Restart kompa i bledy ie

**Posty:** 52 · przez **ostry99** 20 Cze 2009, 15:58

Po jakimś czasie komp mi się sam resetuje. Przy włączaniu kompa wyskakuje komunikat "Nieprawidłowy plik BOOT.INI" czy jakoś tak, ciężko się rozczytać bo to wyświetla się przez ułamki sekund. Ponadto wyskakują mi błędy Internet Explorer i często komputer się sam wylogowuje.

Logi z DDS i OTL

Kod: Zaznacz wszystko: DDS (Ver_09-05-14.01) - NTFSx86 Run by Mateusz at 15:42:32,43 on 2009-06-20 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1023.518 [GMT 2:00] ============== Running Processes =============== C:\windows\system32\Ati2evxx.exe C:\windows\system32\svchost -k DcomLaunch svchost.exe C:\windows\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\windows\Explorer.EXE C:\WINDOWS\system32\HPZipm12.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\PROGRA~1\NEOSTR~1\CnxMon.exe C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe C:\Program Files\Gadu-Gadu\gg.exe C:\windows\system32\wscntfy.exe C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe C:\PROGRA~1\NEOSTR~1\ComComp.exe C:\PROGRA~1\NEOSTR~1\Watch.exe C:\Program Files\Opera\Opera.exe C:\windows\TEMP\B8BB.tmp C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Mateusz\Pulpit\dds.pif ============== Pseudo HJT Report =============== uStart Page = hxxp://www.neostrada.pl uWindow Title = Neostrada TP mDefault_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s uURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - c:\program files\asksearch\bin\DefaultSearch.dll uURLSearchHooks: Search Class: {08c06d61-f1f3-4799-86f8-be1a89362c85} - c:\progra~1\neostr~1\SEARCH~1.DLL mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll uRun: [Gadu-Gadu] "c:\program files\gadu-gadu\gg.exe" /tray mRun: [SpeedTouch USB Diagnostics] "c:\program files\thomson\speedtouch usb\Dragdiag.exe" /icon mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s mRun: [WooCnxMon] c:\progra~1\neostr~1\CnxMon.exe mRun: [WOOWATCH] c:\progra~1\neostr~1\Watch.exe mRun: [WOOTASKBARICON] c:\progra~1\neostr~1\TaskbarIcon.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k StartupFolder: c:\docume~1\mateusz\menust~1\programy\autost~1\NEOSTR~1.LNK - StartupFolder: c:\docume~1\mateusz\menust~1\programy\autost~1\NEOSTR~1.LNK - IE: &Winamp Search - c:\documents and settings\all users\dane aplikacji\winamp toolbar\ietoolbar\resources\en-us\local\search.html IE: { - c:\program files\messenger\msmsgs.exe IE: {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\poker\unibetpokermpp\MPPoker.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab TCP: {C9B19DFB-B4D9-4459-832B-5D946728CD7C} = 194.204.159.1 217.98.63.164 Notify: AtiExtEvent - Ati2evxx.dll Notify: crypt - crypts.dll SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\mateusz\daneap~1\mozilla\firefox\profiles\dzgluoj0.default\ FF - prefs.js: browser.search.selectedEngine - Ask FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=13928&l=dis FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npganymedenet.dll ============= SERVICES / DRIVERS =============== RUnknown win32x;win32x; [x] S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-5-29 234888] S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\nbservice.exe --> c:\program files\common files\nero\nero backitup 4\NBService.exe [?] =============== Created Last 30 ================ 2009-06-14 21:26 4,000 a------- C:\ao.dat 2009-06-10 17:26 <DIR> --d----- c:\documents and settings\all users\Dane aplikacji 2009-06-08 09:38 32,768 a------- c:\windows\system32\WooDial2000.dll 2009-06-08 09:38 <DIR> --d----- c:\program files\Neostrada TP 2009-05-29 21:21 <DIR> --d----- c:\program files\AskSearch 2009-05-29 21:21 <DIR> --d----- c:\program files\AskBarDis 2009-05-29 21:20 <DIR> --d----- c:\program files\uTorrent 2009-05-29 21:20 <DIR> --d----- c:\docume~1\mateusz\daneap~1\uTorrent 2009-05-24 18:37 <DIR> --d----- c:\docume~1\mateusz\daneap~1\GanymedeNet 2009-05-24 18:36 <DIR> --d----- c:\program files\Ganymede 2009-05-23 14:22 717 a------- c:\windows\unins000.dat ==================== Find3M ==================== 2009-06-20 15:03 355,486 a------- c:\windows\system32\perfh015.dat 2009-06-20 15:03 49,492 a------- c:\windows\system32\perfc015.dat 2009-04-16 09:42 33,280 a------- c:\windows\system32\crypts.dll 2009-04-16 09:42 18,432 a------- c:\windows\system32\digiwet.dll 2009-04-16 09:42 18,432 a------- c:\documents and settings\mateusz\file.exe 2009-04-11 13:39 119,714 a------- c:\windows\hpoins11.dat 2009-04-04 21:09 21,840 a------- c:\windows\system32\SIntfNT.dll 2009-04-04 21:09 17,212 a------- c:\windows\system32\SIntf32.dll 2009-04-04 21:09 12,067 a------- c:\windows\system32\SIntf16.dll 2009-04-04 19:41 107,888 a------- c:\windows\system32\CmdLineExt.dll 2009-03-26 21:11 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-03-24 12:30 410,984 a------- c:\windows\system32\deploytk.dll 2009-03-23 22:21 5,058 a------- c:\windows\help\hhcolreg.dat 2009-03-23 20:52 21,856 a------- c:\windows\system32\emptyregdb.dat ============= FINISH: 15:42:47,50 ===============

Attach

Kod: Zaznacz wszystko: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-05-14.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2009-03-23 19:57:59 System Uptime: 2009-06-20 14:58:57 (1 hours ago) Motherboard: ECS | | RC410L/800-M Processor: Intel(R) Pentium(R) 4 CPU 3.06GHz | CPU 1 | 3066/133mhz Processor: Intel(R) Pentium(R) 4 CPU 3.06GHz | CPU 1 | 3066/133mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 39 GiB total, 27,349 GiB free. D: is FIXED (NTFS) - 59 GiB total, 56,644 GiB free. E: is FIXED (NTFS) - 49 GiB total, 44,558 GiB free. F: is FIXED (NTFS) - 40 GiB total, 28,099 GiB free. G: is CDROM (UDF) H: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Kontroler magistrali zarządzania systemem Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_21111019&REV_81\3&267A616A&0&A0 Manufacturer: Name: Kontroler magistrali zarządzania systemem PNP Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_21111019&REV_81\3&267A616A&0&A0 Service: ==== System Restore Points =================== RP1: 2009-03-23 20:00:25 - Punkt kontrolny systemu RP2: 2009-03-23 20:11:38 - Installed HPSU306Stub RP3: 2009-03-23 20:20:45 - Zainstalowano: Opera 9.24 RP4: 2009-03-23 20:38:26 - Installed Windows Media Format Runtime RP5: 2009-03-23 20:46:21 - Zainstalowane ATI Catalyst Control Center RP6: 2009-03-23 20:46:54 - Installed ATI Catalyst Registration RP7: 2009-03-23 20:47:09 - Installed World of Warcraft FREE Trial RP8: 2009-03-23 21:08:41 - Zainstalowane Realtek AC'97 Audio RP9: 2009-03-23 21:18:13 - Zainstalowano: Microsoft Office 2000 Premium RP10: 2009-03-24 11:30:41 - Installed Java(TM) 6 Update 12 RP11: 2009-03-25 13:27:03 - Punkt kontrolny systemu RP12: 2009-03-25 17:06:54 - Zainstalowano: Tłumacz Komputerowy - Angielski 2 RP13: 2009-03-25 17:27:01 - Installed Adobe Reader 9 - Polish. RP14: 2009-03-25 17:35:09 - Zainstalowano Windows Installer KB893803v2. RP15: 2009-03-25 17:38:19 - Installed Nero 9 Trial 2.0.0.1 RP16: 2009-03-25 17:38:55 - Zainstalowany program DirectX RP17: 2009-03-26 20:10:05 - Punkt kontrolny systemu RP18: 2009-03-29 13:03:25 - Punkt kontrolny systemu RP19: 2009-03-30 13:09:07 - Punkt kontrolny systemu RP20: 2009-03-31 17:07:18 - Punkt kontrolny systemu RP21: 2009-04-01 20:41:28 - Punkt kontrolny systemu RP22: 2009-04-02 23:22:04 - Punkt kontrolny systemu RP23: 2009-04-04 16:03:05 - Punkt kontrolny systemu RP24: 2009-04-04 19:34:12 - Installed FIFA 08 RP25: 2009-04-06 17:27:58 - Punkt kontrolny systemu RP26: 2009-04-07 21:51:25 - Punkt kontrolny systemu RP27: 2009-04-09 18:17:41 - Punkt kontrolny systemu RP28: 2009-04-10 19:59:15 - Punkt kontrolny systemu RP29: 2009-04-11 19:59:56 - Punkt kontrolny systemu RP30: 2009-04-14 17:52:28 - Punkt kontrolny systemu RP31: 2009-04-16 10:54:02 - Punkt kontrolny systemu RP32: 2009-04-17 20:36:57 - Punkt kontrolny systemu RP33: 2009-04-18 22:01:58 - Punkt kontrolny systemu RP34: 2009-04-20 15:43:16 - Punkt kontrolny systemu RP35: 2009-04-21 16:08:34 - Punkt kontrolny systemu RP36: 2009-04-22 22:18:48 - Punkt kontrolny systemu RP37: 2009-04-24 19:50:08 - Punkt kontrolny systemu RP38: 2009-04-25 20:59:06 - Punkt kontrolny systemu RP39: 2009-04-27 08:24:33 - Punkt kontrolny systemu RP40: 2009-04-28 20:56:00 - Punkt kontrolny systemu RP41: 2009-04-30 17:36:51 - Punkt kontrolny systemu RP42: 2009-05-01 19:46:00 - Punkt kontrolny systemu RP43: 2009-05-06 13:19:57 - Punkt kontrolny systemu RP44: 2009-05-07 18:43:56 - Punkt kontrolny systemu RP45: 2009-05-09 18:45:11 - Punkt kontrolny systemu RP46: 2009-05-12 16:57:51 - Punkt kontrolny systemu RP47: 2009-05-13 18:45:48 - Punkt kontrolny systemu RP48: 2009-05-15 18:09:07 - Punkt kontrolny systemu RP49: 2009-05-17 22:25:53 - Punkt kontrolny systemu RP50: 2009-05-19 12:56:38 - Punkt kontrolny systemu RP51: 2009-05-20 14:57:37 - Punkt kontrolny systemu RP52: 2009-05-21 15:31:16 - Punkt kontrolny systemu RP53: 2009-05-22 19:22:37 - Punkt kontrolny systemu RP54: 2009-05-23 14:23:43 - Removed Nero 9 Trial 2.0.0.1 RP55: 2009-05-25 22:02:29 - Punkt kontrolny systemu RP56: 2009-05-27 17:44:02 - Punkt kontrolny systemu RP57: 2009-05-28 21:02:12 - Punkt kontrolny systemu RP58: 2009-05-30 17:09:36 - Punkt kontrolny systemu RP59: 2009-06-01 19:53:27 - Punkt kontrolny systemu RP60: 2009-06-02 21:03:37 - Punkt kontrolny systemu RP61: 2009-06-03 23:05:12 - Punkt kontrolny systemu RP62: 2009-06-05 21:17:04 - Punkt kontrolny systemu RP63: 2009-06-06 18:01:57 - Zainstalowane CM 03-04 RP64: 2009-06-06 19:17:01 - Zainstalowane CM 03-04 RP65: 2009-06-06 19:22:36 - Zainstalowane CM 03-04 RP66: 2009-06-06 19:22:45 - Zainstalowane CM 03-04 RP67: 2009-06-08 09:38:14 - Neostrada TP RP68: 2009-06-08 09:38:37 - Audience RP69: 2009-06-09 21:05:09 - Punkt kontrolny systemu RP70: 2009-06-10 21:30:46 - Punkt kontrolny systemu RP71: 2009-06-12 14:34:21 - Punkt kontrolny systemu RP72: 2009-06-13 15:15:02 - Punkt kontrolny systemu RP73: 2009-06-14 15:52:03 - Punkt kontrolny systemu RP74: 2009-06-15 21:00:30 - Punkt kontrolny systemu RP75: 2009-06-17 13:26:59 - Punkt kontrolny systemu RP76: 2009-06-18 19:01:12 - Punkt kontrolny systemu RP77: 2009-06-20 02:22:49 - Punkt kontrolny systemu RP78: 2009-06-20 11:05:40 - Removed Adobe Reader 9 - Polish. ==== Installed Programs ====================== 50 FREE MP3s +1 Free Audiobook! ACE Mega CoDecS Pack Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.1 - Polish Adobe Shockwave Player AiO_Scan_CDA AiOSoftwareNPI Archiwizator WinRAR Ask Toolbar ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver µTorrent AutoUpdate BankBrowser BufferChm C3100 c3100_Help Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center HydraVision Full ccc-core-preinstall ccc-core-static ccc-utility CCC Help English CM 03-04 Colin McRae Rally 2 CustomerResearchQFolder Deluxe Ski Jump 2.1 Destinations DeviceManagementQFolder DivX Codec DivX Content Uploader DivX Converter DivX Player DivX Web Player DocProc DocProcQFolder EA SPORTS online 2008 eSupportQFolder Fax_CDA FIFA 08 Gadu-Gadu 7.7 GameDesire-Pool & Snooker HP Customer cenzura! Program 7.0 HP Imaging Device Functions 7.0 HP Photosmart Essential HP Photosmart, Officejet and Deskjet 7.0.A HP Software Update HP Solution Center 7.0 HPPhotoSmartExpress HPProductAssistant ImagXpress InstantShareDevicesMFC Java(TM) 6 Update 12 K-Lite Mega Codec Pack 1.58 MarketResearch Microsoft Office 2000 Premium Microsoft Visual C++ 2005 Redistributable mIRC Mozilla Firefox (3.0.11) Neostrada TP neroxml NewCopy_CDA Niezbędnik CD OCR Software by I.R.I.S 7.0 Opera 9.24 PanoStandAlone ProductContextNPI Readme Realtek AC'97 Audio Scan ScannerCopy Skins SolutionCenter SpeedTouch USB Software Status Tłumacz Komputerowy - Angielski 2 Testy B 2009 Toolbox TrayApp Unibet Poker Unload VirtualCloneDrive WebFldrs XP WebReg Winamp Winamp Toolbar Windows Installer 3.1 (KB893803) Windows Media Format Runtime World of Warcraft FREE Trial Znaki Drogowe ==== End Of File ===========================

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 2009-06-20 15:50:47 - Run 1 OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Mateusz\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,36 Mb Total Physical Memory | 565,94 Mb Available Physical Memory | 55,30% Memory free 2,40 Gb Paging File | 2,07 Gb Available in Paging File | 86,14% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 27,35 Gb Free Space | 70,02% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 56,64 Gb Free Space | 96,67% Space Free | Partition Type: NTFS Drive E: | 48,83 Gb Total Space | 44,56 Gb Free Space | 91,26% Space Free | Partition Type: NTFS Drive F: | 39,82 Gb Total Space | 28,10 Gb Free Space | 70,57% Space Free | Partition Type: NTFS Drive G: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: OSTROWSK-84F016 Current User Name: Mateusz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe PRC - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe PRC - [2009-03-24 12:30:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\windows\Explorer.EXE PRC - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-01-26 12:38:38 | 00,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe PRC - [2009-03-24 12:30:46 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-01-30 00:11:32 | 00,052,392 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe PRC - [2003-10-16 19:07:10 | 00,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe PRC - [2003-10-16 19:07:12 | 00,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe PRC - [2007-11-14 12:54:24 | 02,131,392 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2004-08-04 00:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\wscntfy.exe PRC - [2003-10-16 19:07:12 | 00,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe PRC - [2003-10-16 19:07:10 | 00,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe PRC - [2003-10-16 19:07:12 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe PRC - [2007-10-15 13:12:22 | 00,079,360 | ---- | M] (Opera Software) -- C:\Program Files\Opera\Opera.exe PRC - [2009-06-20 15:19:26 | 00,090,112 | ---- | M] () -- C:\windows\TEMP\B8BB.tmp PRC - [2009-06-13 13:09:48 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-06-20 15:50:40 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-04-02 12:47:04 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade [Auto | Stopped]) SRV - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2009-02-25 16:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2009-03-24 12:30:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - File not found -- -- (Nero BackItUp Scheduler 4.0 [Auto | Stopped]) SRV - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Unknown | Running]) SRV - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - [2003-12-08 12:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\windows\system32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Running]) DRV - [2003-12-08 12:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\windows\system32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Running]) DRV - [2007-01-25 17:37:16 | 04,027,456 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running]) DRV - [2009-02-26 00:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2009-02-17 19:11:30 | 00,024,232 | ---- | M] (Elaborate Bytes AG) -- C:\windows\System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running]) DRV - [2006-04-13 02:04:39 | 00,049,664 | R--- | M] (HP) -- C:\windows\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped]) DRV - [2006-04-13 02:04:39 | 00,016,496 | R--- | M] (HP) -- C:\windows\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped]) DRV - [2006-04-13 02:04:39 | 00,021,568 | ---- | M] (HP) -- C:\windows\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped]) DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\windows\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2004-08-04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\windows\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running]) DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () -- C:\windows\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2001-08-17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\windows\system32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped]) DRV - [2009-03-02 13:41:49 | 00,029,184 | ---- | M] (Elaborate Bytes AG) -- C:\windows\system32\DRIVERS\VClone.sys -- (VClone [On_Demand | Running]) DRV - File not found -- -- (win32x [Unknown | Running]) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll () IE - URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=orange]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Ask" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Ask" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?o=13928&l=dis" FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11 FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-03-24 12:30:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-06-14 15:34:20 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-06-20 11:06:08 | 00,000,000 | ---D | M] [2009-04-03 15:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Extensions [2009-04-03 15:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-06-19 21:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\dzgluoj0.default\extensions [2009-05-29 21:21:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\dzgluoj0.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2009-05-29 21:25:46 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\FireFox\Profiles\dzgluoj0.default\searchplugins\ask.xml [2009-04-03 15:16:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-06-13 13:09:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-06-13 13:09:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-06-13 13:09:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-04-05 13:41:01 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-04-05 13:41:01 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-04-05 13:41:01 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-04-05 13:41:01 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-04-05 13:41:01 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-04-05 13:41:01 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-04-05 13:41:01 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon (THOMSON Telecom Belgium) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s (Elaborate Bytes AG) O4 - HKLM..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe () O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe (France Télécom R&D) O4 - HKLM..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe (France Télécom R&D) O4 - HKCU..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray (Gadu-Gadu S.A.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found O9 - Extra Button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe (Microgaming) O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\Explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe [FILE handle not seen by OS] O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\system32\Ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\crypt: DllName - crypts.dll - C:\windows\system32\crypts.dll () O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O29 - HKLM SecurityProviders - (digiwet.dll) - C:\windows\system32\digiwet.dll () O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{d362576f-17dc-11de-b75b-000e5024e946}\Shell\AutoRun\command - "" = I:\luk1ylq.com -- File not found O33 - MountPoints2\{d362576f-17dc-11de-b75b-000e5024e946}\Shell\open\Command - "" = I:\luk1ylq.com -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009-06-20 15:20:05 | 00,000,000 | ---D | M] [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-06-20 15:50:34 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2009-06-20 15:42:23 | 00,359,893 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\dds.pif [2009-06-20 15:34:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\wimbledon [2009-06-20 11:06:08 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2009-06-20 11:05:56 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe [2009-06-20 11:05:43 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009-06-18 12:46:37 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\kuba.xls [2009-06-16 20:02:40 | 00,048,640 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\ID Partnera.doc [2009-06-16 19:51:35 | 00,768,984 | ---- | C] (DialCom24) -- C:\Documents and Settings\Mateusz\Pulpit\bankbrowser_3_5.exe [2009-06-15 22:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Help [2009-06-14 21:26:14 | 00,004,000 | ---- | C] () -- C:\ao.dat [2009-06-13 23:25:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2009-06-11 16:20:38 | 00,496,592 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\file_utilities_2007-08-03_cm0304_cm-scout_v3.10.zip [2009-06-11 14:02:24 | 00,012,508 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i [2009-06-11 14:02:24 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i.sha [2009-06-11 13:55:12 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG.sha [2009-06-11 13:55:12 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG [2009-06-10 17:26:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2009-06-08 09:40:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\andrzej.ostrowski5@neostrada.pl [2009-06-08 09:38:44 | 00,032,768 | ---- | C] (France Télécom R&D) -- C:\windows\System32\WooDial2000.dll [2009-06-08 09:38:14 | 00,000,000 | ---D | C] -- C:\Program Files\Neostrada TP [2009-06-07 20:03:30 | 00,081,174 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\1e.jpg [2009-06-06 19:23:27 | 00,001,584 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Championship Manager 03-04.lnk [2009-06-04 14:38:59 | 00,000,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\tysiąc (majki).URL [2009-05-29 22:14:39 | 01,536,596 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego_mezczyzni_kochaja_zolzy.pdf [2009-05-29 21:33:56 | 01,073,082 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar [2009-05-29 21:33:56 | 00,000,599 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar.torrent [2009-05-29 21:33:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Downloads [2009-05-29 21:26:53 | 00,001,237 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Sherry_Argov_-_Dlaczego_mezczyzni_kochaja_zolzy_[PL]_[ pdf][Torrenty[1].org].torrent [2009-05-29 21:21:01 | 00,000,000 | ---D | C] -- C:\Program Files\AskSearch [2009-05-29 21:21:01 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis [2009-05-29 21:20:45 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\µTorrent.lnk [2009-05-29 21:20:45 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent [2009-05-29 21:20:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent [2009-05-29 21:20:38 | 00,274,224 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Mateusz\Pulpit\utorrent.exe [2009-05-29 21:18:56 | 01,536,596 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf [2009-05-29 21:18:56 | 00,001,237 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf.torrent [2009-05-28 22:23:01 | 00,002,642 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Maria.rtf [2009-05-25 17:30:46 | 00,106,698 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\przedszkole.jpg [2009-05-24 18:37:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2009-05-24 18:36:47 | 00,000,000 | ---D | C] -- C:\Program Files\Ganymede [2009-05-24 18:36:18 | 00,390,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8(2).exe [2009-05-24 18:36:02 | 00,390,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8.exe [2009-05-23 19:45:05 | 00,007,055 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\d.rtf [2009-05-23 14:22:42 | 00,000,717 | ---- | C] () -- C:\windows\unins000.dat [2009-04-16 09:42:55 | 00,033,280 | ---- | C] () -- C:\windows\System32\crypts.dll [2009-04-16 09:42:50 | 00,018,432 | ---- | C] () -- C:\windows\System32\digiwet.dll [2009-04-04 21:09:21 | 00,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll [2009-04-04 21:09:21 | 00,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll [2009-04-04 21:09:21 | 00,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll [2009-03-25 18:58:28 | 00,000,039 | ---- | C] () -- C:\windows\Irremote.ini [2009-03-24 00:20:22 | 00,594,450 | ---- | C] () -- C:\windows\System32\x264vfw.dll [2009-03-24 00:20:22 | 00,217,088 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2009-03-24 00:20:20 | 00,005,120 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2009-03-24 00:20:20 | 00,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest [2009-03-24 00:18:34 | 00,152,064 | ---- | C] () -- C:\windows\System32\unrar.dll [2009-03-24 00:18:34 | 00,019,968 | ---- | C] () -- C:\windows\System32\cpuinf32.dll [2009-03-24 00:18:32 | 00,856,064 | ---- | C] () -- C:\windows\System32\xvidcore.dll [2009-03-23 22:21:36 | 00,000,427 | ---- | C] () -- C:\windows\ODBC.INI [2009-03-23 22:12:22 | 00,000,169 | ---- | C] () -- C:\windows\RtlRack.ini [2009-03-23 22:08:51 | 00,000,164 | ---- | C] () -- C:\windows\avrack.ini [2009-03-23 22:08:42 | 00,147,456 | ---- | C] () -- C:\windows\System32\RtlCPAPI.dll [2009-03-23 21:10:21 | 00,077,824 | R--- | C] () -- C:\windows\System32\HPZIDS01.dll [2009-03-23 21:03:42 | 00,005,606 | ---- | C] () -- C:\windows\System32\stci.dll [2007-11-30 00:30:28 | 03,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll [2007-11-30 00:28:24 | 00,000,416 | ---- | C] () -- C:\windows\System32\dtu100.dll.manifest [2007-11-30 00:28:24 | 00,000,416 | ---- | C] () -- C:\windows\System32\dpl100.dll.manifest [2007-11-28 23:52:32 | 00,012,288 | ---- | C] () -- C:\windows\System32\DivXWMPExtType.dll [2004-08-04 00:44:00 | 00,081,920 | ---- | C] () -- C:\windows\System32\ieencode.dll [2004-07-17 11:36:38 | 00,027,440 | ---- | C] () -- C:\windows\System32\drivers\secdrv.sys [2001-07-21 22:16:20 | 00,000,628 | ---- | C] () -- C:\windows\win.ini [2001-07-21 22:15:52 | 00,000,231 | ---- | C] () -- C:\windows\system.ini [2001-07-07 04:00:02 | 00,003,234 | ---- | C] () -- C:\windows\System32\HPTCPMON.INI [1999-01-22 18:46:58 | 00,065,536 | ---- | C] () -- C:\windows\System32\MSRTEDIT.DLL [color=orange]========== Files - Modified Within 30 Days ==========[/color] [1 C:\windows\System32\*.tmp files] [3 C:\windows\*.tmp files] [2009-06-20 15:50:40 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2009-06-20 15:42:28 | 00,359,893 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\dds.pif [2009-06-20 15:03:24 | 00,763,990 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2009-06-20 15:03:24 | 00,355,486 | ---- | M] () -- C:\windows\System32\perfh015.dat [2009-06-20 15:03:24 | 00,311,604 | ---- | M] () -- C:\windows\System32\perfh009.dat [2009-06-20 15:03:24 | 00,049,492 | ---- | M] () -- C:\windows\System32\perfc015.dat [2009-06-20 15:03:24 | 00,039,992 | ---- | M] () -- C:\windows\System32\perfc009.dat [2009-06-20 14:59:21 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\desktop.ini [2009-06-20 14:59:20 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2009-06-20 14:59:19 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2009-06-20 11:06:08 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2009-06-20 02:46:25 | 00,004,000 | ---- | M] () -- C:\ao.dat [2009-06-18 14:36:03 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\kuba.xls [2009-06-17 09:41:43 | 00,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl [2009-06-16 20:02:41 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\ID Partnera.doc [2009-06-16 19:51:46 | 00,768,984 | ---- | M] (DialCom24) -- C:\Documents and Settings\Mateusz\Pulpit\bankbrowser_3_5.exe [2009-06-11 16:21:03 | 00,496,592 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\file_utilities_2007-08-03_cm0304_cm-scout_v3.10.zip [2009-06-11 14:03:16 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG [2009-06-11 14:02:40 | 00,012,508 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i [2009-06-11 14:02:24 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i.sha [2009-06-11 13:55:12 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG.sha [2009-06-08 09:38:44 | 00,001,533 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\neostrada tp.lnk [2009-06-07 20:03:31 | 00,081,174 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\1e.jpg [2009-06-07 09:22:52 | 00,116,560 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2009-06-06 19:23:27 | 00,001,584 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Championship Manager 03-04.lnk [2009-06-04 14:38:59 | 00,000,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\tysiąc (majki).URL [2009-05-29 22:25:53 | 01,536,596 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf [2009-05-29 22:24:57 | 01,073,082 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar [2009-05-29 22:15:01 | 01,536,596 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego_mezczyzni_kochaja_zolzy.pdf [2009-05-29 21:33:56 | 00,000,599 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar.torrent [2009-05-29 21:26:55 | 00,001,237 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Sherry_Argov_-_Dlaczego_mezczyzni_kochaja_zolzy_[PL]_[ pdf][Torrenty[1].org].torrent [2009-05-29 21:20:45 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\µTorrent.lnk [2009-05-29 21:20:42 | 00,274,224 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Mateusz\Pulpit\utorrent.exe [2009-05-29 21:18:56 | 00,001,237 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf.torrent [2009-05-28 22:23:02 | 00,002,642 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Maria.rtf [2009-05-28 16:59:08 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-05-25 17:32:10 | 00,106,698 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\przedszkole.jpg [2009-05-24 18:36:18 | 00,390,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8(2).exe [2009-05-24 18:36:06 | 00,390,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8.exe [2009-05-23 19:45:05 | 00,007,055 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\d.rtf [2009-05-23 14:33:32 | 00,000,039 | ---- | M] () -- C:\windows\Irremote.ini [2009-05-23 14:22:43 | 00,000,717 | ---- | M] () -- C:\windows\unins000.dat < End of report >

http://wklej.org/id/109115/

**Posty:** 18165 · przez **wojtas** 20 Cze 2009, 19:48

Wykonaj to co jest podane w tym temacie

Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje

Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt + log z OTL

**Posty:** 52 · przez **ostry99** 20 Cze 2009, 21:08

Kod: Zaznacz wszystko: Rebooting [b]Checking Files [/b]: Trojan Files Found: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temp\utt49A.tmp.exe - Deleted C:\windows\system32\crypts.dll - Deleted Removing Temp Files [b]ADS Check [/b]: [b]Final Check [/b]: catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-20 20:40:30 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\win32x] "Type"=dword:00000001 "Start"=dword:00000003 "ErrorControl"=dword:00000000 "ImagePath"=str(2):"\??\C:\WINDOWS\system32\drivers\win32x.sys" "DisplayName"="win32x" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\win32x\Security] "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\win32x] "Type"=dword:00000001 "Start"=dword:00000003 "ErrorControl"=dword:00000000 "ImagePath"=str(2):"\??\C:\WINDOWS\system32\drivers\win32x.sys" "DisplayName"="win32x" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\win32x\Security] "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,.. scanning hidden registry entries ... scanning hidden files ... C:\windows\system32\dllcache\userinit.exe 25088 bytes executable C:\windows\system32\drivers\win32x.sys 12544 bytes executable C:\windows\system32\userinit.exe 42496 bytes executable C:\windows\system32\win32x.exe 25088 bytes executable scan completed successfully hidden processes: 0 hidden services: 1 hidden files: 4 [b]Remaining Services [/b]: Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [b]Remaining Files [/b]: File Backups: - C:\SDFix\backups\backups.zip [b]Files with Hidden Attributes [/b]: Tue 11 Mar 2008 4,348 A..H. --- "C:\Documents and Settings\Mateusz\Moje dokumenty\Moja muzyka\Kopia zapasowa licencji\drmv1key.bak" Sat 22 Mar 2008 20 A..H. --- "C:\Documents and Settings\Mateusz\Moje dokumenty\Moja muzyka\Kopia zapasowa licencji\drmv1lic.bak" Tue 11 Mar 2008 9,656 A..H. --- "C:\Documents and Settings\Mateusz\Moje dokumenty\Moja muzyka\Kopia zapasowa licencji\drmv2key.bak" [b]Finished![/b]

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 2009-06-20 21:03:33 - Run 2 OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Mateusz\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,36 Mb Total Physical Memory | 640,23 Mb Available Physical Memory | 62,56% Memory free 2,40 Gb Paging File | 2,17 Gb Available in Paging File | 90,09% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 29,17 Gb Free Space | 74,67% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 56,62 Gb Free Space | 96,62% Space Free | Partition Type: NTFS Drive E: | 48,83 Gb Total Space | 44,56 Gb Free Space | 91,26% Space Free | Partition Type: NTFS Drive F: | 39,82 Gb Total Space | 28,10 Gb Free Space | 70,57% Space Free | Partition Type: NTFS Drive G: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: OSTROWSK-84F016 Current User Name: Mateusz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe PRC - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe PRC - [2009-03-24 12:30:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\windows\Explorer.EXE PRC - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 00:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\wscntfy.exe PRC - [2004-01-26 12:38:38 | 00,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe PRC - [2009-03-24 12:30:46 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-01-30 00:11:32 | 00,052,392 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe PRC - [2003-10-16 19:07:10 | 00,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe PRC - [2003-10-16 19:07:12 | 00,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe PRC - [2009-02-27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe PRC - [2007-11-14 12:54:24 | 02,131,392 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2003-10-16 19:07:12 | 00,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe PRC - [2003-10-16 19:07:10 | 00,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe PRC - [2003-10-16 19:07:12 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe PRC - [2009-06-13 13:09:48 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-04-09 02:55:59 | 01,162,752 | ---- | M] (ikari) -- E:\Program Files\ICeQ\Chat.exe PRC - [2009-06-20 15:50:40 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-04-02 12:47:04 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade [Auto | Stopped]) SRV - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2009-02-25 16:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2009-03-24 12:30:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - File not found -- -- (Nero BackItUp Scheduler 4.0 [Auto | Stopped]) SRV - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Unknown | Running]) SRV - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - [2003-12-08 12:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\windows\system32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Running]) DRV - [2003-12-08 12:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\windows\system32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Running]) DRV - [2007-01-25 17:37:16 | 04,027,456 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running]) DRV - [2009-02-26 00:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - File not found -- -- (catchme [On_Demand | Running]) DRV - [2009-02-17 19:11:30 | 00,024,232 | ---- | M] (Elaborate Bytes AG) -- C:\windows\System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running]) DRV - [2006-04-13 02:04:39 | 00,049,664 | R--- | M] (HP) -- C:\windows\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped]) DRV - [2006-04-13 02:04:39 | 00,016,496 | R--- | M] (HP) -- C:\windows\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped]) DRV - [2006-04-13 02:04:39 | 00,021,568 | ---- | M] (HP) -- C:\windows\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped]) DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\windows\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2004-08-04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\windows\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running]) DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () -- C:\windows\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2001-08-17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\windows\system32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped]) DRV - [2009-03-02 13:41:49 | 00,029,184 | ---- | M] (Elaborate Bytes AG) -- C:\windows\system32\DRIVERS\VClone.sys -- (VClone [On_Demand | Running]) DRV - File not found -- -- (win32x [Unknown | Running]) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll () IE - URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=orange]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Ask" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Ask" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?o=13928&l=dis" FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11 FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-03-24 12:30:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-06-14 15:34:20 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-06-20 11:06:08 | 00,000,000 | ---D | M] [2009-04-03 15:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Extensions [2009-04-03 15:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-06-19 21:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\dzgluoj0.default\extensions [2009-05-29 21:21:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\dzgluoj0.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2009-05-29 21:25:46 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\FireFox\Profiles\dzgluoj0.default\searchplugins\ask.xml [2009-04-03 15:16:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-06-13 13:09:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-06-13 13:09:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-06-13 13:09:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-04-05 13:41:01 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-04-05 13:41:01 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-04-05 13:41:01 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-04-05 13:41:01 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-04-05 13:41:01 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-04-05 13:41:01 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-04-05 13:41:01 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (686 bytes) - C:\windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon (THOMSON Telecom Belgium) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s (Elaborate Bytes AG) O4 - HKLM..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe () O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe (France Télécom R&D) O4 - HKLM..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe (France Télécom R&D) O4 - HKCU..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray (Gadu-Gadu S.A.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found O9 - Extra Button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe (Microgaming) O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\Explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe [FILE handle not seen by OS] O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\system32\Ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O29 - HKLM SecurityProviders - (digiwet.dll) - C:\windows\system32\digiwet.dll () O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{d362576f-17dc-11de-b75b-000e5024e946}\Shell\AutoRun\command - "" = I:\luk1ylq.com -- File not found O33 - MountPoints2\{d362576f-17dc-11de-b75b-000e5024e946}\Shell\open\Command - "" = I:\luk1ylq.com -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009-06-20 21:00:00 | 00,000,000 | ---D | M] [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [3 C:\windows\*.tmp files] [2009-06-20 20:26:11 | 00,000,000 | ---D | C] -- C:\windows\ERUNT [2009-06-20 20:18:37 | 00,000,000 | ---D | C] -- C:\SDFix [2009-06-20 20:17:51 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\SDFix.exe [2009-06-20 20:14:07 | 00,055,296 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Seconfig XP.exe [2009-06-20 20:13:41 | 00,038,899 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\SeconfigXP.zip [2009-06-20 20:00:49 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dokumenty\desktop.ini [2009-06-20 20:00:40 | 00,000,000 | -H-D | C] -- C:\windows\$hf_mig$ [2009-06-20 20:00:04 | 02,085,616 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Mateusz\Pulpit\WindowsXP-KB894391-x86-PLK.exe [2009-06-20 19:54:36 | 00,051,232 | ---- | C] (gkweb) -- C:\Documents and Settings\Mateusz\Pulpit\wwdc_[www.programosy.pl].exe [2009-06-20 15:50:34 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2009-06-20 15:42:23 | 00,359,893 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\dds.pif [2009-06-20 15:34:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\wimbledon [2009-06-20 11:06:08 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2009-06-20 11:05:56 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe [2009-06-20 11:05:43 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009-06-18 12:46:37 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\kuba.xls [2009-06-16 20:02:40 | 00,048,640 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\ID Partnera.doc [2009-06-16 19:51:35 | 00,768,984 | ---- | C] (DialCom24) -- C:\Documents and Settings\Mateusz\Pulpit\bankbrowser_3_5.exe [2009-06-15 22:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Help [2009-06-14 21:26:14 | 00,004,000 | ---- | C] () -- C:\ao.dat [2009-06-13 23:25:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2009-06-11 16:20:38 | 00,496,592 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\file_utilities_2007-08-03_cm0304_cm-scout_v3.10.zip [2009-06-11 14:02:24 | 00,012,508 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i [2009-06-11 14:02:24 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i.sha [2009-06-11 13:55:12 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG.sha [2009-06-11 13:55:12 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG [2009-06-10 17:26:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2009-06-08 09:40:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\andrzej.ostrowski5@neostrada.pl [2009-06-08 09:38:44 | 00,032,768 | ---- | C] (France Télécom R&D) -- C:\windows\System32\WooDial2000.dll [2009-06-08 09:38:14 | 00,000,000 | ---D | C] -- C:\Program Files\Neostrada TP [2009-06-07 20:03:30 | 00,081,174 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\1e.jpg [2009-06-06 19:23:27 | 00,001,584 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Championship Manager 03-04.lnk [2009-06-04 14:38:59 | 00,000,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\tysiąc (majki).URL [2009-05-29 22:14:39 | 01,536,596 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego_mezczyzni_kochaja_zolzy.pdf [2009-05-29 21:33:56 | 01,073,082 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar [2009-05-29 21:33:56 | 00,000,599 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar.torrent [2009-05-29 21:33:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Downloads [2009-05-29 21:26:53 | 00,001,237 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Sherry_Argov_-_Dlaczego_mezczyzni_kochaja_zolzy_[PL]_[ pdf][Torrenty[1].org].torrent [2009-05-29 21:21:01 | 00,000,000 | ---D | C] -- C:\Program Files\AskSearch [2009-05-29 21:21:01 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis [2009-05-29 21:20:45 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\µTorrent.lnk [2009-05-29 21:20:45 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent [2009-05-29 21:20:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent [2009-05-29 21:20:38 | 00,274,224 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Mateusz\Pulpit\utorrent.exe [2009-05-29 21:18:56 | 01,536,596 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf [2009-05-29 21:18:56 | 00,001,237 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf.torrent [2009-05-28 22:23:01 | 00,002,642 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Maria.rtf [2009-05-25 17:30:46 | 00,106,698 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\przedszkole.jpg [2009-05-24 18:37:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2009-05-24 18:36:47 | 00,000,000 | ---D | C] -- C:\Program Files\Ganymede [2009-05-24 18:36:18 | 00,390,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8(2).exe [2009-05-24 18:36:02 | 00,390,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8.exe [2009-05-23 19:45:05 | 00,007,055 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\d.rtf [2009-05-23 14:22:42 | 00,000,717 | ---- | C] () -- C:\windows\unins000.dat [2009-04-16 09:42:50 | 00,018,432 | ---- | C] () -- C:\windows\System32\digiwet.dll [2009-04-04 21:09:21 | 00,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll [2009-04-04 21:09:21 | 00,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll [2009-04-04 21:09:21 | 00,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll [2009-03-25 18:58:28 | 00,000,039 | ---- | C] () -- C:\windows\Irremote.ini [2009-03-24 00:20:22 | 00,594,450 | ---- | C] () -- C:\windows\System32\x264vfw.dll [2009-03-24 00:20:22 | 00,217,088 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2009-03-24 00:20:20 | 00,005,120 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2009-03-24 00:20:20 | 00,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest [2009-03-24 00:18:34 | 00,152,064 | ---- | C] () -- C:\windows\System32\unrar.dll [2009-03-24 00:18:34 | 00,019,968 | ---- | C] () -- C:\windows\System32\cpuinf32.dll [2009-03-24 00:18:32 | 00,856,064 | ---- | C] () -- C:\windows\System32\xvidcore.dll [2009-03-23 22:21:36 | 00,000,427 | ---- | C] () -- C:\windows\ODBC.INI [2009-03-23 22:12:22 | 00,000,169 | ---- | C] () -- C:\windows\RtlRack.ini [2009-03-23 22:08:51 | 00,000,164 | ---- | C] () -- C:\windows\avrack.ini [2009-03-23 22:08:42 | 00,147,456 | ---- | C] () -- C:\windows\System32\RtlCPAPI.dll [2009-03-23 21:10:21 | 00,077,824 | R--- | C] () -- C:\windows\System32\HPZIDS01.dll [2009-03-23 21:03:42 | 00,005,606 | ---- | C] () -- C:\windows\System32\stci.dll [2007-11-30 00:30:28 | 03,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll [2007-11-30 00:28:24 | 00,000,416 | ---- | C] () -- C:\windows\System32\dtu100.dll.manifest [2007-11-30 00:28:24 | 00,000,416 | ---- | C] () -- C:\windows\System32\dpl100.dll.manifest [2007-11-28 23:52:32 | 00,012,288 | ---- | C] () -- C:\windows\System32\DivXWMPExtType.dll [2004-08-04 00:44:00 | 00,081,920 | ---- | C] () -- C:\windows\System32\ieencode.dll [2004-07-17 11:36:38 | 00,027,440 | ---- | C] () -- C:\windows\System32\drivers\secdrv.sys [2001-07-21 22:16:20 | 00,000,628 | ---- | C] () -- C:\windows\win.ini [2001-07-21 22:15:52 | 00,000,231 | ---- | C] () -- C:\windows\system.ini [2001-07-07 04:00:02 | 00,003,234 | ---- | C] () -- C:\windows\System32\HPTCPMON.INI [1999-01-22 18:46:58 | 00,065,536 | ---- | C] () -- C:\windows\System32\MSRTEDIT.DLL [color=orange]========== Files - Modified Within 30 Days ==========[/color] [1 C:\windows\System32\*.tmp files] [3 C:\windows\*.tmp files] [2009-06-20 20:40:26 | 00,763,990 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2009-06-20 20:40:26 | 00,355,486 | ---- | M] () -- C:\windows\System32\perfh015.dat [2009-06-20 20:40:26 | 00,311,604 | ---- | M] () -- C:\windows\System32\perfh009.dat [2009-06-20 20:40:26 | 00,049,492 | ---- | M] () -- C:\windows\System32\perfc015.dat [2009-06-20 20:40:26 | 00,039,992 | ---- | M] () -- C:\windows\System32\perfc009.dat [2009-06-20 20:36:22 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\desktop.ini [2009-06-20 20:36:21 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2009-06-20 20:36:20 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2009-06-20 20:32:57 | 00,000,686 | ---- | M] () -- C:\windows\System32\drivers\etc\HOSTS [2009-06-20 20:18:15 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\SDFix.exe [2009-06-20 20:13:42 | 00,038,899 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\SeconfigXP.zip [2009-06-20 20:00:49 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Dokumenty\desktop.ini [2009-06-20 20:00:33 | 02,085,616 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mateusz\Pulpit\WindowsXP-KB894391-x86-PLK.exe [2009-06-20 19:54:36 | 00,051,232 | ---- | M] (gkweb) -- C:\Documents and Settings\Mateusz\Pulpit\wwdc_[www.programosy.pl].exe [2009-06-20 15:50:40 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2009-06-20 15:42:28 | 00,359,893 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\dds.pif [2009-06-20 11:06:08 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2009-06-20 02:46:25 | 00,004,000 | ---- | M] () -- C:\ao.dat [2009-06-18 14:36:03 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\kuba.xls [2009-06-17 09:41:43 | 00,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl [2009-06-16 20:02:41 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\ID Partnera.doc [2009-06-16 19:51:46 | 00,768,984 | ---- | M] (DialCom24) -- C:\Documents and Settings\Mateusz\Pulpit\bankbrowser_3_5.exe [2009-06-11 16:21:03 | 00,496,592 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\file_utilities_2007-08-03_cm0304_cm-scout_v3.10.zip [2009-06-11 14:03:16 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG [2009-06-11 14:02:40 | 00,012,508 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i [2009-06-11 14:02:24 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i.sha [2009-06-11 13:55:12 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG.sha [2009-06-08 09:38:44 | 00,001,533 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\neostrada tp.lnk [2009-06-07 20:03:31 | 00,081,174 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\1e.jpg [2009-06-07 09:22:52 | 00,116,560 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2009-06-06 19:23:27 | 00,001,584 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Championship Manager 03-04.lnk [2009-06-04 14:38:59 | 00,000,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\tysiąc (majki).URL [2009-05-29 22:25:53 | 01,536,596 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf [2009-05-29 22:24:57 | 01,073,082 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar [2009-05-29 22:15:01 | 01,536,596 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego_mezczyzni_kochaja_zolzy.pdf [2009-05-29 21:33:56 | 00,000,599 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar.torrent [2009-05-29 21:26:55 | 00,001,237 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Sherry_Argov_-_Dlaczego_mezczyzni_kochaja_zolzy_[PL]_[ pdf][Torrenty[1].org].torrent [2009-05-29 21:20:45 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\µTorrent.lnk [2009-05-29 21:20:42 | 00,274,224 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Mateusz\Pulpit\utorrent.exe [2009-05-29 21:18:56 | 00,001,237 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf.torrent [2009-05-28 22:23:02 | 00,002,642 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Maria.rtf [2009-05-28 16:59:08 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-05-25 17:32:10 | 00,106,698 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\przedszkole.jpg [2009-05-24 18:36:18 | 00,390,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8(2).exe [2009-05-24 18:36:06 | 00,390,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8.exe [2009-05-23 19:45:05 | 00,007,055 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\d.rtf [2009-05-23 14:33:32 | 00,000,039 | ---- | M] () -- C:\windows\Irremote.ini [2009-05-23 14:22:43 | 00,000,717 | ---- | M] () -- C:\windows\unins000.dat < End of report >

Dzięki za dotychczasową pomoc.
Można jeszcze coś z tym zrobić, żeby procesor mi tak głośno nie chodził? Mam wrażenie, że ciągle jakieś zbędne procesy są uruchomione.

edit: Nadal pojawiają się błędy IE i przy włączaniu kompa jest komunikat "Nieprawidłowy plik BOOT.INI Rozruch z C:/Windows"

**Posty:** 18165 · przez **wojtas** 21 Cze 2009, 12:27

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digiwet.dll) - C:\windows\system32\digiwet.dll ()
O33 - MountPoints2\{d362576f-17dc-11de-b75b-000e5024e946}\Shell\AutoRun\command - "" = I:\luk1ylq.com -- File not found
O33 - MountPoints2\{d362576f-17dc-11de-b75b-000e5024e946}\Shell\open\Command - "" = I:\luk1ylq.com -- File not found

:Files
C:\Program Files\AskSearch
C:\Program Files\AskBarDis
C:\windows\system32\digiwet.dll

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTL z opcją Run Scan. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia kompa

**Posty:** 52 · przez **ostry99** 21 Cze 2009, 14:35

Kod: Zaznacz wszystko: ========== OTL ========== Process explorer.exe killed successfully! Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:digiwet.dll deleted successfully. DllUnregisterServer procedure not found in C:\windows\system32\digiwet.dll C:\windows\system32\digiwet.dll NOT unregistered. C:\windows\system32\digiwet.dll moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d362576f-17dc-11de-b75b-000e5024e946}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d362576f-17dc-11de-b75b-000e5024e946}\ not found. File I:\luk1ylq.com not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d362576f-17dc-11de-b75b-000e5024e946}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d362576f-17dc-11de-b75b-000e5024e946}\ not found. File I:\luk1ylq.com not found. ========== FILES ========== C:\Program Files\AskSearch\bin moved successfully. C:\Program Files\AskSearch moved successfully. C:\Program Files\AskBarDis\bar\Settings moved successfully. C:\Program Files\AskBarDis\bar\History moved successfully. C:\Program Files\AskBarDis\bar\Cache moved successfully. C:\Program Files\AskBarDis\bar\bin moved successfully. C:\Program Files\AskBarDis\bar moved successfully. C:\Program Files\AskBarDis moved successfully. File\Folder C:\windows\system32\digiwet.dll not found. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\"SecurityProviders"|"msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" /E : value set successfully! ========== COMMANDS ========== File delete failed. C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temp\etilqs_9OKNOJLM80bjiYNpHRfB scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\windows\temp\Perflib_Perfdata_650.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. Temp folders emptied. Explorer started successfully OTL by OldTimer - Version 2.1.1.0 log created on 06212009_142720 Files moved on Reboot... File C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temp\etilqs_9OKNOJLM80bjiYNpHRfB not found! File C:\windows\temp\Perflib_Perfdata_650.dat not found! Registry entries deleted on Reboot...

Kod: Zaznacz wszystko: OTL logfile created on: 2009-06-21 14:33:27 - Run 3 OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Mateusz\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,36 Mb Total Physical Memory | 694,00 Mb Available Physical Memory | 67,82% Memory free 2,40 Gb Paging File | 2,19 Gb Available in Paging File | 90,91% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 29,58 Gb Free Space | 75,74% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 56,62 Gb Free Space | 96,62% Space Free | Partition Type: NTFS Drive E: | 48,83 Gb Total Space | 44,56 Gb Free Space | 91,26% Space Free | Partition Type: NTFS Drive F: | 39,82 Gb Total Space | 28,10 Gb Free Space | 70,57% Space Free | Partition Type: NTFS Drive G: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: OSTROWSK-84F016 Current User Name: Mateusz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe PRC - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe PRC - [2009-03-24 12:30:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\windows\Explorer.EXE PRC - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 00:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\wscntfy.exe PRC - [2004-08-04 00:44:26 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\windows\notepad.exe PRC - [2004-01-26 12:38:38 | 00,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe PRC - [2009-03-24 12:30:46 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-01-30 00:11:32 | 00,052,392 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe PRC - [2003-10-16 19:07:10 | 00,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe PRC - [2003-10-16 19:07:12 | 00,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe PRC - [2009-02-27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe PRC - [2007-11-14 12:54:24 | 02,131,392 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2009-06-13 13:09:48 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2003-10-16 19:07:12 | 00,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe PRC - [2003-10-16 19:07:10 | 00,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe PRC - [2003-10-16 19:07:12 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe PRC - [2009-06-20 15:50:40 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - File not found -- -- (ASKUpgrade [Auto | Stopped]) SRV - [2009-02-25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) SRV - [2009-02-25 16:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2009-03-24 12:30:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - File not found -- -- (Nero BackItUp Scheduler 4.0 [Auto | Stopped]) SRV - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Unknown | Running]) SRV - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - [2003-12-08 12:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\windows\system32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Running]) DRV - [2003-12-08 12:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\windows\system32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Running]) DRV - [2007-01-25 17:37:16 | 04,027,456 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running]) DRV - [2009-02-26 00:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2009-02-17 19:11:30 | 00,024,232 | ---- | M] (Elaborate Bytes AG) -- C:\windows\System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running]) DRV - [2006-04-13 02:04:39 | 00,049,664 | R--- | M] (HP) -- C:\windows\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped]) DRV - [2006-04-13 02:04:39 | 00,016,496 | R--- | M] (HP) -- C:\windows\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped]) DRV - [2006-04-13 02:04:39 | 00,021,568 | ---- | M] (HP) -- C:\windows\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped]) DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\windows\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2004-08-04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\windows\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running]) DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () -- C:\windows\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2001-08-17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\windows\system32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped]) DRV - [2009-03-02 13:41:49 | 00,029,184 | ---- | M] (Elaborate Bytes AG) -- C:\windows\system32\DRIVERS\VClone.sys -- (VClone [On_Demand | Running]) DRV - File not found -- -- (win32x [Unknown | Running]) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll () IE - URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=orange]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Ask" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Ask" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?o=13928&l=dis" FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11 FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-03-24 12:30:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-06-14 15:34:20 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-06-20 11:06:08 | 00,000,000 | ---D | M] [2009-04-03 15:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Extensions [2009-04-03 15:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-06-20 23:05:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\dzgluoj0.default\extensions [2009-05-29 21:21:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mozilla\Firefox\Profiles\dzgluoj0.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2009-05-29 21:25:46 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\FireFox\Profiles\dzgluoj0.default\searchplugins\ask.xml [2009-04-03 15:16:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-06-13 13:09:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-06-13 13:09:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-06-13 13:09:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-04-05 13:41:01 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-04-05 13:41:01 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-04-05 13:41:01 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-04-05 13:41:01 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-04-05 13:41:01 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-04-05 13:41:01 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-04-05 13:41:01 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (686 bytes) - C:\windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon (THOMSON Telecom Belgium) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s (Elaborate Bytes AG) O4 - HKLM..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe () O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe (France Télécom R&D) O4 - HKLM..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe (France Télécom R&D) O4 - HKCU..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray (Gadu-Gadu S.A.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found O9 - Extra Button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe (Microgaming) O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\Explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe [FILE handle not seen by OS] O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\system32\Ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009-06-20 21:00:00 | 00,000,000 | ---D | M] [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [3 C:\windows\*.tmp files] [2009-06-21 14:30:21 | 00,000,000 | ---D | C] -- C:\Program Files\AskBardis [2009-06-21 14:27:20 | 00,000,000 | ---D | C] -- C:\_OTL [2009-06-20 20:26:11 | 00,000,000 | ---D | C] -- C:\windows\ERUNT [2009-06-20 20:18:37 | 00,000,000 | ---D | C] -- C:\SDFix [2009-06-20 20:17:51 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\SDFix.exe [2009-06-20 20:14:07 | 00,055,296 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Seconfig XP.exe [2009-06-20 20:13:41 | 00,038,899 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\SeconfigXP.zip [2009-06-20 20:00:49 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dokumenty\desktop.ini [2009-06-20 20:00:40 | 00,000,000 | -H-D | C] -- C:\windows\$hf_mig$ [2009-06-20 20:00:04 | 02,085,616 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Mateusz\Pulpit\WindowsXP-KB894391-x86-PLK.exe [2009-06-20 19:54:36 | 00,051,232 | ---- | C] (gkweb) -- C:\Documents and Settings\Mateusz\Pulpit\wwdc_[www.programosy.pl].exe [2009-06-20 15:50:34 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2009-06-20 15:42:23 | 00,359,893 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\dds.pif [2009-06-20 15:34:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\wimbledon [2009-06-20 11:06:08 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2009-06-20 11:05:56 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe [2009-06-20 11:05:43 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009-06-18 12:46:37 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\kuba.xls [2009-06-16 20:02:40 | 00,048,640 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\ID Partnera.doc [2009-06-16 19:51:35 | 00,768,984 | ---- | C] (DialCom24) -- C:\Documents and Settings\Mateusz\Pulpit\bankbrowser_3_5.exe [2009-06-15 22:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Help [2009-06-14 21:26:14 | 00,004,000 | ---- | C] () -- C:\ao.dat [2009-06-13 23:25:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2009-06-11 16:20:38 | 00,496,592 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\file_utilities_2007-08-03_cm0304_cm-scout_v3.10.zip [2009-06-11 14:02:24 | 00,012,508 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i [2009-06-11 14:02:24 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i.sha [2009-06-11 13:55:12 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG.sha [2009-06-11 13:55:12 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG [2009-06-10 17:26:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2009-06-08 09:40:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\andrzej.ostrowski5@neostrada.pl [2009-06-08 09:38:44 | 00,032,768 | ---- | C] (France Télécom R&D) -- C:\windows\System32\WooDial2000.dll [2009-06-08 09:38:14 | 00,000,000 | ---D | C] -- C:\Program Files\Neostrada TP [2009-06-07 20:03:30 | 00,081,174 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\1e.jpg [2009-06-06 19:23:27 | 00,001,584 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Championship Manager 03-04.lnk [2009-06-04 14:38:59 | 00,000,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\tysiąc (majki).URL [2009-05-29 22:14:39 | 01,536,596 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego_mezczyzni_kochaja_zolzy.pdf [2009-05-29 21:33:56 | 01,073,082 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar [2009-05-29 21:33:56 | 00,000,599 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar.torrent [2009-05-29 21:33:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Downloads [2009-05-29 21:26:53 | 00,001,237 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Sherry_Argov_-_Dlaczego_mezczyzni_kochaja_zolzy_[PL]_[ pdf][Torrenty[1].org].torrent [2009-05-29 21:20:45 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\µTorrent.lnk [2009-05-29 21:20:45 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent [2009-05-29 21:20:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent [2009-05-29 21:20:38 | 00,274,224 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Mateusz\Pulpit\utorrent.exe [2009-05-29 21:18:56 | 01,536,596 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf [2009-05-29 21:18:56 | 00,001,237 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf.torrent [2009-05-28 22:23:01 | 00,002,642 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Maria.rtf [2009-05-25 17:30:46 | 00,106,698 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\przedszkole.jpg [2009-05-24 18:37:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2009-05-24 18:36:47 | 00,000,000 | ---D | C] -- C:\Program Files\Ganymede [2009-05-24 18:36:18 | 00,390,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8(2).exe [2009-05-24 18:36:02 | 00,390,056 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8.exe [2009-05-23 19:45:05 | 00,007,055 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\d.rtf [2009-05-23 14:22:42 | 00,000,717 | ---- | C] () -- C:\windows\unins000.dat [2009-04-04 21:09:21 | 00,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll [2009-04-04 21:09:21 | 00,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll [2009-04-04 21:09:21 | 00,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll [2009-03-25 18:58:28 | 00,000,039 | ---- | C] () -- C:\windows\Irremote.ini [2009-03-24 00:20:22 | 00,594,450 | ---- | C] () -- C:\windows\System32\x264vfw.dll [2009-03-24 00:20:22 | 00,217,088 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2009-03-24 00:20:20 | 00,005,120 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2009-03-24 00:20:20 | 00,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest [2009-03-24 00:18:34 | 00,152,064 | ---- | C] () -- C:\windows\System32\unrar.dll [2009-03-24 00:18:34 | 00,019,968 | ---- | C] () -- C:\windows\System32\cpuinf32.dll [2009-03-24 00:18:32 | 00,856,064 | ---- | C] () -- C:\windows\System32\xvidcore.dll [2009-03-23 22:21:36 | 00,000,427 | ---- | C] () -- C:\windows\ODBC.INI [2009-03-23 22:12:22 | 00,000,169 | ---- | C] () -- C:\windows\RtlRack.ini [2009-03-23 22:08:51 | 00,000,164 | ---- | C] () -- C:\windows\avrack.ini [2009-03-23 22:08:42 | 00,147,456 | ---- | C] () -- C:\windows\System32\RtlCPAPI.dll [2009-03-23 21:10:21 | 00,077,824 | R--- | C] () -- C:\windows\System32\HPZIDS01.dll [2009-03-23 21:03:42 | 00,005,606 | ---- | C] () -- C:\windows\System32\stci.dll [2007-11-30 00:30:28 | 03,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll [2007-11-30 00:28:24 | 00,000,416 | ---- | C] () -- C:\windows\System32\dtu100.dll.manifest [2007-11-30 00:28:24 | 00,000,416 | ---- | C] () -- C:\windows\System32\dpl100.dll.manifest [2007-11-28 23:52:32 | 00,012,288 | ---- | C] () -- C:\windows\System32\DivXWMPExtType.dll [2004-08-04 00:44:00 | 00,081,920 | ---- | C] () -- C:\windows\System32\ieencode.dll [2004-07-17 11:36:38 | 00,027,440 | ---- | C] () -- C:\windows\System32\drivers\secdrv.sys [2001-07-21 22:16:20 | 00,000,628 | ---- | C] () -- C:\windows\win.ini [2001-07-21 22:15:52 | 00,000,231 | ---- | C] () -- C:\windows\system.ini [2001-07-07 04:00:02 | 00,003,234 | ---- | C] () -- C:\windows\System32\HPTCPMON.INI [1999-01-22 18:46:58 | 00,065,536 | ---- | C] () -- C:\windows\System32\MSRTEDIT.DLL [color=orange]========== Files - Modified Within 30 Days ==========[/color] [1 C:\windows\System32\*.tmp files] [3 C:\windows\*.tmp files] [2009-06-21 14:31:23 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\desktop.ini [2009-06-21 14:31:23 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2009-06-21 14:31:21 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2009-06-21 14:21:57 | 00,763,990 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2009-06-21 14:21:57 | 00,355,486 | ---- | M] () -- C:\windows\System32\perfh015.dat [2009-06-21 14:21:57 | 00,311,604 | ---- | M] () -- C:\windows\System32\perfh009.dat [2009-06-21 14:21:57 | 00,049,492 | ---- | M] () -- C:\windows\System32\perfc015.dat [2009-06-21 14:21:57 | 00,039,992 | ---- | M] () -- C:\windows\System32\perfc009.dat [2009-06-20 21:22:52 | 00,004,000 | ---- | M] () -- C:\ao.dat [2009-06-20 20:32:57 | 00,000,686 | ---- | M] () -- C:\windows\System32\drivers\etc\HOSTS [2009-06-20 20:18:15 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\SDFix.exe [2009-06-20 20:13:42 | 00,038,899 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\SeconfigXP.zip [2009-06-20 20:00:49 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Dokumenty\desktop.ini [2009-06-20 20:00:33 | 02,085,616 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mateusz\Pulpit\WindowsXP-KB894391-x86-PLK.exe [2009-06-20 19:54:36 | 00,051,232 | ---- | M] (gkweb) -- C:\Documents and Settings\Mateusz\Pulpit\wwdc_[www.programosy.pl].exe [2009-06-20 15:50:40 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe [2009-06-20 15:42:28 | 00,359,893 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\dds.pif [2009-06-20 11:06:08 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2009-06-18 14:36:03 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\kuba.xls [2009-06-17 09:41:43 | 00,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl [2009-06-16 20:02:41 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\ID Partnera.doc [2009-06-16 19:51:46 | 00,768,984 | ---- | M] (DialCom24) -- C:\Documents and Settings\Mateusz\Pulpit\bankbrowser_3_5.exe [2009-06-11 16:21:03 | 00,496,592 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\file_utilities_2007-08-03_cm0304_cm-scout_v3.10.zip [2009-06-11 14:03:16 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG [2009-06-11 14:02:40 | 00,012,508 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i [2009-06-11 14:02:24 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012i.sha [2009-06-11 13:55:12 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\IMG_0012.JPG.sha [2009-06-08 09:38:44 | 00,001,533 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\neostrada tp.lnk [2009-06-07 20:03:31 | 00,081,174 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\1e.jpg [2009-06-07 09:22:52 | 00,116,560 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2009-06-06 19:23:27 | 00,001,584 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Championship Manager 03-04.lnk [2009-06-04 14:38:59 | 00,000,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\tysiąc (majki).URL [2009-05-29 22:25:53 | 01,536,596 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf [2009-05-29 22:24:57 | 01,073,082 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar [2009-05-29 22:15:01 | 01,536,596 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego_mezczyzni_kochaja_zolzy.pdf [2009-05-29 21:33:56 | 00,000,599 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\paczka 2.rar.torrent [2009-05-29 21:26:55 | 00,001,237 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Sherry_Argov_-_Dlaczego_mezczyzni_kochaja_zolzy_[PL]_[ pdf][Torrenty[1].org].torrent [2009-05-29 21:20:45 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\µTorrent.lnk [2009-05-29 21:20:42 | 00,274,224 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Mateusz\Pulpit\utorrent.exe [2009-05-29 21:18:56 | 00,001,237 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Dlaczego mezczyzni kochaja zolzy.pdf.torrent [2009-05-28 22:23:02 | 00,002,642 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Maria.rtf [2009-05-28 16:59:08 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Nowy Dokument programu Microsoft Word.doc [2009-05-25 17:32:10 | 00,106,698 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\przedszkole.jpg [2009-05-24 18:36:18 | 00,390,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8(2).exe [2009-05-24 18:36:06 | 00,390,056 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\billiards_install_1_0_1_8.exe [2009-05-23 19:45:05 | 00,007,055 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\d.rtf [2009-05-23 14:33:32 | 00,000,039 | ---- | M] () -- C:\windows\Irremote.ini [2009-05-23 14:22:43 | 00,000,717 | ---- | M] () -- C:\windows\unins000.dat < End of report >

**Posty:** 18165 · przez **wojtas** 21 Cze 2009, 15:02

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
4. Wykonaj skan Dr. Web CureIt
5. Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym (skasuj co znajdzie)

Malwarebytes Anti-Malware

**Posty:** 52 · przez **ostry99** 21 Cze 2009, 19:20

Kod: Zaznacz wszystko: -------------------------------------------------------------------------------- RAPORT KASPERSKY ONLINE SCANNER 7.0 niedziela, 21 czerwiec 2009 System operacyjny: Microsoft Windows XP Professional Dodatek Service Pack 2 (build 2600) Wersja Kaspersky Online Scanner: 7.0.26.12 Data ostatniej aktualizacji bazy danych: Sunday, June 21, 2009 16:18:11 Liczba wpisów: 2374281 -------------------------------------------------------------------------------- Ustawienia skanowania: Typ bazy danych użytej do skanowania: rozszerzona Skanuj archiwa: tak Skanuj pocztowe bazy danych: tak Obszar skanowania - Mój komputer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ Statystyki skanowania: Przeskanowanych plików: 77322 Nazwa zagrożenia: 4 Zainfekowanych obiektów: 48 Podejrzanych obiektów: 0 Czas skanowania: 01:56:57 Nazwa pliku / Nazwa zagrożenia / Liczba zagrożeń C:\Documents and Settings\Mateusz\file.exe Zainfekowany: Trojan-Downloader.Win32.Injecter.crf 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA2V01A3.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA2V01SL.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA3JT90E.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA3JT9CE.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA3JT9OE.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA3U94XZ.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA67KXYZ.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA6JKX2N.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA8DE5ZG.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA8XK7WR.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA9DBF7B.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA9JBL4W.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CA9JBLSW.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CACD834N.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CACJ29I5.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CACPY15U.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CACVZ3MW.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAFJTXWE.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAGB5ZUA.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAGTWZCJ.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAI70HO1.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAI7OT0D.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAIBCP41.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAKAN5DO.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CANDPFD3.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAO7ZRAK.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAODQ3S5.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAOJ2XQ5.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAOP2XPQ.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAOVQXGN.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAQ7SPUX.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CARJTLSE.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CASNNNIG.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CATGVMF3.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAUJK9IN.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAWDA9FK.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAWDMXLQ.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAWDYLRW.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAWLKJ83.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAX4ZUJN.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAXDZF7N.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I8IHVPSK\CAYJ0521.exe Zainfekowany: Trojan-Downloader.Win32.Agent.bryu 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\QYN597T3\741l3[1].exe Zainfekowany: Backdoor.Win32.KeyStart.ch 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\QYN597T3\741l3[2].exe Zainfekowany: Backdoor.Win32.KeyStart.ch 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\X5ML969T\741l3[1].exe Zainfekowany: Backdoor.Win32.KeyStart.ch 1 C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\X5ML969T\741l3[2].exe Zainfekowany: Backdoor.Win32.KeyStart.ch 1 F:\PROGRAMY\nowe\BearShareV6pl.exe Zainfekowany: not-a-virus:AdWare.Win32.Mostofate.j 1 Wybrany obszar został przeskanowany.

**Posty:** 18165 · przez **wojtas** 21 Cze 2009, 20:47

C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files

oproznij ten folder