- File not found
O33 - MountPoints2\{673efebc-0c52-11df-894c-00304f4aaea2}\Shell\open\Command - "" = H:\ph.exe -- File not found
O33 - MountPoints2\{673efebd-0c52-11df-894c-00304f4aaea2}\Shell\AutoRun\command - "" = I:\ph.exe -- File not found
O33 - MountPoints2\{673efebd-0c52-11df-894c-00304f4aaea2}\Shell\open\Command - "" = I:\ph.exe -- File not found
O33 - MountPoints2\{825f7551-ee3b-11de-891f-00304f4aaea2}\Shell - "" = AutoRun
O33 - MountPoints2\{825f7551-ee3b-11de-891f-00304f4aaea2}\Shell\AutoRun\command - "" = I:\MafiaLauncher.EXE -- File not found
O33 - MountPoints2\{e8044bf4-d300-11de-88ec-00304f4aaea2}\Shell - "" = AutoRun
O33 - MountPoints2\{e8044bf4-d300-11de-88ec-00304f4aaea2}\Shell\AutoRun\command - "" = H:\autorun.exe -- File not found
O33 - MountPoints2\{e8044bf4-d300-11de-88ec-00304f4aaea2}\Shell\install\command - "" = H:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-02-10 12:57:06 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Mat\Pulpit\HijackThis.exe
[2010-02-10 12:56:48 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mat\Pulpit\OTL.exe
[2010-02-10 11:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-02-09 18:57:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
[2010-02-09 14:01:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010-02-08 16:20:49 | 000,000,000 | ---D | C] -- e:\Moje dokumenty\C++
[2010-02-04 16:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\Xenocode
[2010-02-04 16:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\gctmp
[2010-02-04 16:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Pulpit\CRACK
[2010-02-02 20:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT
[2010-01-12 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010-01-11 23:35:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Dane aplikacji\uTorrent
[2010-01-11 20:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Dane aplikacji\DivX
[2010-01-11 20:51:51 | 000,000,000 | R--D | C] -- e:\Moje dokumenty\Moje wideo
[2010-01-11 20:32:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Dane aplikacji\BESTplayer
[2010-01-11 20:31:51 | 001,247,744 | ---- | C] (Karol Winnicki) -- C:\Documents and Settings\Mat\Pulpit\BESTplayer2130_[www.programosy.pl].exe
[2009-11-28 09:56:25 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-11-28 09:56:25 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2009-11-09 17:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-11-09 17:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-11-09 17:42:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-11-09 17:42:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-02-10 12:57:21 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Mat\Pulpit\HijackThis.exe
[2010-02-10 12:57:04 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mat\Pulpit\OTL.exe
[2010-02-10 12:47:52 | 000,178,544 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010-02-10 12:47:16 | 000,984,842 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-02-10 12:47:16 | 000,448,334 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-02-10 12:47:16 | 000,392,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-02-10 12:47:16 | 000,074,434 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-02-10 12:47:16 | 000,058,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-02-10 12:42:55 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010-02-10 12:42:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-02-10 12:42:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-02-10 12:42:15 | 003,747,840 | ---- | M] () -- C:\Documents and Settings\Mat\ntuser.dat
[2010-02-10 12:42:09 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mat\ntuser.ini
[2010-02-10 12:42:04 | 004,313,848 | -H-- | M] () -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-10 12:41:29 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-02-10 12:18:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-02-10 12:02:44 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-02-10 12:02:44 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-02-10 12:01:59 | 000,046,985 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-02-10 11:43:49 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010-02-08 16:21:45 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-02-05 15:33:30 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\Mat\Pulpit\bez tytułu.bmp
[2010-02-05 14:43:09 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-01-12 20:50:27 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-11 20:32:48 | 001,247,744 | ---- | M] (Karol Winnicki) -- C:\Documents and Settings\Mat\Pulpit\BESTplayer2130_[www.programosy.pl].exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-02-09 14:01:35 | 000,046,985 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-02-09 07:29:38 | 003,747,840 | ---- | C] () -- C:\Documents and Settings\Mat\ntuser.dat
[2010-02-05 15:33:30 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Mat\Pulpit\bez tytułu.bmp
[2010-02-05 14:43:09 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-02-04 16:00:00 | 005,916,303 | ---- | C] () -- C:\Documents and Settings\Mat\Pulpit\GameCam_V22_2_Setup.exe
[2009-11-29 15:46:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-22 01:39:55 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-11-22 01:39:55 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-11-20 14:19:10 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-16 23:38:01 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-11-10 19:34:33 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2009-11-10 17:54:16 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-08-03 21:59:44 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
< End of report >


[NieWiem]

W logu nic, co mogłoby mieć wpływ na problemy z netem.

1. Wrzuć plik

C:\WINDOWS\system32\DRIVERS\atapi.sys

do przeskanowania na www.virscan.org i zaprezentuj wyniki.

2. Do OTL na dole wklej:

:OTL
O33 - MountPoints2\{5774854e-d2c1-11de-88eb-00304f4aaea2}\Shell\AutoRun\command - "" = ph.exe
O33 - MountPoints2\{5774854e-d2c1-11de-88eb-00304f4aaea2}\Shell\open\Command - "" = ph.exe
O33 - MountPoints2\{5774854f-d2c1-11de-88eb-00304f4aaea2}\Shell\AutoRun\command - "" = J:\ph.exe -- File not found
O33 - MountPoints2\{5774854f-d2c1-11de-88eb-00304f4aaea2}\Shell\open\Command - "" = J:\ph.exe -- File not found
O33 - MountPoints2\{673efebc-0c52-11df-894c-00304f4aaea2}\Shell\AutoRun\command - "" = H:\ph.exe -- File not found
O33 - MountPoints2\{673efebc-0c52-11df-894c-00304f4aaea2}\Shell\open\Command - "" = H:\ph.exe -- File not found
O33 - MountPoints2\{673efebd-0c52-11df-894c-00304f4aaea2}\Shell\AutoRun\command - "" = I:\ph.exe -- File not found
O33 - MountPoints2\{673efebd-0c52-11df-894c-00304f4aaea2}\Shell\open\Command - "" = I:\ph.exe -- File not found
:Commands
[purity]
[emptytemp]

Wciśnij Run Fix i pokaż raport z czyszczenia oraz nowy log z OTL.

Autor postu otrzymał pochwałę

[Ryuuk]

Kod: Zaznacz wszystko

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5774854e-d2c1-11de-88eb-00304f4aaea2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5774854e-d2c1-11de-88eb-00304f4aaea2}\ not found.
File ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5774854e-d2c1-11de-88eb-00304f4aaea2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5774854e-d2c1-11de-88eb-00304f4aaea2}\ not found.
File ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5774854f-d2c1-11de-88eb-00304f4aaea2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5774854f-d2c1-11de-88eb-00304f4aaea2}\ not found.
File J:\ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5774854f-d2c1-11de-88eb-00304f4aaea2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5774854f-d2c1-11de-88eb-00304f4aaea2}\ not found.
File J:\ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{673efebc-0c52-11df-894c-00304f4aaea2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{673efebc-0c52-11df-894c-00304f4aaea2}\ not found.
File H:\ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{673efebc-0c52-11df-894c-00304f4aaea2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{673efebc-0c52-11df-894c-00304f4aaea2}\ not found.
File H:\ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{673efebd-0c52-11df-894c-00304f4aaea2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{673efebd-0c52-11df-894c-00304f4aaea2}\ not found.
File I:\ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{673efebd-0c52-11df-894c-00304f4aaea2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{673efebd-0c52-11df-894c-00304f4aaea2}\ not found.
File I:\ph.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Mat
->Temp folder emptied: 15421825 bytes
->Temporary Internet Files folder emptied: 6690181 bytes
->Java cache emptied: 39267449 bytes
->FireFox cache emptied: 79360930 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 545280 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 137,00 mb


OTL by OldTimer - Version 3.1.28.0 log created on 02102010_183734

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_7a8.dat moved successfully.

Registry entries deleted on Reboot...


Log po fixie


A co do przeskanowania pliku to jest pewien problem. Odnajduję plik, klikam otwórz, niby zaczyna skanować i.... wyskakuje error, i jest napisane, że pliku nie można odnaleźć ;f

A co do samego problemu, to zauważyłem, że teraz jest już OK. Może to były jednak problemy z netem niezależne ode mnie lecz od admina. Ale sąsiad z góry twierdził, że problemów nie ma ;P

Dzięki wielkie za pomoc.

[NieWiem]

Jak uważasz... Ten Twój atapi jest dla mnie dość podejrzany i obstawiam, że może w nim siedzieć modna ostatnio infekcja.

Ale to Twój komputer, a nie mój

[Ryuuk]

No dobrze, ale mówię Ci, że nie mogę tego przeskanować na tej stronie. Odnajduję ten plik, wrzucam do skanowania nawet coś tam zaczyna skanować i wyskakuje to:



Może mógłbyś podać jakąś alternatywę dla tego skanera?


Hm, spróbowałem przeskanować avastem i oto wynik:


;/

[NieWiem]

• Uruchom ponownie OTL.
• Gdy pojawi sie okno, skonfiguruj go następująco:
  • Zaznacz opcje LOP Check i Purity Check
  • Zaznacz opcje Scan All Users.
  • Upewnij się, że w okienku Extra Registry jest zaznaczone Use Safelist.
• W okienku na dole wklej następujący tekst:
  

  /md5 start
  atapi.sys
  /md5 stop

• Kliknij Run Scan i poczekaj cierpliwie aż program wykona swoje.
• Kiedy skanowanie sie skończy, pojawią sie 2 okna notatnika, zatytułowane OTL.txt i Extras.txt. Będą one zapisane w tym samym miejscu, co aplikacja OTL.
• Skopiuj (Edycja => Zaznacz wszystko, Edycja => Kopiuj) zawartość tych plików i wklej na http://www.wklej.org lub w poście w tagach [code].

[Ryuuk]

Ok, zrobiłem jak prosiłeś

OTL

Kod: Zaznacz wszystko

OTL logfile created on: 2010-02-11 14:40:46 - Run 2
OTL by OldTimer - Version 3.1.28.0     Folder = C:\Documents and Settings\Mat\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 3,28 Gb Free Space | 33,57% Space Free | Partition Type: NTFS
Drive D: | 185,55 Gb Total Space | 151,72 Gb Free Space | 81,77% Space Free | Partition Type: NTFS
Drive E: | 185,55 Gb Total Space | 163,85 Gb Free Space | 88,31% Space Free | Partition Type: NTFS
Drive F: | 84,88 Gb Total Space | 29,76 Gb Free Space | 35,06% Space Free | Partition Type: NTFS
Drive G: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BOND
Current User Name: Mat
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-02-10 12:57:04 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mat\Pulpit\OTL.exe
PRC - [2010-01-07 20:17:18 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-10-11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-10-11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-06-07 13:28:34 | 001,648,640 | ---- | M] () -- E:\Program Files\foobar2000\foobar2000.exe
PRC - [2009-05-30 17:57:36 | 008,272,528 | ---- | M] (Blizzard Entertainment) -- F:\Program Files\hg\Wow.exe
PRC - [2009-05-16 04:15:52 | 000,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009-02-05 13:43:26 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2009-01-17 15:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe
PRC - [2009-01-13 07:37:06 | 018,084,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007-04-30 01:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0420Mon.exe
PRC - [2006-11-16 19:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-11-16 18:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2005-03-08 16:46:06 | 000,299,008 | ---- | M] (PLANET Technology Corp.) -- C:\Program Files\PLANET WL-8314\WLANMON.exe
PRC - [2004-08-03 23:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-10-31 19:42:40 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-02-10 12:57:04 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mat\Pulpit\OTL.exe
MOD - [2009-11-25 00:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008-06-19 13:20:08 | 000,017,408 | ---- | M] () -- C:\Program Files\Tlen.pl\hook.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-10-11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-05-16 04:15:52 | 000,602,112 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-05-15 21:05:00 | 000,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009-02-05 13:43:26 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2006-11-10 19:18:02 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- E:\Program Files\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-10-26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-02-11 13:36:12 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-11-22 01:39:55 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-11-22 01:39:55 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-11-16 23:55:09 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2009-11-16 23:38:01 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-09-15 12:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-09-15 12:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 12:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-05-16 04:58:44 | 004,069,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-04-01 12:28:32 | 000,093,184 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009-01-20 11:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-12-25 10:32:32 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008-10-30 14:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-05-31 09:32:34 | 000,099,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
DRV - [2007-04-16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004-09-01 20:10:32 | 000,253,696 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MRV8335XP.sys -- (W8335XP)
DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2004-08-03 21:59:44 | 000,095,360 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2004-04-30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2001-08-17 22:49:56 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1659004503-115176313-839522115-1003\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-1659004503-115176313-839522115-1003\S-1-5-21-1659004503-115176313-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "allegro.pl"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 0
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-07 20:17:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-07 20:17:20 | 000,000,000 | ---D | M]

[2009-11-09 18:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Extensions
[2009-11-09 18:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Extensions\mozswing@mozswing.org
[2010-02-11 00:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions
[2010-02-10 18:39:12 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010-02-10 12:15:39 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2)
[2009-11-09 18:24:52 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009-11-29 13:23:13 | 000,002,458 | ---- | M] () -- C:\Documents and Settings\Mat\Dane aplikacji\Mozilla\Firefox\Profiles\eg99865m.default\searchplugins\wikicytaty-pl.xml
[2010-02-11 00:37:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-15 20:00:25 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-15 20:00:25 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-07-15 20:00:25 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-07-15 20:00:25 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-07-15 20:00:25 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-07-15 20:00:25 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1659004503-115176313-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\WL-8314 Configuration Utility.lnk = C:\Program Files\PLANET WL-8314\WLANMON.exe (PLANET Technology Corp.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-115176313-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.101.1 194.204.152.34
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-09 17:42:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{825f7551-ee3b-11de-891f-00304f4aaea2}\Shell - "" = AutoRun
O33 - MountPoints2\{825f7551-ee3b-11de-891f-00304f4aaea2}\Shell\AutoRun\command - "" = I:\MafiaLauncher.EXE -- File not found
O33 - MountPoints2\{e8044bf4-d300-11de-88ec-00304f4aaea2}\Shell - "" = AutoRun
O33 - MountPoints2\{e8044bf4-d300-11de-88ec-00304f4aaea2}\Shell\AutoRun\command - "" = H:\autorun.exe -- File not found
O33 - MountPoints2\{e8044bf4-d300-11de-88ec-00304f4aaea2}\Shell\install\command - "" = H:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-02-10 22:24:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security
[2010-02-10 22:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2010-02-10 18:37:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-02-10 12:56:48 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mat\Pulpit\OTL.exe
[2010-02-10 11:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-02-09 18:57:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
[2010-02-09 14:01:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010-02-08 16:20:49 | 000,000,000 | ---D | C] -- e:\Moje dokumenty\C++
[2010-02-04 16:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\Xenocode
[2010-02-04 16:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\gctmp
[2010-02-04 16:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mat\Pulpit\CRACK
[2010-02-02 20:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT
[2010-01-12 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009-11-28 09:56:25 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-11-28 09:56:25 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2009-11-09 17:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-11-09 17:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-11-09 17:42:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-11-09 17:42:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-02-11 13:36:12 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010-02-11 13:36:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-02-11 13:36:05 | 000,178,544 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010-02-11 13:36:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-02-11 01:35:58 | 003,747,840 | ---- | M] () -- C:\Documents and Settings\Mat\ntuser.dat
[2010-02-11 01:35:51 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mat\ntuser.ini
[2010-02-11 00:38:41 | 000,038,877 | ---- | M] () -- C:\Documents and Settings\Mat\Pulpit\adasdasdasdasdasdasdasdasd.JPG
[2010-02-11 00:35:16 | 000,333,541 | ---- | M] () -- C:\Documents and Settings\Mat\Pulpit\asdasdasdasd.jpg
[2010-02-11 00:31:40 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Mat\Pulpit\asdasdasdasd.bmp
[2010-02-11 00:24:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-02-10 12:57:04 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mat\Pulpit\OTL.exe
[2010-02-10 12:47:16 | 000,984,842 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-02-10 12:47:16 | 000,448,334 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-02-10 12:47:16 | 000,392,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-02-10 12:47:16 | 000,074,434 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-02-10 12:47:16 | 000,058,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-02-10 12:42:04 | 004,313,848 | -H-- | M] () -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-10 12:41:29 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-02-10 12:18:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-02-10 12:02:44 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-02-10 12:02:44 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-02-10 12:01:59 | 000,046,985 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-02-10 11:43:49 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010-02-05 15:33:30 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\Mat\Pulpit\bez tytułu.bmp
[2010-02-05 14:43:09 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-01-12 20:50:27 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-02-11 00:38:41 | 000,038,877 | ---- | C] () -- C:\Documents and Settings\Mat\Pulpit\adasdasdasdasdasdasdasdasd.JPG
[2010-02-11 00:35:16 | 000,333,541 | ---- | C] () -- C:\Documents and Settings\Mat\Pulpit\asdasdasdasd.jpg
[2010-02-11 00:31:39 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Mat\Pulpit\asdasdasdasd.bmp
[2010-02-09 14:01:35 | 000,046,985 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-02-09 07:29:38 | 003,747,840 | ---- | C] () -- C:\Documents and Settings\Mat\ntuser.dat
[2010-02-05 15:33:30 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Mat\Pulpit\bez tytułu.bmp
[2010-02-05 14:43:09 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-02-04 16:00:00 | 005,916,303 | ---- | C] () -- C:\Documents and Settings\Mat\Pulpit\GameCam_V22_2_Setup.exe
[2009-11-29 15:46:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-22 01:39:55 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-11-22 01:39:55 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-11-20 14:19:10 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-16 23:38:01 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-11-10 19:34:33 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2009-11-10 17:54:16 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Mat\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-08-03 21:59:44 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-01-18 00:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009-11-09 21:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
[2010-02-10 22:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security
[2009-11-09 18:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
[2009-12-24 16:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Any Video Converter
[2010-01-15 20:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\BESTplayer
[2010-02-10 12:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\BITS
[2010-01-05 22:54:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Dev-Cpp
[2010-02-11 01:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\foobar2000
[2009-12-14 00:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\FreeAudioPack
[2010-01-18 00:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\ipla
[2009-11-09 19:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\IrfanView
[2009-11-20 14:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Leadertech
[2010-01-12 15:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\LimeWire
[2010-02-11 01:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\Tlen.pl
[2010-02-11 01:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mat\Dane aplikacji\uTorrent

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< /md5 start >[/color]

[color=#A23BEC]< atapi.sys >[/color]

[color=#A23BEC]< /md5 stop >[/color]
< End of report >


EXTRAS

Kod: Zaznacz wszystko

OTL Extras logfile created on: 2010-02-11 14:40:46 - Run 2
OTL by OldTimer - Version 3.1.28.0     Folder = C:\Documents and Settings\Mat\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 3,28 Gb Free Space | 33,57% Space Free | Partition Type: NTFS
Drive D: | 185,55 Gb Total Space | 151,72 Gb Free Space | 81,77% Space Free | Partition Type: NTFS
Drive E: | 185,55 Gb Total Space | 163,85 Gb Free Space | 88,31% Space Free | Partition Type: NTFS
Drive F: | 84,88 Gb Total Space | 29,76 Gb Free Space | 35,06% Space Free | Partition Type: NTFS
Drive G: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BOND
Current User Name: Mat
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1659004503-115176313-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "E:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Tlen.pl\tlen.exe" = C:\Program Files\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl -- (o2.pl Sp. z o.o.)
"F:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe" = F:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"F:\Program Files\World of Warcraft\Launcher.exe" = F:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"F:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe" = F:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"F:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = F:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"F:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe" = F:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"F:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = F:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"F:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = F:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"E:\Program Files\uTorrent\uTorrent.exe" = E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01EDE11B-EB21-2701-FF66-AADA744E182B}" = ccc-core-static
"{024715BE-F78D-41F9-901D-49BA6B544BA2}" = CCC Help Turkish
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0205.1
"{0AB4AFD4-476A-3E44-9416-6112708379AE}" = CCC Help Thai
"{14E8D0B1-FB60-A872-73E9-F52C87513F57}" = Catalyst Control Center Graphics Full New
"{19B60660-A1ED-4E40-9121-6E082F4D89DD}" = PLANET WL-8314
"{207EB480-FA5B-B609-F9CD-5F63F243D629}" = ccc-utility
"{262F9FEE-D77E-38B5-61DE-66F5EC7EE03A}" = CCC Help Russian
"{267206F7-2E69-B677-05D6-55EBBB5E4371}" = CCC Help Greek
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{32477761-57AE-4D26-A493-9AA1658B6615}" = ATI AVIVO Codecs
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{44335D10-4726-48EC-5648-3EF042A1B6D8}" = CCC Help Dutch
"{4908C75E-E5E2-43F7-B1DF-023CBA831045}" = Nero 7 Premium
"{49507D91-E5D7-1775-1120-41C70E8B90A5}" = CCC Help Spanish
"{4BDDFD80-871F-1C7D-2C3E-C26F9DBF9AFF}" = CCC Help Portuguese
"{4CECCA9F-E57A-4A9A-EB17-8748BA14CACE}" = CCC Help Hungarian
"{5257E54B-FD62-5880-250F-8E0B78389B56}" = Catalyst Control Center Graphics Light
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{56AEF944-DC3C-6666-1E7A-8ED7C5DFBCF4}" = CCC Help Danish
"{5D309203-37B7-498A-B2CA-838E9FFD562B}" = Ventrilo Mix
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A6B421-C509-86D8-D272-0EDCC32EE7FC}" = Catalyst Control Center Graphics Full Existing
"{6E715460-12AB-5099-C134-8286198B8484}" = CCC Help Norwegian
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{8EAA4E86-5F00-C12A-89F7-0B6E500BF335}" = CCC Help English
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90B1AA2E-6FAC-CDAD-4993-45BD23B6ED8A}" = CCC Help Czech
"{93FCF917-B49C-E998-F2C8-B907FEBDA5C9}" = CCC Help Korean
"{94F55336-14AB-9449-7C40-6326C08F793E}" = ccc-core-preinstall
"{A6CE82F8-3B48-7995-6910-4895C75C02A5}" = CCC Help Finnish
"{A873F7D0-83E1-2E1D-DEAF-D6D8FF8A75F6}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B203EC06-151B-36D7-EBD5-E1FD49398C3E}" = CCC Help German
"{B7FB9063-8386-6DA7-883A-57C8E00495FC}" = CCC Help Swedish
"{B91263B8-012B-928A-AA69-ABCC271A33BD}" = Catalyst Control Center Graphics Previews Common
"{B99F2C0C-244A-4A41-1CF8-878FAEA1E7E3}" = CCC Help Japanese
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C6114354-6063-A72B-F6DB-9920CC8347E6}" = Catalyst Control Center HydraVision Full
"{C67ED8BC-1A34-19F8-5C0F-EB1CCAD54865}" = Catalyst Control Center Core Implementation
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D4B082E3-4026-C93A-9693-6DB10BCE9190}" = CCC Help Polish
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =                             
"{EBE7050B-7988-4BC3-BBFD-5C6828859483}" = Game Cam v1.4
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3CD42A1-DACD-B720-EE07-90171647A1D2}" = CCC Help Italian
"{F66714D7-5775-50C6-AC24-9FF334BC01A6}" = Catalyst Control Center Localization All
"{F86B8D60-D28D-E501-9F7A-B2DEF3BA1687}" = CCC Help Chinese Traditional
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6FD920-4041-6DC0-F8E9-E39F601C0A87}" = CCC Help French
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BadCopy Pro" = BadCopy Pro
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"Creative VF0420" = Creative Live! Cam Vista IM Driver (1.00.03.0000)
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.39
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FlashGet 2.0" = FlashGet 2.0
"Game Cam" = Game Cam 2.2
"HijackThis" = HijackThis 2.0.2
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"ipla" = ipla 2.1.1
"LimeWire" = LimeWire 5.3.6
"Mafia Game" = Mafia Game
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NapiProjekt_is1" = NapiProjekt 1.0.6.7
"RealAlt_is1" = Real Alternative 2.0.1
"uTorrent" = µTorrent
"WinRAR archiver" = Archiwizator WinRAR
"World of Warcraft" = World of Warcraft

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2009-11-10 14:09:56 | Computer Name = BOND | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://clients1.google.pl/complete/search?hl=pl&q=athlon%20ii%20x4%20620%20radeon%20hd%2048&cp=29
failed, 0000A413. 

[ Application Events ]
Error - 2009-12-01 09:39:00 | Computer Name = BOND | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd vsmon.exe, wersja 7.0.302.0, moduł powodujący
błąd imslsp.dll, wersja 7.0.483.0, adres błędu 0x00174e28.

Error - 2009-12-01 09:39:05 | Computer Name = BOND | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd vsmon.exe, wersja 7.0.302.0, moduł powodujący
błąd imslsp.dll, wersja 7.0.483.0, adres błędu 0x00174e28.

Error - 2009-12-01 09:39:07 | Computer Name = BOND | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd vsmon.exe, wersja 7.0.302.0, moduł powodujący
błąd imslsp.dll, wersja 7.0.483.0, adres błędu 0x00174e28.

Error - 2009-12-01 09:39:10 | Computer Name = BOND | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd vsmon.exe, wersja 7.0.302.0, moduł powodujący
błąd imslsp.dll, wersja 7.0.483.0, adres błędu 0x00174e28.

Error - 2009-12-01 09:39:14 | Computer Name = BOND | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd vsmon.exe, wersja 7.0.302.0, moduł powodujący
błąd imslsp.dll, wersja 7.0.483.0, adres błędu 0x00174e28.

Error - 2009-12-01 09:39:17 | Computer Name = BOND | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd vsmon.exe, wersja 7.0.302.0, moduł powodujący
błąd imslsp.dll, wersja 7.0.483.0, adres błędu 0x00174e28.

Error - 2009-12-01 09:39:20 | Computer Name = BOND | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd vsmon.exe, wersja 7.0.302.0, moduł powodujący
błąd imslsp.dll, wersja 7.0.483.0, adres błędu 0x00174e28.

Error - 2009-12-14 17:12:01 | Computer Name = BOND | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd iw4sp.exe, wersja 0.0.0.0, moduł powodujący
błąd iw4sp.exe, wersja 0.0.0.0, adres błędu 0x0027b8e9.

Error - 2009-12-14 17:55:39 | Computer Name = BOND | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iw4sp.exe, wersja 0.0.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2009-12-15 10:35:20 | Computer Name = BOND | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iw4sp.exe, wersja 0.0.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

[ System Events ]
Error - 2010-02-10 07:06:47 | Computer Name = BOND | Source = Service Control Manager | ID = 7001
Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi AFD, której nie można
uruchomić z powodu następującego błędu:   %%31

Error - 2010-02-10 07:06:47 | Computer Name = BOND | Source = Service Control Manager | ID = 7001
Description = Usługa TrueVector Internet Monitor zależy od usługi vsdatant, której
nie można uruchomić z powodu następującego błędu:   %%31

Error - 2010-02-10 07:06:47 | Computer Name = BOND | Source = Service Control Manager | ID = 7001
Description = Usługa Usługi IPSEC zależy od usługi Sterownik IPSEC, której nie można
uruchomić z powodu następującego błędu:   %%31

Error - 2010-02-10 07:06:47 | Computer Name = BOND | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   Aavmker4  AFD  AmdPPM  aswSP  aswTdi  Fips  IPSec  MRxSmb  NetBIOS  NetBT  RasAcd  Rdbss
Tcpip
vsdatant

Error - 2010-02-10 07:07:05 | Computer Name = BOND | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
MDM z argumentami „”  w celu uruchomienia serwera:  {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 2010-02-10 07:07:08 | Computer Name = BOND | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „”  w celu uruchomienia serwera:  {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2010-02-10 07:43:07 | Computer Name = BOND | Source = Service Control Manager | ID = 7023
Description = Usługa Karta wydajności WMI zakończyła działanie; wystąpił następujący
błąd:   %%2147500037

Error - 2010-02-10 13:37:34 | Computer Name = BOND | Source = Service Control Manager | ID = 7034
Description = Usługa Ati HotKey Poller niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2010-02-10 13:37:34 | Computer Name = BOND | Source = Service Control Manager | ID = 7034
Description = Usługa ES lite Service for program management. niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2010-02-10 13:37:34 | Computer Name = BOND | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.


< End of report >


[NieWiem]

Nie wyjaśniło tego, co chciałem

• Przeczytaj uważnie instrukcję programu ComboFix, po czym wyłącz swój program antywirusowy, firewall i inne programy, które mogą zakłócać nawet pobieranie ComboFixa twierdząc, że jest wirusem. Nie jest! Spokojnie go ściągnij i zapisz na pulpicie.
• Pobierz:
  • LINK #1
  • LINK #2
• Pozamykaj wszystkie otwarte okna, komunikatory, programy. ComboFixowi nie powinno sie przeszkadzać.
• Uruchom program z dwukliku (VISTA: prawoklik i 'uruchom jako administrator').
• Pozwól mu spokojnie działać, nie klikaj ani nie stukaj w klawiaturę - to może spwodować zawieszenie się komputera.
• Zalecane jest też instalowanie konsoli odzyskiwania, jeśli ComboFix o nią poprosi. Dzięki niej można odrolować zmiany w przypadku pomyłki narzędzia.
• Jeśli będzie potrzeba - zgódź się na restart.
• Kiedy program skończy, wytworzy loga (będzie on także w pliku C:\ComboFix.txt), którego wklej w odpowiedzi, pamiętając o tagach [code] lub na http://www.wklej.org.

[Ryuuk]

Ok, zaraz to zrobię i dam wyniki w poście ale jeśli można zapytać, to co wirus, który może być w pliku robi? Tzn jakie daje objawy?

EDIT:
Skan wykonany. Po włączeniu combofixa zbuntowal sie ze mam emulatory wirtualnych napędów włączone i zrobił reseta, żeby je powyłączać, po resecie się odpalił przed explorerem i przed podłączeniem do neta więc nie mógł pobrać konsoli odzyskiwania, ale skan zrobił ^^

Kod: Zaznacz wszystko

ComboFix 10-02-10.05 - Mat 2010-02-11  17:12:22.1.4 - x86
Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.3326.2841 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Mat\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100210-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Mat\Dane aplikacji\BITS
c:\documents and settings\Mat\Dane aplikacji\BITS\BITS.ini
c:\documents and settings\Mat\Dane aplikacji\BITS\DHTTable.dat
c:\documents and settings\Mat\Dane aplikacji\BITS\ProxyList.ini
c:\documents and settings\Mat\Dane aplikacji\BITS\UPnP.ini
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\btcore.dll
c:\program files\FlashGet Network\FlashGet universal\btwrap.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.exe
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi
c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt
c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll
c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe
c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll
c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\FGVer.dll
c:\program files\FlashGet Network\FlashGet universal\flashget.exe
c:\program files\FlashGet Network\FlashGet universal\gt.exe
c:\program files\FlashGet Network\FlashGet universal\hashgen.dll
c:\program files\FlashGet Network\FlashGet universal\Help\license.txt
c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt
c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini
c:\program files\FlashGet Network\FlashGet universal\libupnp.dll
c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll
c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\storage.dll
c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\program files\FlashGet Network\FlashGet universal\uninst.exe
c:\program files\FlashGet Network\FlashGet universal\zlib.dll
c:\windows\system32\ieuinit.inf

.
(((((((((((((((((((((((((   Pliki utworzone od 2010-01-11 do 2010-02-11  )))))))))))))))))))))))))))))))
.

2010-02-10 21:24 . 2010-02-10 21:24   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Panda Security
2010-02-10 21:24 . 2010-02-10 21:24   --------   d-----w-   c:\program files\Panda USB Vaccine
2010-02-10 17:37 . 2010-02-10 17:37   --------   d-----w-   C:\_OTL
2010-02-10 11:16 . 2010-02-10 11:16   --------   d-----w-   c:\windows\system32\wbem\Repository
2010-02-09 17:57 . 2010-02-09 17:58   --------   d-----w-   c:\documents and settings\Mat\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
2010-02-09 13:01 . 2010-02-10 11:15   --------   d-----w-   c:\windows\system32\ZoneLabs
2010-02-04 15:18 . 2010-02-04 15:18   --------   d-----w-   c:\documents and settings\Mat\Ustawienia lokalne\Dane aplikacji\Xenocode
2010-02-04 15:01 . 2010-02-05 14:42   --------   d-----w-   c:\documents and settings\Mat\Ustawienia lokalne\Dane aplikacji\gctmp
2010-02-02 19:34 . 2010-02-02 19:34   --------   d-----w-   c:\program files\NAPI-PROJEKT
2010-01-12 19:39 . 2010-01-12 19:54   --------   d-----w-   c:\windows\SxsCaPendDel

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-11 16:11 . 2009-11-09 16:50   16608   ----a-w-   c:\windows\gdrv.sys
2010-02-11 16:03 . 2009-11-09 17:22   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\foobar2000
2010-02-11 00:35 . 2010-01-11 22:35   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\uTorrent
2010-02-11 00:09 . 2009-11-09 17:24   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\Tlen.pl
2010-02-10 11:47 . 2001-10-26 16:15   74434   ----a-w-   c:\windows\system32\perfc015.dat
2010-02-10 11:47 . 2001-10-26 16:15   448334   ----a-w-   c:\windows\system32\perfh015.dat
2010-02-10 10:43 . 2009-11-09 20:11   4212   ---h--w-   c:\windows\system32\zllictbl.dat
2010-02-09 21:00 . 2009-11-29 10:00   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\Ahead
2010-01-17 23:56 . 2009-11-13 22:46   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\ipla
2010-01-17 23:56 . 2009-11-13 22:46   --------   d-----w-   c:\program files\ipla
2010-01-17 23:55 . 2009-11-13 22:46   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\ipla
2010-01-15 19:10 . 2010-01-11 19:32   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\BESTplayer
2010-01-12 19:52 . 2009-11-10 16:53   --------   d-----w-   c:\program files\Combined Community Codec Pack
2010-01-12 14:55 . 2009-11-19 23:08   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\LimeWire
2010-01-11 19:53 . 2010-01-11 19:53   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\DivX
2010-01-06 17:40 . 2009-11-22 22:47   --------   d-----w-   c:\program files\Common Files\Adobe
2010-01-06 14:44 . 2009-11-09 17:05   68456   ----a-w-   c:\documents and settings\Mat\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-01-05 21:54 . 2010-01-05 18:29   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\Dev-Cpp
2010-01-05 14:10 . 2010-01-05 14:07   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2010-01-05 14:10 . 2010-01-05 14:10   --------   d-----w-   c:\program files\Microsoft Works
2010-01-05 14:10 . 2010-01-05 14:10   --------   d-----w-   c:\program files\MSBuild
2010-01-05 14:09 . 2010-01-05 14:09   --------   d-----w-   c:\program files\Microsoft.NET
2010-01-05 14:08 . 2010-01-05 14:08   --------   d-----w-   c:\program files\Microsoft Visual Studio 8
2009-12-31 03:53 . 2009-11-09 17:19   --------   d-----w-   c:\program files\Tlen.pl
2009-12-27 16:14 . 2009-12-12 16:56   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\teamspeak2
2009-12-24 15:34 . 2009-11-09 17:24   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\Any Video Converter
2009-12-21 22:34 . 2009-11-09 16:50   --------   d--h--w-   c:\program files\InstallShield Installation Information
2009-12-13 23:00 . 2009-12-13 23:00   --------   d-----w-   c:\documents and settings\Mat\Dane aplikacji\FreeAudioPack
2009-11-24 23:54 . 2009-11-09 20:08   1280480   ----a-w-   c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-09 20:08   93424   ----a-w-   c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-09 20:08   48560   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-09 20:08   23120   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-09 20:08   27408   ----a-w-   c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-09 20:08   97480   ----a-w-   c:\windows\system32\AvastSS.scr
2009-11-24 16:37 . 2009-11-24 16:37   152576   ----a-w-   c:\documents and settings\Mat\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-24 16:36 . 2009-11-24 16:36   79488   ----a-w-   c:\documents and settings\Mat\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-22 00:39 . 2009-11-22 00:39   271360   ----a-w-   c:\windows\system32\drivers\atksgt.sys
2009-11-22 00:39 . 2009-11-22 00:39   18048   ----a-w-   c:\windows\system32\drivers\lirsgt.sys
2009-11-21 21:47 . 2009-11-21 21:47   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
2009-11-20 19:02 . 2009-11-20 13:19   138184   ----a-w-   c:\windows\system32\drivers\PnkBstrK.sys
2009-11-20 19:02 . 2009-11-20 13:19   183112   ----a-w-   c:\windows\system32\PnkBstrB.exe
2009-11-20 17:03 . 2009-11-20 13:19   66872   ----a-w-   c:\windows\system32\PnkBstrA.exe
2009-11-16 22:55 . 2004-07-17 09:36   163644   ----a-w-   c:\windows\system32\drivers\secdrv.sys
2009-11-16 22:38 . 2009-11-16 22:38   721904   ----a-w-   c:\windows\system32\drivers\sptd.sys
2009-11-14 21:45 . 2009-11-09 16:41   86327   ----a-w-   c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-13 22:46 . 2009-11-13 22:46   1700352   ----a-w-   c:\windows\system32\gdiplus.dll
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-01-13 18084864]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"V0420Mon.exe"="c:\windows\V0420Mon.exe" [2007-04-30 32768]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
WL-8314 Configuration Utility.lnk - c:\program files\PLANET WL-8314\WLANMON.exe [2009-11-9 299008]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Tlen.pl\\tlen.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2009-11-28 5248]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-11-09 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-11-09 20560]
R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [2009-11-09 68136]
S0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2009-11-28 160640]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-11-16 721904]
S3 PciCon;PciCon;\??\g:\pcicon.sys --> g:\PciCon.sys [?]
S3 V0420VID;Live! Cam Vista IM (VF0420);c:\windows\system32\drivers\V0420Vid.sys [2009-11-22 99648]
.
.
------- Skan uzupełniający -------
.
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: Download All by FlashGet - c:\program files\FlashGet\jc_all.htm
IE: Download using FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&ksportuj do programu Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
.
- - - - USUNIĘTO PUSTE WPISY - - - -

AddRemove-FlashGet 2.0 - c:\program files\FlashGet Network\FlashGet universal\uninst.exe
AddRemove-HijackThis - c:\documents and settings\Mat\Pulpit\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-11 17:14
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ... 

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ... 

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(928)
c:\windows\system32\Ati2evxx.dll
.
Czas ukończenia: 2010-02-11  17:14:57
ComboFix-quarantined-files.txt  2010-02-11 16:14

Przed: 3 454 787 584 bajtów wolnych
Po: 3 409 989 632 bajtów wolnych

- - End Of File - - 7FA93B024E1F8C00925D563E0F820C9B


[NieWiem]

Wygląda w porządku a moje obawy okazały się płonne


Usuwanie ComboFixa:

• Start => uruchom => ComboFix /uninstall i enter
• Sprawdź, czy z dysku zniknął folder C:\Qoobox, jeśli nie, to usuń go ręcznie przez Shift + Del.

• Pobierz program OTC
• Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
• Wciśnij przycisk Clean Up!
• Na pytanie "Begin cleanup Process?" wciśnij Yes.
• Jeśli padnie prośba o restart - zgódź się.

• Pobierz program TFC
• Zamknij wszystkie otwarte programy - inaczej TFC zrobi to za Ciebie
• Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
• Kliknij przycisk Start
• Czyszczenie lokalizacji tymczasowych może chwilę potrwać (ale znowu bez przesady), uzbrój się w cierpliwość.
• Jeśli padnie prośba o restart - zgódź się.

Czyszczenie punktów przywracania systemu jest konieczne, ponieważ w backupach Windowsa znajdują się także kopie szkodników.

• Wyłączenie przywracania systemu
  • Na pulpicie => prawoklik na Mój Komputer
  • opcja Właściwości
  • zakładka Przywracanie systemu
  • Zaznaczyć opcję Wyłącz przywracanie systemu
  • Kliknąć Zastosuj, a potem OK.
• Zrestartować komputer!
• Włączanie przywracania systemu
  • Na pulpicie => prawoklik na Mój Komputer
  • opcja Właściwości
  • zakładka Przywracanie systemu
  • Odznaczyć opcję Wyłącz przywracanie systemu
  • Kliknąć Zastosuj, a potem OK.