Windows seciurity alert

[aparat5]

Witam

Przeglądając dziś internet wyskoczyło mi jakieś okienko że niby z windowsa głupi niechcąco nacisłem tak i po chwili net znikł,a pojawił się program Windows Seciurity Alert który powoduje brak neta,nie pozwala uruchomić żadnego programu itp ;/ teraz pisze z innego kompa bo na tamtym neta nie ma,czytałem trochę w necie o tym programie jak go usunąć ale nic szczególnego nie znalazłem,wie ktoś jak się pozbyć tego dziadostwa?

Dzięki wszystkim za pomoc
Pozdro

[lamar]

Zastosuj się do zasad wstawiania logów
obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html

Zobacz jeszcze ten temat - windows-security-alert-antispyware-soft-demo-vp894154.html

Autor postu otrzymał pochwałę

[aparat5]

Ok postaram się zaraz wstawić logi.Narazie zainstalowałem SpyBot oraz Anti-Malware i dałem najdokładniejsze przeszukowanie kompa w znalezieniu trojanów i znalazło kilka trojanów ukrytych które musiałem usunąć,dałem ponowne przeszukanie i nic już nie znalazło trojan windows seciurity alert już się nie włącza,ale teraz jest inny problem pomimo tego że normalnie łącze się z internetem pokazuje niby że jestemn połączony to pomimo tego żadna strona niechce się wczytać wie ktoś może dlaczego?Postaram się wstawić logi.Dzięki za pomoc

Kod: Zaznacz wszystko

OTL logfile created on: 2010-08-07 15:58:13 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = G:\
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,30 Gb Total Space | 0,70 Gb Free Space | 2,37% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 43,69 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive E: | 132,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
Drive G: | 3,76 Gb Total Space | 1,54 Gb Free Space | 40,96% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BARTEK-PC
Current User Name: Bartek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-08-07 15:50:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
PRC - [2010-07-28 15:49:04 | 001,935,656 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2010-07-26 09:39:54 | 003,634,568 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
PRC - [2010-07-21 14:55:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG9\avgemc.exe
PRC - [2010-07-16 10:29:58 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG9\avgtray.exe
PRC - [2010-07-16 10:29:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG9\avgwdsvc.exe
PRC - [2010-07-16 10:29:24 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG9\avgcsrvx.exe
PRC - [2010-07-11 15:40:53 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\Bartek\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010-05-12 22:22:20 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
PRC - [2010-01-28 13:47:44 | 001,737,464 | ---- | M] () -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-08-07 15:50:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
MOD - [2010-05-09 18:50:02 | 000,212,896 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll
MOD - [2008-01-21 03:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008-01-21 03:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2008-01-21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010-07-28 15:49:04 | 001,935,656 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010-07-21 14:55:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010-07-16 10:29:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010-01-28 13:47:44 | 001,737,464 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe -- (BecHelperService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:[b]64bit:[/b] - [2010-07-16 10:29:57 | 000,317,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtdia.sys -- (AvgTdiA)
DRV:[b]64bit:[/b] - [2010-07-16 10:29:25 | 000,269,904 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (AvgLdx64)
DRV:[b]64bit:[/b] - [2010-06-03 11:17:04 | 000,035,536 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (AvgMfx64)
DRV:[b]64bit:[/b] - [2010-03-08 13:46:47 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010-03-08 13:46:46 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010-01-19 12:49:52 | 000,119,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2010-01-19 12:49:52 | 000,119,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2010-01-19 12:49:52 | 000,119,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:[b]64bit:[/b] - [2010-01-19 12:49:52 | 000,011,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:[b]64bit:[/b] - [2009-12-30 12:21:24 | 000,031,800 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2008-05-05 17:41:56 | 000,115,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2008-01-21 03:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2007-06-01 18:37:00 | 001,037,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WG111Tvx.sys -- (WG111T)
DRV:[b]64bit:[/b] - [2006-11-28 21:46:20 | 000,043,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys -- (PCAMp50a64)
DRV:[b]64bit:[/b] - [2006-11-28 21:46:20 | 000,041,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64)
DRV:[b]64bit:[/b] - [2006-10-10 03:09:03 | 000,742,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nvm60x64.sys -- (NVENETFD)
DRV:[b]64bit:[/b] - [2006-09-18 22:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010-06-28 14:13:34 | 000,082,696 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2010-05-15 12:37:28 | 000,045,640 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2010-05-05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm






IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.7
FF - prefs.js..extensions.enabledItems: {42B0B1DA-C777-49D2-878A-6CB018591588}:1.9.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-08-07 15:39:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-08-07 15:39:02 | 000,000,000 | ---D | M]

[2010-08-07 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\mozilla\Extensions
[2010-08-07 15:39:43 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\kfk7awzm.default\extensions
[2010-08-07 15:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\kfk7awzm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-08-07 15:39:43 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\kfk7awzm.default\extensions\staged-xpis
[2010-08-07 15:39:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010-07-23 01:41:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-07-23 01:41:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-07-23 01:41:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-07-23 01:41:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-07-23 01:41:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-07-23 01:41:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-07 10:33:01 | 000,000,671 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programy\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programy\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [a-squared] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [AVG9_TRAY] D:\Programy\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3723006670-1336882742-666809018-1000..\Run: [Jjivudajug] C:\Users\Bartek\AppData\Local\itadajakucuraqil.DLL File not found
O4 - HKU\S-1-5-21-3723006670-1336882742-666809018-1000..\Run: [Ygafeseh] C:\Users\Bartek\AppData\Local\miakshl.DLL File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:[b]64bit:[/b] - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programy\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programy\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:[b]64bit:[/b] - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2eeaff99-5e9a-11df-a8a7-943f78b1f4d0}\Shell - "" = AutoRun
O33 - MountPoints2\{2eeaff99-5e9a-11df-a8a7-943f78b1f4d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{50b5df6f-5e08-11df-a804-b9bf64fc19a1}\Shell - "" = AutoRun
O33 - MountPoints2\{50b5df6f-5e08-11df-a804-b9bf64fc19a1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{5d6aca0f-5e05-11df-af08-d1993e1247d1}\Shell - "" = AutoRun
O33 - MountPoints2\{5d6aca0f-5e05-11df-af08-d1993e1247d1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{7c689544-5e0d-11df-8c54-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7c689544-5e0d-11df-8c54-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{d9a132b6-16eb-11df-bcf5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d9a132b6-16eb-11df-bcf5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O33 - MountPoints2\{d9a132b7-16eb-11df-bcf5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d9a132b7-16eb-11df-bcf5-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-08-07 15:39:37 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Roaming\Mozilla
[2010-08-07 15:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-08-07 14:22:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2010-08-07 14:22:09 | 000,000,000 | ---D | C] -- C:\Users\Bartek\Documents\Anti-Malware
[2010-08-07 12:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010-08-07 12:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010-08-07 11:01:09 | 000,000,000 | ---D | C] -- C:\SDFix
[2010-08-07 09:45:44 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Local\dkdwqnmjl
[2010-08-06 11:07:43 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Local\{42B0B1DA-C777-49D2-878A-6CB018591588}
[2010-07-26 19:42:13 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Local\VS Revo Group
[2010-07-26 19:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010-07-26 19:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010-07-26 19:31:48 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Roaming\GlarySoft
[2010-07-26 19:31:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Absolute Uninstaller
[2010-07-25 12:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[1 C:\Users\Bartek\AppData\Local\*.tmp files -> C:\Users\Bartek\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-08-07 15:57:12 | 001,835,008 | -HS- | M] () -- C:\Users\Bartek\NTUSER.DAT
[2010-08-07 15:49:37 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-08-07 15:49:37 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-08-07 15:45:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3723006670-1336882742-666809018-1000UA.job
[2010-08-07 15:45:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3723006670-1336882742-666809018-1000Core.job
[2010-08-07 15:43:14 | 001,468,980 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-08-07 15:43:14 | 000,661,818 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-08-07 15:43:14 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-08-07 15:43:14 | 000,126,702 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-08-07 15:43:14 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-08-07 15:39:05 | 000,001,738 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-07 15:36:39 | 000,110,822 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010-08-07 15:36:39 | 000,110,822 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010-08-07 15:36:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-08-07 15:35:26 | 000,524,288 | -HS- | M] () -- C:\Users\Bartek\NTUSER.DAT{90580421-5e06-11df-a3cc-8b5f6f0e8ddc}.TMContainer00000000000000000001.regtrans-ms
[2010-08-07 15:35:26 | 000,065,536 | -HS- | M] () -- C:\Users\Bartek\NTUSER.DAT{90580421-5e06-11df-a3cc-8b5f6f0e8ddc}.TM.blf
[2010-08-07 15:35:24 | 002,223,738 | -H-- | M] () -- C:\Users\Bartek\AppData\Local\IconCache.db
[2010-08-07 14:22:26 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010-08-07 14:04:02 | 063,040,759 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010-08-07 10:53:36 | 000,057,856 | ---- | M] () -- C:\Users\Bartek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-07 10:29:27 | 000,237,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-08-07 09:20:09 | 000,000,000 | ---- | M] () -- C:\Users\Bartek\AppData\Local\Graqakecofezip.bin
[2010-08-07 09:20:08 | 000,000,120 | ---- | M] () -- C:\Users\Bartek\AppData\Local\Nwiyijohapuhid.dat
[2010-08-05 22:13:31 | 000,000,197 | ---- | M] () -- C:\Users\Bartek\Desktop\licytacja.rar
[2010-07-25 18:21:09 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\FMM 2.25.lnk
[2010-07-24 23:42:52 | 000,000,024 | ---- | M] () -- C:\Users\Bartek\AppData\Roaming\hwzypv.dat
[2010-07-24 23:42:36 | 000,000,004 | ---- | M] () -- C:\Users\Bartek\AppData\Roaming\avdrn.dat
[2010-07-16 10:29:57 | 000,317,520 | ---- | M] () -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010-07-16 10:29:56 | 000,013,048 | ---- | M] () -- C:\Windows\SysNative\avgrssta.dll
[2010-07-16 10:29:25 | 000,269,904 | ---- | M] () -- C:\Windows\SysNative\drivers\avgldx64.sys
[1 C:\Users\Bartek\AppData\Local\*.tmp files -> C:\Users\Bartek\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-07 15:39:05 | 000,001,738 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-07 14:22:26 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010-08-05 22:13:31 | 000,000,197 | ---- | C] () -- C:\Users\Bartek\Desktop\licytacja.rar
[2010-07-26 19:42:10 | 000,031,800 | ---- | C] () -- C:\Windows\SysNative\drivers\revoflt.sys
[2010-07-24 23:44:34 | 000,000,120 | ---- | C] () -- C:\Users\Bartek\AppData\Local\Nwiyijohapuhid.dat
[2010-07-24 23:44:34 | 000,000,000 | ---- | C] () -- C:\Users\Bartek\AppData\Local\Graqakecofezip.bin
[2010-07-24 23:42:52 | 000,000,024 | ---- | C] () -- C:\Users\Bartek\AppData\Roaming\hwzypv.dat
[2010-07-24 23:42:36 | 000,000,004 | ---- | C] () -- C:\Users\Bartek\AppData\Roaming\avdrn.dat
[2010-07-16 10:29:56 | 000,013,048 | ---- | C] () -- C:\Windows\SysNative\avgrssta.dll
[2010-02-11 12:45:12 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-02-11 12:45:12 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-02-11 12:45:11 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-02-11 12:45:11 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-02-11 12:45:10 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-02-11 12:45:10 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2010-01-19 12:49:54 | 000,466,944 | ---- | C] () -- C:\Windows\SysWow64\RemoveDevice.dll
[2008-01-21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008-01-21 03:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007-07-23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007-07-23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007-07-23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-03-21 00:37:57 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Ashampoo
[2010-05-13 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Birdstep Technology
[2010-05-12 21:53:30 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Bytemobile
[2010-05-26 21:45:02 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\DMCache
[2010-03-08 13:56:44 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Games
[2010-07-26 19:31:48 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\GlarySoft
[2010-06-23 14:27:57 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\HCM Updater
[2010-05-18 11:46:18 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\IDM
[2010-07-21 11:08:23 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Nowe Gadu-Gadu
[2010-03-10 23:29:34 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\OpenFM
[2010-08-07 14:38:45 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Sports Interactive
[2010-08-07 15:35:34 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >


Kod: Zaznacz wszystko

OTL Extras logfile created on: 2010-08-07 15:58:13 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = G:\
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,30 Gb Total Space | 0,70 Gb Free Space | 2,37% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 43,69 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive E: | 132,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
Drive G: | 3,76 Gb Total Space | 1,54 Gb Free Space | 40,96% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BARTEK-PC
Current User Name: Bartek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3723006670-1336882742-666809018-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12B15FF5-40C5-4667-A439-8287ED5E79EB}" = protocol=17 | dir=in | app=d:\gry\football manager 10\fm.exe |
"{4BAEFBE3-A2D8-49C8-88AB-0672D13DC5C3}" = dir=in | app=d:\programy\avg9\avgupd.exe |
"{4EF507E1-A907-4CEA-A80D-F48D8959B376}" = protocol=6 | dir=in | app=d:\gry\fm 2010\fm.exe |
"{AA4199BF-0977-4270-8F6A-B5851C146DB7}" = protocol=17 | dir=in | app=d:\gry\fm 2010\fm.exe |
"{BD81B71D-00E6-4A71-A681-2B9B60B7811A}" = protocol=17 | dir=in | app=d:\gry\fm 2008\fm.exe |
"{D62B18AA-1F2D-4AFA-8960-6FA0E33ACC5A}" = dir=in | app=d:\programy\avg9\avgemc.exe |
"{DA892961-9740-421E-A599-21A57A664608}" = dir=in | app=d:\programy\avg9\avgnsa.exe |
"{E62795CE-A6BF-48E5-BBA3-1D54545EF8AD}" = protocol=6 | dir=in | app=d:\gry\fm 2008\fm.exe |
"{EC60098C-B882-4674-8204-CC675D4F8459}" = protocol=6 | dir=in | app=d:\gry\football manager 10\fm.exe |
"{FB03F143-622D-4F9C-B5F3-A34A71C9FD57}" = protocol=17 | dir=in | app=d:\gry\fm 10\fm.exe |
"{FCE6296F-9864-4611-B1C3-0D6EB9F9B958}" = protocol=6 | dir=in | app=d:\gry\fm 10\fm.exe |
"TCP Query User{0940D0E2-7672-44B0-86C7-CA1926F3FBFD}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{298AC46E-54C8-4C0E-A0F9-9D20A8768B56}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{31DC366C-E338-4FC0-A4AE-70CE2F03D86E}D:\programy\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=d:\programy\nowe gadu-gadu\gg.exe |
"TCP Query User{4A271A2D-C88C-49D1-BDFA-12D41E55B3F0}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{89F46420-0087-411E-8CE7-6A8F8E00F344}D:\programy\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=d:\programy\nowe gadu-gadu\gg.exe |
"TCP Query User{B163C76D-33AA-4A53-B415-10096A84A37A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{598C23CC-B32F-42BD-96DB-60ACE12FA631}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{6A97A32D-7BF0-4FA5-95F8-79E2C3AB8BF1}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{D7EDA944-D54E-493A-AEC0-39640155AF10}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{DC8EEC7C-A665-44A7-867D-83C1E477DD8A}D:\programy\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=d:\programy\nowe gadu-gadu\gg.exe |
"UDP Query User{E061C453-FAC0-4BE2-92C4-B05A204EC389}D:\programy\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=d:\programy\nowe gadu-gadu\gg.exe |
"UDP Query User{E380E697-A214-4761-978F-8DE12A9FDEAB}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.3
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3F64C088-9A45-41B3-8B99-71AFAB720A56}" = Sherlock Holmes kontra Kuba Rozpruwacz
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{51123D42-6B9C-4B93-900C-29F9EC5963C9}" = NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
"{6AC940FC-0A75-49C4-B8D5-BC6D2B67520F}" = FMRTE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A05BE20E-6510-44BC-95ED-6E6D730407D3}" = Vplayer
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{AE86AE81-CD7F-496F-A39F-0210C985E71B}" = FM Modifier 2.25
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"Absolute Uninstaller_is1" = Absolute Uninstaller 2.8.0.636
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo BurnYa! AudioCD 2" = Ashampoo BurnYa! AudioCD 2
"AVG9Uninstall" = AVG Free 9.0
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"CSI - Deadly Intent" = CSI - Deadly Intent
"EA Download Manager" = EA Download Manager
"Easy Music CD Burner" = Easy Music CD Burner
"Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.0
"FIFA MANAGER 10" = FIFA MANAGER 10
"Football Manager 2008" = Football Manager 2008
"Football Manager 2010" = Football Manager 2010
"HD Tune_is1" = HD Tune 2.55
"Internet Download Manager" = Internet Download Manager
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"New Star Soccer 2" = New Star Soccer 2
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"RealAlt_is1" = Real Alternative 2.0.1
"Revo Uninstaller" = Revo Uninstaller 1.89
"web'n'walk Manager" = web'n'walk Manager
"Winamp" = Winamp
"ZTE_1.2059.0.8" = ZTE_1.2059.0.8

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3723006670-1336882742-666809018-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-08-07 06:02:44 | Computer Name = Bartek-PC | Source = EventSystem | ID = 4609
Description =

Error - 2010-08-07 06:03:23 | Computer Name = Bartek-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-08-07 06:50:01 | Computer Name = Bartek-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-08-07 06:55:45 | Computer Name = Bartek-PC | Source = EventSystem | ID = 4609
Description =

Error - 2010-08-07 06:56:03 | Computer Name = Bartek-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-08-07 07:49:27 | Computer Name = Bartek-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-08-07 08:23:03 | Computer Name = Bartek-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-08-07 08:52:20 | Computer Name = Bartek-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-08-07 09:21:03 | Computer Name = Bartek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd SpywareTerminatorSetup.tmp, wersja 51.49.0.0,
sygnatura czasowa 0x2a425e19, moduł powodujący błąd DownLib.dll_unloaded, wersja
0.0.0.0, sygnatura czasowa 0x48e4f62c, kod wyjątku 0xc0000005, przesunięcie błędu
0x028a5751,  identyfikator procesu 0xd54, godzina rozpoczęcia aplikacji 0x01cb36331226a281.

Error - 2010-08-07 10:37:01 | Computer Name = Bartek-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2010-03-11 06:02:19 | Computer Name = Bartek-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-03-11 06:03:47 | Computer Name = Bartek-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2010-03-11 14:33:33 | Computer Name = Bartek-PC | Source = WG111T | ID = 5003
Description = NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter: nie można odnaleźć
karty sieciowej.

Error - 2010-03-11 14:33:51 | Computer Name = Bartek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 19:31:08 na 2010-03-11 było nieoczekiwane.

Error - 2010-03-11 14:34:20 | Computer Name = Bartek-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-03-11 18:29:00 | Computer Name = Bartek-PC | Source = volsnap | ID = 393252
Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie
można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.

Error - 2010-03-12 07:35:37 | Computer Name = Bartek-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-03-13 05:49:06 | Computer Name = Bartek-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-03-13 08:48:49 | Computer Name = Bartek-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-03-13 19:24:23 | Computer Name = Bartek-PC | Source = HTTP | ID = 15016
Description =


< End of report >


[wojtas]

te plik/i :

C:\Windows\SysNative\drivers\revoflt.sys

przeskanuj tu
http://virusscan.jotti.org/
http://www.virustotal.com/

i daj raporty ze skanow

Uruchom OTL i w sekcji własne opcje skanowania / skrypt (Custom Scans/Fixes) wklej:

:OTL
O4 - HKU\S-1-5-21-3723006670-1336882742-666809018-1000..\Run: [Jjivudajug] C:\Users\Bartek\AppData\Local\itadajakucuraqil.DLL File not found
O4 - HKU\S-1-5-21-3723006670-1336882742-666809018-1000..\Run: [Ygafeseh] C:\Users\Bartek\AppData\Local\miakshl.DLL File not found
O33 - MountPoints2\{2eeaff99-5e9a-11df-a8a7-943f78b1f4d0}\Shell - "" = AutoRun
O33 - MountPoints2\{2eeaff99-5e9a-11df-a8a7-943f78b1f4d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{50b5df6f-5e08-11df-a804-b9bf64fc19a1}\Shell - "" = AutoRun
O33 - MountPoints2\{50b5df6f-5e08-11df-a804-b9bf64fc19a1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{5d6aca0f-5e05-11df-af08-d1993e1247d1}\Shell - "" = AutoRun
O33 - MountPoints2\{5d6aca0f-5e05-11df-af08-d1993e1247d1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{7c689544-5e0d-11df-8c54-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7c689544-5e0d-11df-8c54-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{d9a132b6-16eb-11df-bcf5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d9a132b6-16eb-11df-bcf5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O33 - MountPoints2\{d9a132b7-16eb-11df-bcf5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d9a132b7-16eb-11df-bcf5-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found

:Files
C:\Users\Bartek\AppData\Local\dkdwqnmjl
C:\Users\Bartek\AppData\Local\Graqakecofezip.bin
C:\Users\Bartek\AppData\Local\Nwiyijohapuhid.dat
C:\Users\Bartek\AppData\Roaming\hwzypv.dat
C:\Users\Bartek\AppData\Roaming\avdrn.dat

:Commands
[emptytemp]
[emptyflash]
[clearallrestorepoints]

Kliknij wykonaj skrypt (Run Fix). I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia komputera + raport ze skanu pliku + Brakujacy loga z Gmera

[aparat5]

Ok zrobię tak jak mówisz tylko mam 2 pytania,a skanu tego pliku niestety nie mogę zrobić ponieważ pomimo że nie wyskakuje mi nic i według ikonki jestem normalnie połączony z internetem,nie mogę połączyć się z żadną stroną,a piszę ciąglę z innego kompa.A moje 2 pytania to:
-Jak zrobić raport z czyszczenia kompa oraz jak mogę zrobić log z Gmera bo tam pisze że to dla systemu 32 bity ja natomiast mam Viste 64 bity.

[wojtas]

to w takim razie Gmera odpuść , raport z czyszczenia sam wyskoczy, skanu pliku narazie nie rób zrób co możesz i pisz jak sytuacja i daj tez nowe logi

Autor postu otrzymał pochwałę

[aparat5]

Raport z błędów:

Kod: Zaznacz wszystko

========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3723006670-1336882742-666809018-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Jjivudajug not found.
Registry value HKEY_USERS\S-1-5-21-3723006670-1336882742-666809018-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ygafeseh not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2eeaff99-5e9a-11df-a8a7-943f78b1f4d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2eeaff99-5e9a-11df-a8a7-943f78b1f4d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2eeaff99-5e9a-11df-a8a7-943f78b1f4d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2eeaff99-5e9a-11df-a8a7-943f78b1f4d0}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50b5df6f-5e08-11df-a804-b9bf64fc19a1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50b5df6f-5e08-11df-a804-b9bf64fc19a1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50b5df6f-5e08-11df-a804-b9bf64fc19a1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50b5df6f-5e08-11df-a804-b9bf64fc19a1}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d6aca0f-5e05-11df-af08-d1993e1247d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5d6aca0f-5e05-11df-af08-d1993e1247d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d6aca0f-5e05-11df-af08-d1993e1247d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5d6aca0f-5e05-11df-af08-d1993e1247d1}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c689544-5e0d-11df-8c54-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c689544-5e0d-11df-8c54-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c689544-5e0d-11df-8c54-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c689544-5e0d-11df-8c54-806e6f6e6963}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9a132b6-16eb-11df-bcf5-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9a132b6-16eb-11df-bcf5-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9a132b6-16eb-11df-bcf5-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9a132b6-16eb-11df-bcf5-806e6f6e6963}\ not found.
File E:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9a132b7-16eb-11df-bcf5-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9a132b7-16eb-11df-bcf5-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9a132b7-16eb-11df-bcf5-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9a132b7-16eb-11df-bcf5-806e6f6e6963}\ not found.
File F:\autorun.exe not found.
========== FILES ==========
File\Folder C:\Users\Bartek\AppData\Local\dkdwqnmjl not found.
File\Folder C:\Users\Bartek\AppData\Local\Graqakecofezip.bin not found.
File\Folder C:\Users\Bartek\AppData\Local\Nwiyijohapuhid.dat not found.
File\Folder C:\Users\Bartek\AppData\Roaming\hwzypv.dat not found.
File\Folder C:\Users\Bartek\AppData\Roaming\avdrn.dat not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Bartek
->Temp folder emptied: 32121 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: All Users

User: Bartek
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.9.1 log created on 08072010_184514

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XI2HIYU6\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LUIO8QHD\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HN103LF2\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2EXTITY3\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Nowy Log OTL:

Kod: Zaznacz wszystko

OTL logfile created on: 2010-08-07 18:48:35 - Run 3
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Bartek\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 75,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,30 Gb Total Space | 1,02 Gb Free Space | 3,50% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 43,69 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,76 Gb Total Space | 1,54 Gb Free Space | 40,96% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BARTEK-PC
Current User Name: Bartek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-08-07 15:50:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Bartek\Desktop\OTL.exe
PRC - [2010-07-28 15:49:04 | 001,935,656 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2010-07-21 14:55:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG9\avgemc.exe
PRC - [2010-07-16 10:29:58 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG9\avgtray.exe
PRC - [2010-07-16 10:29:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG9\avgwdsvc.exe
PRC - [2010-07-16 10:29:24 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG9\avgcsrvx.exe
PRC - [2010-07-11 15:40:53 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\Bartek\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010-05-12 22:22:20 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
PRC - [2010-01-28 13:47:44 | 001,737,464 | ---- | M] () -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-08-07 15:50:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Bartek\Desktop\OTL.exe
MOD - [2010-05-09 18:50:02 | 000,212,896 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll
MOD - [2008-01-21 03:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008-01-21 03:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2008-01-21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010-07-28 15:49:04 | 001,935,656 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010-07-21 14:55:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010-07-16 10:29:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010-01-28 13:47:44 | 001,737,464 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe -- (BecHelperService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:[b]64bit:[/b] - [2010-07-16 10:29:57 | 000,317,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtdia.sys -- (AvgTdiA)
DRV:[b]64bit:[/b] - [2010-07-16 10:29:25 | 000,269,904 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (AvgLdx64)
DRV:[b]64bit:[/b] - [2010-06-03 11:17:04 | 000,035,536 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (AvgMfx64)
DRV:[b]64bit:[/b] - [2010-03-08 13:46:47 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010-03-08 13:46:46 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010-01-19 12:49:52 | 000,119,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2010-01-19 12:49:52 | 000,119,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2010-01-19 12:49:52 | 000,119,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:[b]64bit:[/b] - [2010-01-19 12:49:52 | 000,011,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:[b]64bit:[/b] - [2009-12-30 12:21:24 | 000,031,800 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2008-05-05 17:41:56 | 000,115,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2008-01-21 03:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2007-06-01 18:37:00 | 001,037,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WG111Tvx.sys -- (WG111T)
DRV:[b]64bit:[/b] - [2006-11-28 21:46:20 | 000,043,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys -- (PCAMp50a64)
DRV:[b]64bit:[/b] - [2006-11-28 21:46:20 | 000,041,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64)
DRV:[b]64bit:[/b] - [2006-10-10 03:09:03 | 000,742,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nvm60x64.sys -- (NVENETFD)
DRV:[b]64bit:[/b] - [2006-09-18 22:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010-06-28 14:13:34 | 000,082,696 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2010-05-15 12:37:28 | 000,045,640 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2010-05-05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm






IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-3723006670-1336882742-666809018-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.7
FF - prefs.js..extensions.enabledItems: {42B0B1DA-C777-49D2-878A-6CB018591588}:1.9.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-08-07 15:39:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-08-07 15:39:02 | 000,000,000 | ---D | M]

[2010-08-07 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\mozilla\Extensions
[2010-08-07 15:39:43 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\kfk7awzm.default\extensions
[2010-08-07 15:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\kfk7awzm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-08-07 15:39:43 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\kfk7awzm.default\extensions\staged-xpis
[2010-08-07 15:39:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010-07-23 01:41:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-07-23 01:41:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-07-23 01:41:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-07-23 01:41:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-07-23 01:41:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-07-23 01:41:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-07 10:33:01 | 000,000,671 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programy\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programy\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [a-squared] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [AVG9_TRAY] D:\Programy\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:[b]64bit:[/b] - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programy\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programy\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:[b]64bit:[/b] - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-08-07 18:36:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-08-07 18:35:25 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Bartek\Desktop\OTL.exe
[2010-08-07 15:39:37 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Roaming\Mozilla
[2010-08-07 15:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-08-07 14:22:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2010-08-07 14:22:09 | 000,000,000 | ---D | C] -- C:\Users\Bartek\Documents\Anti-Malware
[2010-08-07 12:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010-08-07 12:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010-08-07 11:01:09 | 000,000,000 | ---D | C] -- C:\SDFix
[2010-08-06 11:07:43 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Local\{42B0B1DA-C777-49D2-878A-6CB018591588}
[2010-07-26 19:42:13 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Local\VS Revo Group
[2010-07-26 19:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010-07-26 19:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010-07-26 19:31:48 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Roaming\GlarySoft
[2010-07-26 19:31:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Absolute Uninstaller
[2010-07-25 12:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[1 C:\Users\Bartek\AppData\Local\*.tmp files -> C:\Users\Bartek\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-08-07 18:49:50 | 001,835,008 | -HS- | M] () -- C:\Users\Bartek\NTUSER.DAT
[2010-08-07 18:47:38 | 000,110,822 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010-08-07 18:47:38 | 000,110,822 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010-08-07 18:47:21 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-08-07 18:47:21 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-08-07 18:47:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-08-07 18:45:41 | 000,524,288 | -HS- | M] () -- C:\Users\Bartek\NTUSER.DAT{90580421-5e06-11df-a3cc-8b5f6f0e8ddc}.TMContainer00000000000000000001.regtrans-ms
[2010-08-07 18:45:41 | 000,065,536 | -HS- | M] () -- C:\Users\Bartek\NTUSER.DAT{90580421-5e06-11df-a3cc-8b5f6f0e8ddc}.TM.blf
[2010-08-07 18:45:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3723006670-1336882742-666809018-1000UA.job
[2010-08-07 18:44:59 | 001,468,980 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-08-07 18:44:59 | 000,661,818 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-08-07 18:44:59 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-08-07 18:44:59 | 000,126,702 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-08-07 18:44:59 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-08-07 18:36:42 | 002,226,903 | -H-- | M] () -- C:\Users\Bartek\AppData\Local\IconCache.db
[2010-08-07 15:50:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Bartek\Desktop\OTL.exe
[2010-08-07 15:45:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3723006670-1336882742-666809018-1000Core.job
[2010-08-07 15:39:05 | 000,001,738 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-07 14:22:26 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010-08-07 14:04:02 | 063,040,759 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010-08-07 10:53:36 | 000,057,856 | ---- | M] () -- C:\Users\Bartek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-07 10:29:27 | 000,237,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-08-05 22:13:31 | 000,000,197 | ---- | M] () -- C:\Users\Bartek\Desktop\licytacja.rar
[2010-07-25 18:21:09 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\FMM 2.25.lnk
[2010-07-16 10:29:57 | 000,317,520 | ---- | M] () -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010-07-16 10:29:56 | 000,013,048 | ---- | M] () -- C:\Windows\SysNative\avgrssta.dll
[2010-07-16 10:29:25 | 000,269,904 | ---- | M] () -- C:\Windows\SysNative\drivers\avgldx64.sys
[1 C:\Users\Bartek\AppData\Local\*.tmp files -> C:\Users\Bartek\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-07 15:39:05 | 000,001,738 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-07 14:22:26 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010-08-05 22:13:31 | 000,000,197 | ---- | C] () -- C:\Users\Bartek\Desktop\licytacja.rar
[2010-07-26 19:42:10 | 000,031,800 | ---- | C] () -- C:\Windows\SysNative\drivers\revoflt.sys
[2010-07-16 10:29:56 | 000,013,048 | ---- | C] () -- C:\Windows\SysNative\avgrssta.dll
[2010-02-11 12:45:12 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-02-11 12:45:12 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-02-11 12:45:11 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-02-11 12:45:11 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-02-11 12:45:10 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-02-11 12:45:10 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2010-01-19 12:49:54 | 000,466,944 | ---- | C] () -- C:\Windows\SysWow64\RemoveDevice.dll
[2008-01-21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008-01-21 03:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007-07-23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007-07-23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007-07-23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007-07-23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-03-21 00:37:57 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Ashampoo
[2010-05-13 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Birdstep Technology
[2010-05-12 21:53:30 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Bytemobile
[2010-05-26 21:45:02 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\DMCache
[2010-03-08 13:56:44 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Games
[2010-07-26 19:31:48 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\GlarySoft
[2010-06-23 14:27:57 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\HCM Updater
[2010-05-18 11:46:18 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\IDM
[2010-07-21 11:08:23 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Nowe Gadu-Gadu
[2010-03-10 23:29:34 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\OpenFM
[2010-08-07 14:38:45 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Sports Interactive
[2010-08-07 18:45:47 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >


A wiesz może co może być przyczyną nię włączania się stron.Bo ten program Windows Security Alert już się nie włącza,odkąd zrobiłem dokładne skany tymi 2 programami co pisałem wcześniej i usunełem trojany,i choć według ikony sieci jestem połaczony z internetem i mam do niego dostęp żadne strony się nie wczytują.

[lamar]

Zmień dnsy i sprawdź, czy to pomoże
przyspieszenie-internetu-modyfikacja-dnsow-vt84899.html