Windows security alert(jak się pozbyć)

**Posty:** 11 · przez **szymon18022005** 26 Lip 2011, 15:27

witam.po uruchomieniu kompa wyskakuje mi disk optimizer z komunikatem 5 error left!PC is in danger . oraz co chwile komunikaty typu critical error(damaged hard drive clusters detected.private data is at risk),(hard drive not found.missing hard drive),(RAM memoryusage 5 is criticaly high.RAM memory failure) i takie tam. używałem malwarebytes znalazł kilka trojanów , usunąłem niestety problem pozostał.poza tym nie czyta płyt , penów(dysk jest uszkodzony i nieczytelny) co z tym fantem zrobić podaje logi.

Kod: Zaznacz wszystko: [code][code][/code]GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-07-26 15:06:14 Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 WDC_WD200EB-00CPF0 rev.06.04G06 Running: sg64y4l4 GMER.exe; Driver: C:\DOCUME~1\Kamila\USTAWI~1\Temp\kftdypob.sys ---- System - GMER 1.0.15 ---- OTL logfile created on: 2011-07-26 15:11:11 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Kamila\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,48 Mb Total Physical Memory | 114,51 Mb Available Physical Memory | 29,86% Memory free 1,46 Gb Paging File | 1,15 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152H:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,26 Gb Total Space | 2,21 Gb Free Space | 26,82% Space Free | Partition Type: NTFS Drive D: | 1,51 Gb Total Space | 1,05 Gb Free Space | 69,44% Space Free | Partition Type: NTFS Drive E: | 8,88 Gb Total Space | 2,55 Gb Free Space | 28,75% Space Free | Partition Type: NTFS Drive H: | 4,01 Gb Total Space | 0,60 Gb Free Space | 14,89% Space Free | Partition Type: FAT32 Drive I: | 1,85 Gb Total Space | 0,05 Gb Free Space | 2,80% Space Free | Partition Type: FAT Computer Name: SERWER | User Name: Kamila | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe PRC - [2011-04-30 11:35:10 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2011-01-15 10:20:14 | 000,382,976 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe PRC - [2011-01-15 10:20:08 | 000,478,720 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe PRC - [2010-06-22 14:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2007-03-23 13:20:52 | 000,227,328 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe PRC - [2006-08-21 01:24:46 | 002,068,527 | ---- | M] () -- C:\Program Files\Free Download Manager\fdm.exe PRC - [2005-11-23 20:19:22 | 000,229,376 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe PRC - [2005-11-23 19:34:50 | 000,315,392 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\vsserv.exe PRC - [2005-10-11 12:28:08 | 000,360,448 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\bdmcon.exe PRC - [2005-08-24 14:43:36 | 000,061,440 | ---- | M] () -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe PRC - [2005-06-02 17:16:48 | 000,069,632 | ---- | M] (Softwin) -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe PRC - [2005-04-06 14:09:42 | 000,033,280 | ---- | M] () -- C:\Program Files\Softwin\BitDefender9\bdswitch.exe PRC - [2005-03-11 18:53:30 | 000,090,112 | ---- | M] (SOFTWIN SRL) -- C:\Program Files\Softwin\BitDefender9\bdoesrv.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2005-11-16 19:18:14 | 000,118,784 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\bdoe.dll MOD - [2005-06-02 17:16:50 | 000,061,440 | ---- | M] (Softwin) -- C:\WINDOWS\system32\xcomm.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (gusvc) SRV - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2005-11-23 20:19:22 | 000,229,376 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe -- (LIVESRV) SRV - [2005-11-23 19:34:50 | 000,315,392 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Program Files\Softwin\BitDefender9\vsserv.exe -- (VSSERV) SRV - [2005-08-24 14:43:36 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe -- (bdss) SRV - [2005-06-02 17:16:48 | 000,069,632 | ---- | M] (Softwin) [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe -- (XCOMM) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2005-10-22 10:06:26 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959) DRV - [2005-07-28 16:42:52 | 000,014,081 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Softwin\BitDefender9\filespy.sys -- (FILESpy) DRV - [2005-06-28 19:46:00 | 000,024,859 | ---- | M] (Windigo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CSRBC01.sys -- (CSRBC01) DRV - [2005-03-22 04:03:04 | 000,032,910 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120) DRV - [2004-09-28 16:18:00 | 000,057,512 | ---- | M] (Windigo Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Btcomm.sys -- (BTCOMM) DRV - [2004-08-04 08:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 08:03:35 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-06-07 18:40:32 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser) DRV - [2004-05-13 14:31:54 | 000,010,479 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Softwin\BitDefender9\regspy.sys -- (REGSpy) DRV - [2004-03-02 10:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys) DRV - [2004-03-02 10:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2003-03-18 11:31:00 | 000,015,876 | ---- | M] (Windigo Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtKrnBdg.sys -- (BTKRNBDG) DRV - [2002-09-29 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2002-09-29 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [2001-08-17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) [2010-01-08 14:59:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamila\Dane aplikacji\Mozilla\Extensions [2007-03-11 20:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamila\Dane aplikacji\Mozilla\Firefox\Profiles\l4c0jcmf.default\extensions O1 HOSTS File: ([2002-09-29 00:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - File not found O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {158A76DA-5B5C-40DB-BCE5-FCDA2FBDF26C} - C:\WINDOWS\system32\hsfcisp.dll () O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found O3 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found O4 - HKLM..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender9\bdmcon.exe (SOFTWIN S.R.L.) O4 - HKLM..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender9\bdoesrv.exe (SOFTWIN SRL) O4 - HKLM..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender9\bdswitch.exe () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [Regedit32] File not found O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [ChomikBox] File not found O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [FCfUcyewLU.exe] C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe () O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [sIBFBKLnsevbHgX] C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe () O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [wuaucldt] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.29 85.255.112.105 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\IrfanView_Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\IrfanView_Wallpaper.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-13 21:36:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005-12-30 16:22:08 | 000,000,133 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-07-26 14:22:50 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe [2011-07-26 13:51:10 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Kamila\Pulpit\SPTDinst-v178-x86.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe [2011-07-26 14:15:31 | 000,000,240 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgX [2011-07-26 14:15:16 | 000,427,520 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll [2011-07-26 14:14:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-07-26 14:14:49 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys [2011-07-26 14:08:32 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\sg64y4l4 GMER.exe [2011-07-26 13:42:10 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Kamila\Pulpit\SPTDinst-v178-x86.exe [2011-07-26 12:32:56 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-25 19:20:59 | 000,000,488 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX [2011-07-22 20:04:35 | 000,061,088 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\swinka-pepa_1.gif [2011-07-20 14:07:04 | 000,016,026 | -HS- | M] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\g6lyf2is3777x0 [2011-07-20 14:07:04 | 000,016,026 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\g6lyf2is3777x0 [2011-07-20 14:05:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-07-12 11:49:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-26 14:08:31 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\sg64y4l4 GMER.exe [2011-07-22 20:05:06 | 000,061,088 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\swinka-pepa_1.gif [2011-07-12 10:54:49 | 000,016,026 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\g6lyf2is3777x0 [2011-07-12 10:54:48 | 000,016,026 | -HS- | C] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\g6lyf2is3777x0 [2011-05-23 18:40:29 | 000,001,104 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2011-04-01 11:41:44 | 000,121,344 | ---- | C] () -- C:\WINDOWS\System32\hsfcisp.dll [2011-01-15 10:44:40 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgXr [2011-01-15 10:44:39 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgX [2011-01-15 10:44:13 | 000,000,488 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX [2011-01-15 10:20:14 | 000,382,976 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe [2011-01-15 10:20:09 | 000,478,720 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe [2011-01-15 10:20:09 | 000,427,520 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll [2010-12-10 12:51:25 | 000,035,842 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe [2010-04-02 19:09:59 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll [2010-02-18 11:00:51 | 000,000,013 | ---- | C] () -- C:\WINDOWS\compedia.ini [2009-07-01 15:48:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\a5e2fab6.sys [2008-09-19 17:08:19 | 000,574,475 | ---- | C] () -- C:\Documents and Settings\Kamila\Dane aplikacji\NMM-MetaData.db [2007-11-11 13:41:39 | 000,000,274 | ---- | C] () -- C:\WINDOWS\CO3_0.INI [2007-06-24 17:56:14 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2007-06-08 19:11:02 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ESICOMMN.DLL [2007-06-08 19:11:01 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\BTSetBootKey.exe [2007-05-23 23:10:08 | 000,000,034 | ---- | C] () -- C:\WINDOWS\winhelp.ini [2007-05-17 17:12:44 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2007-05-16 20:26:19 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2007-05-16 19:46:16 | 000,000,540 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2007-03-04 16:33:40 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2007-03-04 16:33:40 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2007-03-04 16:33:29 | 001,531,904 | ---- | C] () -- C:\WINDOWS\adiras.exe [2007-03-04 16:33:27 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe [2007-03-04 16:33:23 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2007-03-04 16:33:22 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2007-03-04 16:33:20 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2007-03-04 16:33:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2007-02-25 18:57:03 | 000,000,047 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat [2007-02-07 10:13:39 | 000,000,334 | -HS- | C] () -- C:\WINDOWS\System32\mfcee.exe [2007-02-07 10:12:38 | 000,000,370 | -HS- | C] () -- C:\WINDOWS\System32\mdmd.exe [2007-02-04 19:29:42 | 000,076,589 | -HS- | C] () -- C:\WINDOWS\System32\srrvc.exe [2007-02-04 10:03:32 | 000,071,518 | -HS- | C] () -- C:\WINDOWS\System32\mfee.exe [2007-01-21 23:41:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2006-10-12 23:12:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-10-09 13:39:26 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin [2006-10-09 00:22:06 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\getfile.dat [2006-10-08 21:14:58 | 000,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini [2006-10-08 21:12:22 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\adinst32.dll [2006-10-08 12:44:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2006-10-08 12:40:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2006-10-07 18:50:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini [2006-10-07 18:50:03 | 000,000,462 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2006-10-07 18:50:03 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2006-10-07 18:44:29 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf05a.dat [2006-10-07 18:42:15 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2006-09-23 09:03:50 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-09-17 15:11:53 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini [2006-09-14 12:57:35 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-09-13 22:15:57 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006-09-13 22:14:30 | 000,196,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006-09-13 21:41:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006-09-13 21:30:52 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2005-09-02 14:48:40 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\sockspy.dll [2002-12-06 17:37:06 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2002-09-29 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002-09-29 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2002-09-29 00:00:00 | 000,355,830 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2002-09-29 00:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2002-09-29 00:00:00 | 000,311,740 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2002-09-29 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2002-09-29 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2002-09-29 00:00:00 | 000,049,712 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2002-09-29 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2002-09-29 00:00:00 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2002-09-29 00:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2002-09-29 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2002-09-29 00:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2002-09-29 00:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2002-09-29 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2002-03-04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [color=#E56717]========== LOP Check ==========[/color] [2007-03-06 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2010-10-06 13:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2006-10-08 08:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MSScanAppDataDir [2010-10-06 13:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2006-10-08 22:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2006-10-07 18:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2007-03-06 20:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\DataLayer [2011-07-26 15:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Free Download Manager [2006-10-08 23:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Gadu-Gadu [2007-01-29 13:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Kazaa Lite [2007-03-07 10:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Leadertech [2008-09-19 18:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Nokia [2010-10-18 20:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Nokia Multimedia Player [2007-09-09 23:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Opera [2010-10-18 20:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\PC Suite [2007-01-03 23:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\ScanSoft [2010-01-30 19:54:03 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job [2009-11-26 17:08:46 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\NSSstub.job [color=#E56717]========== Purity Check ==========[/color] < End of report > SSDT [code][/code] \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwClose [0xF458C966] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwCreateKey [0xF458C918] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwDeleteKey [0xF458C9D2] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwDeleteValueKey [0xF458CA00] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwEnumerateKey [0xF458CD78] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwEnumerateValueKey [0xF458CDEE]OTL logfile created on: 2011-07-26 15:11:11 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Kamila\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,48 Mb Total Physical Memory | 114,51 Mb Available Physical Memory | 29,86% Memory free 1,46 Gb Paging File | 1,15 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152H:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,26 Gb Total Space | 2,21 Gb Free Space | 26,82% Space Free | Partition Type: NTFS Drive D: | 1,51 Gb Total Space | 1,05 Gb Free Space | 69,44% Space Free | Partition Type: NTFS Drive E: | 8,88 Gb Total Space | 2,55 Gb Free Space | 28,75% Space Free | Partition Type: NTFS Drive H: | 4,01 Gb Total Space | 0,60 Gb Free Space | 14,89% Space Free | Partition Type: FAT32 Drive I: | 1,85 Gb Total Space | 0,05 Gb Free Space | 2,80% Space Free | Partition Type: FAT Computer Name: SERWER | User Name: Kamila | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe PRC - [2011-04-30 11:35:10 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2011-01-15 10:20:14 | 000,382,976 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe PRC - [2011-01-15 10:20:08 | 000,478,720 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe PRC - [2010-06-22 14:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2007-03-23 13:20:52 | 000,227,328 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe PRC - [2006-08-21 01:24:46 | 002,068,527 | ---- | M] () -- C:\Program Files\Free Download Manager\fdm.exe PRC - [2005-11-23 20:19:22 | 000,229,376 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe PRC - [2005-11-23 19:34:50 | 000,315,392 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\vsserv.exe PRC - [2005-10-11 12:28:08 | 000,360,448 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\bdmcon.exe PRC - [2005-08-24 14:43:36 | 000,061,440 | ---- | M] () -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe PRC - [2005-06-02 17:16:48 | 000,069,632 | ---- | M] (Softwin) -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe PRC - [2005-04-06 14:09:42 | 000,033,280 | ---- | M] () -- C:\Program Files\Softwin\BitDefender9\bdswitch.exe PRC - [2005-03-11 18:53:30 | 000,090,112 | ---- | M] (SOFTWIN SRL) -- C:\Program Files\Softwin\BitDefender9\bdoesrv.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2005-11-16 19:18:14 | 000,118,784 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\bdoe.dll MOD - [2005-06-02 17:16:50 | 000,061,440 | ---- | M] (Softwin) -- C:\WINDOWS\system32\xcomm.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (gusvc) SRV - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2005-11-23 20:19:22 | 000,229,376 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe -- (LIVESRV) SRV - [2005-11-23 19:34:50 | 000,315,392 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Program Files\Softwin\BitDefender9\vsserv.exe -- (VSSERV) SRV - [2005-08-24 14:43:36 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe -- (bdss) SRV - [2005-06-02 17:16:48 | 000,069,632 | ---- | M] (Softwin) [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe -- (XCOMM) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2005-10-22 10:06:26 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959) DRV - [2005-07-28 16:42:52 | 000,014,081 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Softwin\BitDefender9\filespy.sys -- (FILESpy) DRV - [2005-06-28 19:46:00 | 000,024,859 | ---- | M] (Windigo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CSRBC01.sys -- (CSRBC01) DRV - [2005-03-22 04:03:04 | 000,032,910 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120) DRV - [2004-09-28 16:18:00 | 000,057,512 | ---- | M] (Windigo Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Btcomm.sys -- (BTCOMM) DRV - [2004-08-04 08:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 08:03:35 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-06-07 18:40:32 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser) DRV - [2004-05-13 14:31:54 | 000,010,479 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Softwin\BitDefender9\regspy.sys -- (REGSpy) DRV - [2004-03-02 10:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys) DRV - [2004-03-02 10:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2003-03-18 11:31:00 | 000,015,876 | ---- | M] (Windigo Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtKrnBdg.sys -- (BTKRNBDG) DRV - [2002-09-29 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2002-09-29 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [2001-08-17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) [2010-01-08 14:59:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamila\Dane aplikacji\Mozilla\Extensions [2007-03-11 20:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamila\Dane aplikacji\Mozilla\Firefox\Profiles\l4c0jcmf.default\extensions O1 HOSTS File: ([2002-09-29 00:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - File not found O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {158A76DA-5B5C-40DB-BCE5-FCDA2FBDF26C} - C:\WINDOWS\system32\hsfcisp.dll () O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found O3 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found O4 - HKLM..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender9\bdmcon.exe (SOFTWIN S.R.L.) O4 - HKLM..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender9\bdoesrv.exe (SOFTWIN SRL) O4 - HKLM..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender9\bdswitch.exe () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [Regedit32] File not found O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [ChomikBox] File not found O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [FCfUcyewLU.exe] C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe () O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [sIBFBKLnsevbHgX] C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe () O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [wuaucldt] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.29 85.255.112.105 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\IrfanView_Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\IrfanView_Wallpaper.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-13 21:36:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005-12-30 16:22:08 | 000,000,133 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-07-26 14:22:50 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe [2011-07-26 13:51:10 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Kamila\Pulpit\SPTDinst-v178-x86.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe [2011-07-26 14:15:31 | 000,000,240 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgX [2011-07-26 14:15:16 | 000,427,520 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll [2011-07-26 14:14:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-07-26 14:14:49 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys [2011-07-26 14:08:32 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\sg64y4l4 GMER.exe [2011-07-26 13:42:10 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Kamila\Pulpit\SPTDinst-v178-x86.exe [2011-07-26 12:32:56 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-25 19:20:59 | 000,000,488 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX [2011-07-22 20:04:35 | 000,061,088 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\swinka-pepa_1.gif [2011-07-20 14:07:04 | 000,016,026 | -HS- | M] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\g6lyf2is3777x0 [2011-07-20 14:07:04 | 000,016,026 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\g6lyf2is3777x0 [2011-07-20 14:05:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-07-12 11:49:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-26 14:08:31 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\sg64y4l4 GMER.exe [2011-07-22 20:05:06 | 000,061,088 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\swinka-pepa_1.gif [2011-07-12 10:54:49 | 000,016,026 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\g6lyf2is3777x0 [2011-07-12 10:54:48 | 000,016,026 | -HS- | C] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\g6lyf2is3777x0 [2011-05-23 18:40:29 | 000,001,104 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2011-04-01 11:41:44 | 000,121,344 | ---- | C] () -- C:\WINDOWS\System32\hsfcisp.dll [2011-01-15 10:44:40 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgXr [2011-01-15 10:44:39 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgX [2011-01-15 10:44:13 | 000,000,488 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX [2011-01-15 10:20:14 | 000,382,976 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe [2011-01-15 10:20:09 | 000,478,720 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe [2011-01-15 10:20:09 | 000,427,520 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll [2010-12-10 12:51:25 | 000,035,842 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe [2010-04-02 19:09:59 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll [2010-02-18 11:00:51 | 000,000,013 | ---- | C] () -- C:\WINDOWS\compedia.ini [2009-07-01 15:48:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\a5e2fab6.sys [2008-09-19 17:08:19 | 000,574,475 | ---- | C] () -- C:\Documents and Settings\Kamila\Dane aplikacji\NMM-MetaData.db [2007-11-11 13:41:39 | 000,000,274 | ---- | C] () -- C:\WINDOWS\CO3_0.INI [2007-06-24 17:56:14 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2007-06-08 19:11:02 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ESICOMMN.DLL [2007-06-08 19:11:01 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\BTSetBootKey.exe [2007-05-23 23:10:08 | 000,000,034 | ---- | C] () -- C:\WINDOWS\winhelp.ini [2007-05-17 17:12:44 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2007-05-16 20:26:19 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2007-05-16 19:46:16 | 000,000,540 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2007-03-04 16:33:40 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2007-03-04 16:33:40 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2007-03-04 16:33:29 | 001,531,904 | ---- | C] () -- C:\WINDOWS\adiras.exe [2007-03-04 16:33:27 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe [2007-03-04 16:33:23 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2007-03-04 16:33:22 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2007-03-04 16:33:20 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2007-03-04 16:33:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2007-02-25 18:57:03 | 000,000,047 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat [2007-02-07 10:13:39 | 000,000,334 | -HS- | C] () -- C:\WINDOWS\System32\mfcee.exe [2007-02-07 10:12:38 | 000,000,370 | -HS- | C] () -- C:\WINDOWS\System32\mdmd.exe [2007-02-04 19:29:42 | 000,076,589 | -HS- | C] () -- C:\WINDOWS\System32\srrvc.exe [2007-02-04 10:03:32 | 000,071,518 | -HS- | C] () -- C:\WINDOWS\System32\mfee.exe [2007-01-21 23:41:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2006-10-12 23:12:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-10-09 13:39:26 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin [2006-10-09 00:22:06 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\getfile.dat [2006-10-08 21:14:58 | 000,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini [2006-10-08 21:12:22 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\adinst32.dll [2006-10-08 12:44:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2006-10-08 12:40:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2006-10-07 18:50:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini [2006-10-07 18:50:03 | 000,000,462 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2006-10-07 18:50:03 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2006-10-07 18:44:29 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf05a.dat [2006-10-07 18:42:15 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2006-09-23 09:03:50 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-09-17 15:11:53 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini [2006-09-14 12:57:35 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-09-13 22:15:57 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006-09-13 22:14:30 | 000,196,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006-09-13 21:41:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006-09-13 21:30:52 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2005-09-02 14:48:40 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\sockspy.dll [2002-12-06 17:37:06 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2002-09-29 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002-09-29 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2002-09-29 00:00:00 | 000,355,830 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2002-09-29 00:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2002-09-29 00:00:00 | 000,311,740 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2002-09-29 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2002-09-29 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2002-09-29 00:00:00 | 000,049,712 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2002-09-29 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2002-09-29 00:00:00 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2002-09-29 00:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2002-09-29 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2002-09-29 00:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2002-09-29 00:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2002-09-29 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2002-03-04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [color=#E56717]========== LOP Check ==========[/color] [2007-03-06 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2010-10-06 13:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2006-10-08 08:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MSScanAppDataDir [2010-10-06 13:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2006-10-08 22:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2006-10-07 18:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2007-03-06 20:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\DataLayer [2011-07-26 15:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Free Download Manager [2006-10-08 23:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Gadu-Gadu [2007-01-29 13:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Kazaa Lite [2007-03-07 10:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Leadertech [2008-09-19 18:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Nokia [2010-10-18 20:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Nokia Multimedia Player [2007-09-09 23:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Opera [2010-10-18 20:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\PC Suite [2007-01-03 23:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\ScanSoft [2010-01-30 19:54:03 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job [2009-11-26 17:08:46 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\NSSstub.job [color=#E56717]========== Purity Check ==========[/color]OTL logfile created on: 2011-07-26 15:11:11 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Kamila\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,48 Mb Total Physical Memory | 114,51 Mb Available Physical Memory | 29,86% Memory free 1,46 Gb Paging File | 1,15 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152H:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,26 Gb Total Space | 2,21 Gb Free Space | 26,82% Space Free | Partition Type: NTFS Drive D: | 1,51 Gb Total Space | 1,05 Gb Free Space | 69,44% Space Free | Partition Type: NTFS Drive E: | 8,88 Gb Total Space | 2,55 Gb Free Space | 28,75% Space Free | Partition Type: NTFS Drive H: | 4,01 Gb Total Space | 0,60 Gb Free Space | 14,89% Space Free | Partition Type: FAT32 Drive I: | 1,85 Gb Total Space | 0,05 Gb Free Space | 2,80% Space Free | Partition Type: FAT Computer Name: SERWER | User Name: Kamila | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe PRC - [2011-04-30 11:35:10 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2011-01-15 10:20:14 | 000,382,976 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe PRC - [2011-01-15 10:20:08 | 000,478,720 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe PRC - [2010-06-22 14:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2007-03-23 13:20:52 | 000,227,328 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe PRC - [2006-08-21 01:24:46 | 002,068,527 | ---- | M] () -- C:\Program Files\Free Download Manager\fdm.exe PRC - [2005-11-23 20:19:22 | 000,229,376 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe PRC - [2005-11-23 19:34:50 | 000,315,392 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\vsserv.exe PRC - [2005-10-11 12:28:08 | 000,360,448 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\bdmcon.exe PRC - [2005-08-24 14:43:36 | 000,061,440 | ---- | M] () -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe PRC - [2005-06-02 17:16:48 | 000,069,632 | ---- | M] (Softwin) -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe PRC - [2005-04-06 14:09:42 | 000,033,280 | ---- | M] () -- C:\Program Files\Softwin\BitDefender9\bdswitch.exe PRC - [2005-03-11 18:53:30 | 000,090,112 | ---- | M] (SOFTWIN SRL) -- C:\Program Files\Softwin\BitDefender9\bdoesrv.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2005-11-16 19:18:14 | 000,118,784 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\bdoe.dll MOD - [2005-06-02 17:16:50 | 000,061,440 | ---- | M] (Softwin) -- C:\WINDOWS\system32\xcomm.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (gusvc) SRV - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2005-11-23 20:19:22 | 000,229,376 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe -- (LIVESRV) SRV - [2005-11-23 19:34:50 | 000,315,392 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Program Files\Softwin\BitDefender9\vsserv.exe -- (VSSERV) SRV - [2005-08-24 14:43:36 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe -- (bdss) SRV - [2005-06-02 17:16:48 | 000,069,632 | ---- | M] (Softwin) [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe -- (XCOMM) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2005-10-22 10:06:26 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959) DRV - [2005-07-28 16:42:52 | 000,014,081 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Softwin\BitDefender9\filespy.sys -- (FILESpy) DRV - [2005-06-28 19:46:00 | 000,024,859 | ---- | M] (Windigo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CSRBC01.sys -- (CSRBC01) DRV - [2005-03-22 04:03:04 | 000,032,910 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120) DRV - [2004-09-28 16:18:00 | 000,057,512 | ---- | M] (Windigo Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Btcomm.sys -- (BTCOMM) DRV - [2004-08-04 08:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 08:03:35 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-06-07 18:40:32 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser) DRV - [2004-05-13 14:31:54 | 000,010,479 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Softwin\BitDefender9\regspy.sys -- (REGSpy) DRV - [2004-03-02 10:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys) DRV - [2004-03-02 10:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2003-03-18 11:31:00 | 000,015,876 | ---- | M] (Windigo Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtKrnBdg.sys -- (BTKRNBDG) DRV - [2002-09-29 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2002-09-29 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [2001-08-17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) [2010-01-08 14:59:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamila\Dane aplikacji\Mozilla\Extensions [2007-03-11 20:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamila\Dane aplikacji\Mozilla\Firefox\Profiles\l4c0jcmf.default\extensions O1 HOSTS File: ([2002-09-29 00:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - File not found O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {158A76DA-5B5C-40DB-BCE5-FCDA2FBDF26C} - C:\WINDOWS\system32\hsfcisp.dll () O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found O3 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found O4 - HKLM..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender9\bdmcon.exe (SOFTWIN S.R.L.) O4 - HKLM..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender9\bdoesrv.exe (SOFTWIN SRL) O4 - HKLM..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender9\bdswitch.exe () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [Regedit32] File not found O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [ChomikBox] File not found O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [FCfUcyewLU.exe] C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe () O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [sIBFBKLnsevbHgX] C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe () O4 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..\Run: [wuaucldt] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.29 85.255.112.105 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\IrfanView_Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\IrfanView_Wallpaper.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-13 21:36:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005-12-30 16:22:08 | 000,000,133 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-07-26 14:22:50 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe [2011-07-26 13:51:10 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Kamila\Pulpit\SPTDinst-v178-x86.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe [2011-07-26 14:15:31 | 000,000,240 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgX [2011-07-26 14:15:16 | 000,427,520 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll [2011-07-26 14:14:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-07-26 14:14:49 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys [2011-07-26 14:08:32 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\sg64y4l4 GMER.exe [2011-07-26 13:42:10 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Kamila\Pulpit\SPTDinst-v178-x86.exe [2011-07-26 12:32:56 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-25 19:20:59 | 000,000,488 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX [2011-07-22 20:04:35 | 000,061,088 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\swinka-pepa_1.gif [2011-07-20 14:07:04 | 000,016,026 | -HS- | M] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\g6lyf2is3777x0 [2011-07-20 14:07:04 | 000,016,026 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\g6lyf2is3777x0 [2011-07-20 14:05:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-07-12 11:49:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-26 14:08:31 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\sg64y4l4 GMER.exe [2011-07-22 20:05:06 | 000,061,088 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\swinka-pepa_1.gif [2011-07-12 10:54:49 | 000,016,026 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\g6lyf2is3777x0 [2011-07-12 10:54:48 | 000,016,026 | -HS- | C] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\g6lyf2is3777x0 [2011-05-23 18:40:29 | 000,001,104 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2011-04-01 11:41:44 | 000,121,344 | ---- | C] () -- C:\WINDOWS\System32\hsfcisp.dll [2011-01-15 10:44:40 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgXr [2011-01-15 10:44:39 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgX [2011-01-15 10:44:13 | 000,000,488 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX [2011-01-15 10:20:14 | 000,382,976 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe [2011-01-15 10:20:09 | 000,478,720 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe [2011-01-15 10:20:09 | 000,427,520 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll [2010-12-10 12:51:25 | 000,035,842 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe [2010-04-02 19:09:59 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll [2010-02-18 11:00:51 | 000,000,013 | ---- | C] () -- C:\WINDOWS\compedia.ini [2009-07-01 15:48:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\a5e2fab6.sys [2008-09-19 17:08:19 | 000,574,475 | ---- | C] () -- C:\Documents and Settings\Kamila\Dane aplikacji\NMM-MetaData.db [2007-11-11 13:41:39 | 000,000,274 | ---- | C] () -- C:\WINDOWS\CO3_0.INI [2007-06-24 17:56:14 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2007-06-08 19:11:02 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ESICOMMN.DLL [2007-06-08 19:11:01 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\BTSetBootKey.exe [2007-05-23 23:10:08 | 000,000,034 | ---- | C] () -- C:\WINDOWS\winhelp.ini [2007-05-17 17:12:44 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2007-05-16 20:26:19 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2007-05-16 19:46:16 | 000,000,540 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2007-03-04 16:33:40 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2007-03-04 16:33:40 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2007-03-04 16:33:29 | 001,531,904 | ---- | C] () -- C:\WINDOWS\adiras.exe [2007-03-04 16:33:27 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe [2007-03-04 16:33:23 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2007-03-04 16:33:22 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2007-03-04 16:33:20 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2007-03-04 16:33:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2007-02-25 18:57:03 | 000,000,047 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat [2007-02-07 10:13:39 | 000,000,334 | -HS- | C] () -- C:\WINDOWS\System32\mfcee.exe [2007-02-07 10:12:38 | 000,000,370 | -HS- | C] () -- C:\WINDOWS\System32\mdmd.exe [2007-02-04 19:29:42 | 000,076,589 | -HS- | C] () -- C:\WINDOWS\System32\srrvc.exe [2007-02-04 10:03:32 | 000,071,518 | -HS- | C] () -- C:\WINDOWS\System32\mfee.exe [2007-01-21 23:41:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2006-10-12 23:12:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-10-09 13:39:26 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin [2006-10-09 00:22:06 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\getfile.dat [2006-10-08 21:14:58 | 000,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini [2006-10-08 21:12:22 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\adinst32.dll [2006-10-08 12:44:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2006-10-08 12:40:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2006-10-07 18:50:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini [2006-10-07 18:50:03 | 000,000,462 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2006-10-07 18:50:03 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2006-10-07 18:44:29 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf05a.dat [2006-10-07 18:42:15 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2006-09-23 09:03:50 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-09-17 15:11:53 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini [2006-09-14 12:57:35 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-09-13 22:15:57 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006-09-13 22:14:30 | 000,196,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006-09-13 21:41:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006-09-13 21:30:52 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2005-09-02 14:48:40 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\sockspy.dll [2002-12-06 17:37:06 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2002-09-29 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002-09-29 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2002-09-29 00:00:00 | 000,355,830 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2002-09-29 00:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2002-09-29 00:00:00 | 000,311,740 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2002-09-29 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2002-09-29 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2002-09-29 00:00:00 | 000,049,712 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2002-09-29 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2002-09-29 00:00:00 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2002-09-29 00:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2002-09-29 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2002-09-29 00:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2002-09-29 00:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2002-09-29 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2002-03-04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [color=#E56717]========== LOP Check ==========[/color] [2007-03-06 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2010-10-06 13:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2006-10-08 08:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MSScanAppDataDir [2010-10-06 13:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2006-10-08 22:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2006-10-07 18:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2007-03-06 20:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\DataLayer [2011-07-26 15:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Free Download Manager [2006-10-08 23:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Gadu-Gadu [2007-01-29 13:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Kazaa Lite [2007-03-07 10:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Leadertech [2008-09-19 18:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Nokia [2010-10-18 20:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Nokia Multimedia Player [2007-09-09 23:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Opera [2010-10-18 20:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\PC Suite [2007-01-03 23:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\ScanSoft [2010-01-30 19:54:03 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job [2009-11-26 17:08:46 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\NSSstub.job [color=#E56717]========== Purity Check ==========[/color] < End of report > < End of report > SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwFlushKey [0xF458C9A4] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwLoadKey [0xF458CE66] SSDT \??\C:\Program Files\Softwin\BitDefender9\filespy.sys ZwOpenFile [0xF435EEFD] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwOpenKey [0xF458C8D6] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwQueryKey [0xF458CDB4] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwQueryValueKey [0xF458CE2A] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwSetValueKey [0xF458CAAF] SSDT \??\C:\Program Files\Softwin\BitDefender9\regspy.sys ZwUnloadKey [0xF458CE96] ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\Explorer.EXE[1400] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 01C92150 C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll .text C:\WINDOWS\Explorer.EXE[1400] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 01C923A0 C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll .text C:\WINDOWS\Explorer.EXE[1400] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 01C926E0 C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll .text C:\WINDOWS\Explorer.EXE[1400] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 01C92C90 C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll .text C:\WINDOWS\Explorer.EXE[1400] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 01C92A80 C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll .text C:\WINDOWS\Explorer.EXE[1400] kernel32.dll!LoadLibraryW 7C80AE5B 5 Bytes JMP 01C92790 C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs filespy.sys AttachedDevice \FileSystem\Fastfat \Fat filespy.sys ---- Files - GMER 1.0.15 ---- File C:\Documents and Settings\Kamila\Ustawienia lokalne\Temporary Internet Files\Content.IE5\01234567\26114[1].jpg 0 bytes ---- EOF - GMER 1.0.15 ----[/code]

Kod: Zaznacz wszystko

**Posty:** 12734 · przez **Mikou@j** 26 Lip 2011, 15:31

Wklej wszystko tak jak należy. Poza tym brakuje dwóch logów z OTL obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html

**Posty:** 2183 · przez **NieWiem** 26 Lip 2011, 17:26

Nie no, wkleił OTLa i Gmera, tylko w takim burdelu, że czytać ciężko. Najlepiej na przyszłość każdy raport z osobna wklejaj na jakimś serwisie wklejkowym (http://www.wklej.pl) i dawaj linka. I brakuje loga extras, to też uzupełnij.

**Posty:** 11 · przez **szymon18022005** 26 Lip 2011, 19:04

ok. przepraszam za ten burdel ale to mój chrzest w serwisie .postaram sie uporządkować .dzięki.

Dodano Dzisiaj, 19:41:
log OTL http://wklej.org/id/567634/
log exras http://wklej.org/id/567639/

Dodano Dzisiaj, 20:52:
log gmer http://wklej.org/id/567688/

**Posty:** 2183 · przez **NieWiem** 27 Lip 2011, 00:08

Będzie Cię czekać wymiana haseł logowania na wszystko: maile, profile, nawet do Windowsa, tylko na Boga jak już skończymy sprzątać, bo jak teraz dasz nowe to je zaraz znowu wykradną.

Pobierz AVZ od Z-Olega
link

Wypakuj na pulpicie i uruchom. Zrób aktualizację wciskając przycisk

Jeśli zwróci błąd, wybierz inne źródło.

Potem idź do menu File - wybierz Standard Scripts.
Zaznacz opcję Advanced System Analysis i wybierz Execute selected Scripts. Zatwierdź i poczekaj na ukończenie pracy.

Idź do Folderu avz4, znajdź folder LOG. Znajdziesz tam plik virusinfo_syscheck.zip - wrzuć go na http://www.speedyshare.com i podaj mi linka do paczki.

**Posty:** 11 · przez **szymon18022005** 27 Lip 2011, 11:39

witam.zrobiłem wedle instrukcji.podaje link z tym że u mnie sie nie otwiera.pozdrawiam.http://www.speedyshare.com/files/29597262/virusinfo_syscheck.zip

Dodano Dzisiaj, 11:57:
czy wymiana haseł dotyczy wszystkich użytkowników kompa?bo do części nie mam dostępu.oczywiście kwestia dogadania.pozdrawiam

**Posty:** 2183 · przez **NieWiem** 27 Lip 2011, 14:08

Ma się u mnie otwierać, u Ciebie nie musi

Uruchom ponownie AVZ

File -> Custom Scripts
W oknie wklej zawartość ramki

Kod: Zaznacz wszystko: begin DeleteFile('c:\documents and settings\all users\dane aplikacji\fcfucyewlu.exe'); DeleteFile('c:\documents and settings\all users\dane aplikacji\sibfbklnsevbhgx.exe'); DeleteFile('C:\Documents and Settings\All Users\Dane aplikacji\CiOCLFAGVr.dll'); RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','FCfUcyewLU.exe'); DeleteFile('C:\Documents and Settings\All Users\Dane aplikacji\FCfUcyewLU.exe'); DeleteFile('C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX.exe'); RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','sIBFBKLnsevbHgX'); end.

Kliknij Run, potwierdź restart.

Po restarcie

Uruchom AVZ
File -> Standard Scripts
Wybierz Advanced System Analysis
i jak poprzednio - spakuj virusinfo_syscheck.zip - wrzuć go na www.speedyshare.com i podaj mi linka do paczki.

Wykonaj także świeży komplet logów OTL + Gmer (z OTLa może być tylko główny, bez ekstras)

Hasła należy wymienić dla całego komputera i od tego nie ma zmiłuj.

**Posty:** 11 · przez **szymon18022005** 27 Lip 2011, 19:44

mówisz i masz. narazie log avz http://www.speedyshare.com/files/29603878/virusinfo_syscheck.zip

Dodano Dzisiaj, 20:21:
extras http://wklej.org/id/568298/
otl http://wklej.org/id/568297/

**Posty:** 2183 · przez **NieWiem** 27 Lip 2011, 20:23

Zanim wysprzątamy resztę chcę wiedzieć jak objawy.

**Posty:** 11 · przez **szymon18022005** 27 Lip 2011, 21:10

i jest Gmer http://wklej.org/id/568339/

**Posty:** 2183 · przez **NieWiem** 28 Lip 2011, 08:06

Jeszcze raz: chcę wiedzieć jak objawy, czy coś jeszcze się dzieje.

Większość puściła, zostały same odpadki do pozamiatania.

Uruchom Mozilla Firefox albo Internet Explorer
Wejdź na stronę -> jotti
następnie przeskanuj tam plik

Kod: Zaznacz wszystko: C:\WINDOWS\system32\hsfcisp.dll

przeklej wyniki skanowania

**Posty:** 11 · przez **szymon18022005** 28 Lip 2011, 08:43

witam .

Kod: Zaznacz wszystko: Nazwa pliku: hsfcisp.dll Stan: Skanowanie zakończone. 14 z 20 skanerów zgłaszają szkodliwe oprogramowanie. Skanowanie podjęte w: czw 28 lip 2011 08:33:24 (CET) Link stały -------------------------------------------------------------------------------- Dodatkowe informacje Rozmiar pliku: 121344 bajtów Typ pliku: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit MD5: 2e398b402056a4aff0dba3ee1d517879 SHA1: 68598895edc180407c7ab7305c5cf10b235a529d Skanery 2011-07-28 Trojan.Smardf.Puh 2011-07-28 Gen:Variant.Beax.2 2011-07-27 Win32:Boaxxe-R 2011-07-28 Gen:Variant.Beax.2 2011-07-27 Delf.TJU 2011-07-28 Trojan-Dropper.Win32.Boaxxe 2011-07-28 DR/Delphi.Gen 2011-07-27 Nic nie znaleziono 2011-07-28 Gen:Variant.Beax.2 2011-07-27 Win32/Delf.OAX 2011-07-28 Nic nie znaleziono 2011-07-27 Nic nie znaleziono 2011-07-28 Nic nie znaleziono 2011-07-28 Trojan.Boaxxe.R 2011-07-28 Nic nie znaleziono 2011-07-28 Troj/Boaxxe-R 2011-07-28 Trojan-Dropper.Win32.Boaxxe!IK 2011-07-27 Trojan.Smardf.ody 2011-07-27 W32/Delf.V.gen!Eldorado 2011-07-27 Nic nie znaleziono

wszystko powróciło do normy z jednym wyjątkiem prog.CTF Loader stara sie coś zmodyfikować(komunikat bitdefendera)poza tym wszystko OK.

**Posty:** 2183 · przez **NieWiem** 28 Lip 2011, 08:57

Popraw proszę poprzedni raport w tagi

Kod: Zaznacz wszystko: = = = = = = = = = Uruchom OTL W oknie na dole wklej: [code] :processes killallprocesses :services :otl O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - File not found O2 - BHO: (no name) - {158A76DA-5B5C-40DB-BCE5-FCDA2FBDF26C} - C:\WINDOWS\system32\hsfcisp.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found O4 - HKLM..\Run: [Regedit32] File not found O4 - HKCU..\Run: [ChomikBox] File not found O4 - HKCU..\Run: [wuaucldt] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = File not found O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB (Reg Error: Key error.) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found [2011-07-27 11:36:54 | 000,028,195 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\virusinfo syscheck.zip [2011-07-27 09:27:07 | 006,175,589 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\avz4.zip :files C:\Documents and Settings\Kamila\Pulpit\avz4 C:\Documents and Settings\Kamila\Pulpit\virusinfo_syscheck.zip :reg :commands [purity] [emptytemp] [emptyflash] [clearallrestorepoints]

Wciśnij Run Fix (Wykonaj skrypt) i zatwierdź restart

Do wglądu raport z czyszczenia i nowy log z OTL

**Posty:** 11 · przez **szymon18022005** 28 Lip 2011, 09:05

Kod: Zaznacz wszystko: Nazwa pliku: hsfcisp.dll Stan: Skanowanie zakończone. 14 z 20 skanerów zgłaszają szkodliwe oprogramowanie. Skanowanie podjęte w: czw 28 lip 2011 08:33:24 (CET) Link stały -------------------------------------------------------------------------------- Dodatkowe informacje Rozmiar pliku: 121344 bajtów Typ pliku: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit MD5: 2e398b402056a4aff0dba3ee1d517879 SHA1: 68598895edc180407c7ab7305c5cf10b235a529d Skanery 2011-07-28 Trojan.Smardf.Puh 2011-07-28 Gen:Variant.Beax.2 2011-07-27 Win32:Boaxxe-R 2011-07-28 Gen:Variant.Beax.2 2011-07-27 Delf.TJU 2011-07-28 Trojan-Dropper.Win32.Boaxxe 2011-07-28 DR/Delphi.Gen 2011-07-27 Nic nie znaleziono 2011-07-28 Gen:Variant.Beax.2 2011-07-27 Win32/Delf.OAX 2011-07-28 Nic nie znaleziono 2011-07-27 Nic nie znaleziono 2011-07-28 Nic nie znaleziono 2011-07-28 Trojan.Boaxxe.R 2011-07-28 Nic nie znaleziono 2011-07-28 Troj/Boaxxe-R 2011-07-28 Trojan-Dropper.Win32.Boaxxe!IK 2011-07-27 Trojan.Smardf.ody 2011-07-27 W32/Delf.V.gen!Eldorado 2011-07-27 Nic nie znaleziono

Dodano Dzisiaj, 09:46:
podaje raport

Kod: Zaznacz wszystko: [/codeAll processes killed [code]========== PROCESSES ========== ========== SERVICES/DRIVERS ========== ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{158A76DA-5B5C-40DB-BCE5-FCDA2FBDF26C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{158A76DA-5B5C-40DB-BCE5-FCDA2FBDF26C}\ deleted successfully. C:\WINDOWS\system32\hsfcisp.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ChomikBox deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\wuaucldt deleted successfully. C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk moved successfully. Starting removal of ActiveX control {0000000A-0000-0010-8000-00AA00389B71} C:\WINDOWS\Downloaded Program Files\WMAVAX.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0000000A-0000-0010-8000-00AA00389B71}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0000000A-0000-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0000000A-0000-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0000000A-0000-0010-8000-00AA00389B71}\ not found. Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71} C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found. File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found. Starting removal of ActiveX control DirectAnimation Java Classes Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found. File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found. Starting removal of ActiveX control Microsoft XML Parser for Java Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found. Starting removal of ActiveX control {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} C:\WINDOWS\Downloaded Program Files\swflash.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully. C:\Documents and Settings\Kamila\Pulpit\virusinfo syscheck.zip moved successfully. C:\Documents and Settings\Kamila\Pulpit\avz4.zip moved successfully. ========== FILES ========== C:\Documents and Settings\Kamila\Pulpit\avz4\LOG folder moved successfully. C:\Documents and Settings\Kamila\Pulpit\avz4\Base folder moved successfully. C:\Documents and Settings\Kamila\Pulpit\avz4 folder moved successfully. C:\Documents and Settings\Kamila\Pulpit\virusinfo_syscheck.zip moved successfully. ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Gość ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Kamila ->Temp folder emptied: 3151444 bytes ->Temporary Internet Files folder emptied: 2641840 bytes ->Java cache emptied: 178004 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 678 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 65536 bytes RecycleBin emptied: 1971319 bytes Total Files Cleaned = 8,00 mb [EMPTYFLASH] User: All Users User: Default User User: Gość User: Kamila ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb Restore points cleared and new OTL Restore Point set! OTL by OldTimer - Version 3.2.26.1 log created on 07282011_091039 Files\Folders moved on Reboot... C:\Documents and Settings\Kamila\Ustawienia lokalne\Temporary Internet Files\Content.IE5\KPQ9APUD\bb3fdb1a5ceaff1feb42773f7cff28b5ba7f17a3[1].htm moved successfully. C:\Documents and Settings\Kamila\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CP234XA7\ads[3] moved successfully. C:\Documents and Settings\Kamila\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CP234XA7\searchTrack[1].htm moved successfully. C:\Documents and Settings\Kamila\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CP234XA7\wantitnews[1] moved successfully. C:\Documents and Settings\Kamila\Ustawienia lokalne\Temporary Internet Files\Content.IE5\4ZYNQV6F\ads[1] moved successfully. Registry entries deleted on Reboot... ]

Dodano Dzisiaj, 10:15:
podaje logi
extras http://wklej.org/id/568523/
otl http://wklej.org/id/568524/

**Posty:** 2183 · przez **NieWiem** 28 Lip 2011, 11:05

Proszę poprawić raporty w tagi code albo przestanę pomagać.

Jeszcze będzie poprawka. Wklej do OTL

Kod: Zaznacz wszystko: :OTL [2011-01-12 14:16:52 | 000,035,842 | ---- | M] () -- C:\WINDOWS\Sysvxd.exe [2011-07-20 14:07:04 | 000,016,026 | -HS- | M] () -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\g6lyf2is3777x0 [2011-07-20 14:07:04 | 000,016,026 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\g6lyf2is3777x0 [2007-02-07 10:13:39 | 000,000,334 | -HS- | C] () -- C:\WINDOWS\System32\mfcee.exe [2007-02-07 10:12:38 | 000,000,370 | -HS- | C] () -- C:\WINDOWS\System32\mdmd.exe [2007-02-04 19:29:42 | 000,076,589 | -HS- | C] () -- C:\WINDOWS\System32\srrvc.exe [2007-02-04 10:03:32 | 000,071,518 | -HS- | C] () -- C:\WINDOWS\System32\mfee.exe :Files D:\doc\Disk Optimizer.lnk C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgX C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgXr C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Klikasz "wykonaj skrypt", prezentujesz powstały raport w tagu [CODE] oraz nowy z OTL.

Idź jeszcze na jotti i przeskanuj tam:

C:\WINDOWS\System32\imon1.dat

Autor postu otrzymał pochwałę

**Posty:** 11 · przez **szymon18022005** 28 Lip 2011, 23:47

witam.przepraszam ale nie bardzo czaje.prykładowo zaznaczam myszką log ->kopiuj->code->wklej(tak robie)
czy odwrotnie kopiuj->wklej->code.???

Dodano Dzisiaj, 23:49:
a może lepiej wklejać w wklej.org.

**Posty:** 18165 · przez **wojtas** 29 Lip 2011, 00:38

możesz dać na wklej.org

na przyszłość :

wklejasz log do tematu, przeciągasz myszką po całym logu i gdy masz podświetlony log naciskasz code

**Posty:** 11 · przez **szymon18022005** 29 Lip 2011, 09:10

ok.teraz wszystko jasne.pozdrawiam

Dodano Dzisiaj, 10:59:
witam.

Kod: Zaznacz wszystko: ========== OTL ========== C:\WINDOWS\Sysvxd.exe moved successfully. C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\g6lyf2is3777x0 moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\g6lyf2is3777x0 moved successfully. C:\WINDOWS\system32\mfcee.exe moved successfully. C:\WINDOWS\system32\mdmd.exe moved successfully. C:\WINDOWS\system32\srrvc.exe moved successfully. C:\WINDOWS\system32\mfee.exe moved successfully. ========== FILES ========== D:\doc\Disk Optimizer.lnk moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgX moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\sIBFBKLnsevbHgX moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\~sIBFBKLnsevbHgXr moved successfully. C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully. OTL by OldTimer - Version 3.2.26.1 log created on 07302011_105749

Dodano Dzisiaj, 11:05:
skan yotti

Kod: Zaznacz wszystko: Skaner malware'u Jotti Nazwa pliku: imon1.dat Stan: Skanowanie zakończone. 0 z 20 skanerów zgłaszają szkodliwe oprogramowanie. Skanowanie podjęte w: sob 30 lip 2011 11:02:56 (CET) Link stały -------------------------------------------------------------------------------- Dodatkowe informacje Rozmiar pliku: 47 bajtów Typ pliku: ASCII text, with CRLF line terminators MD5: 54a5faac633ba3cdb0b484db44af573b SHA1: dcd7481c6e3689a2bd1d018d724e4b8c0b4878fd Skanery 2011-07-30 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-30 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-29 Nic nie znaleziono 2011-07-29 Nic nie znaleziono

Dodano Dzisiaj, 11:27:

Kod: Zaznacz wszystko: OTL logfile created on: 2011-07-30 11:00:25 - Run 4 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Kamila\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,48 Mb Total Physical Memory | 113,60 Mb Available Physical Memory | 29,62% Memory free 1,46 Gb Paging File | 1,24 Gb Available in Paging File | 84,78% Paging File free Paging file location(s): C:\pagefile.sys 576 1152H:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,26 Gb Total Space | 2,26 Gb Free Space | 27,37% Space Free | Partition Type: NTFS Drive D: | 1,51 Gb Total Space | 1,05 Gb Free Space | 69,44% Space Free | Partition Type: NTFS Drive E: | 8,88 Gb Total Space | 2,55 Gb Free Space | 28,75% Space Free | Partition Type: NTFS Drive H: | 4,01 Gb Total Space | 0,60 Gb Free Space | 14,88% Space Free | Partition Type: FAT32 Computer Name: SERWER | User Name: Kamila | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe PRC - [2011-04-30 11:35:10 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2010-06-22 14:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2007-03-23 13:20:52 | 000,227,328 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe PRC - [2005-11-23 20:19:22 | 000,229,376 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe PRC - [2005-11-23 19:34:50 | 000,315,392 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\vsserv.exe PRC - [2005-10-11 12:28:08 | 000,360,448 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\bdmcon.exe PRC - [2005-08-24 14:43:36 | 000,061,440 | ---- | M] () -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe PRC - [2005-06-02 17:16:48 | 000,069,632 | ---- | M] (Softwin) -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe PRC - [2005-04-06 14:09:42 | 000,033,280 | ---- | M] () -- C:\Program Files\Softwin\BitDefender9\bdswitch.exe PRC - [2005-03-11 18:53:30 | 000,090,112 | ---- | M] (SOFTWIN SRL) -- C:\Program Files\Softwin\BitDefender9\bdoesrv.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2005-11-16 19:18:14 | 000,118,784 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender9\bdoe.dll MOD - [2005-06-02 17:16:50 | 000,061,440 | ---- | M] (Softwin) -- C:\WINDOWS\system32\xcomm.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (gusvc) SRV - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2005-11-23 20:19:22 | 000,229,376 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe -- (LIVESRV) SRV - [2005-11-23 19:34:50 | 000,315,392 | ---- | M] (SOFTWIN S.R.L.) [Auto | Running] -- C:\Program Files\Softwin\BitDefender9\vsserv.exe -- (VSSERV) SRV - [2005-08-24 14:43:36 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe -- (bdss) SRV - [2005-06-02 17:16:48 | 000,069,632 | ---- | M] (Softwin) [Auto | Running] -- C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe -- (XCOMM) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2005-10-22 10:06:26 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959) DRV - [2005-07-28 16:42:52 | 000,014,081 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Softwin\BitDefender9\filespy.sys -- (FILESpy) DRV - [2005-06-28 19:46:00 | 000,024,859 | ---- | M] (Windigo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CSRBC01.sys -- (CSRBC01) DRV - [2005-03-22 04:03:04 | 000,032,910 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120) DRV - [2004-09-28 16:18:00 | 000,057,512 | ---- | M] (Windigo Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Btcomm.sys -- (BTCOMM) DRV - [2004-08-04 08:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 08:03:35 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-06-07 18:40:32 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser) DRV - [2004-05-13 14:31:54 | 000,010,479 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Softwin\BitDefender9\regspy.sys -- (REGSpy) DRV - [2004-03-02 10:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys) DRV - [2004-03-02 10:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2003-03-18 11:31:00 | 000,015,876 | ---- | M] (Windigo Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtKrnBdg.sys -- (BTKRNBDG) DRV - [2002-09-29 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2002-09-29 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [2001-08-17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-839522115-113007714-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) [2010-01-08 14:59:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamila\Dane aplikacji\Mozilla\Extensions [2007-03-11 20:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamila\Dane aplikacji\Mozilla\Firefox\Profiles\l4c0jcmf.default\extensions O1 HOSTS File: ([2002-09-29 00:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll () O4 - HKLM..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender9\bdmcon.exe (SOFTWIN S.R.L.) O4 - HKLM..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender9\bdoesrv.exe (SOFTWIN SRL) O4 - HKLM..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender9\bdswitch.exe () O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.29 85.255.112.105 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\IrfanView_Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\IrfanView_Wallpaper.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-13 21:36:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005-12-30 16:22:08 | 000,000,133 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-839522115-113007714-1957994488-1003..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-839522115-113007714-1957994488-1003\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color] [2011-07-28 09:10:39 | 000,000,000 | ---D | C] -- C:\_OTL [2011-07-26 14:22:50 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe [2011-07-26 13:51:10 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Kamila\Pulpit\SPTDinst-v178-x86.exe [2011-05-25 21:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\Temp [2011-05-25 21:53:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\ChomikBox [2011-05-18 14:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamila\Dane aplikacji\Malwarebytes [2011-05-18 14:10:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-05-18 14:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2011-05-18 14:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2011-05-18 14:10:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-05-18 14:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-05-07 10:56:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamila\Pulpit\eMule0.50a [2011-04-13 13:39:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2011-04-12 10:15:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011-01-15 10:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamila\Menu Start\Programy\Disk Optimizer [2010-12-22 13:55:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Favorites [2010-12-14 15:17:17 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll [2010-12-14 15:11:47 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010-12-13 16:56:29 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll [2010-12-13 16:52:36 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010-12-13 13:42:21 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010-12-13 13:40:55 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010-12-13 09:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2010-10-06 13:48:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys [2010-10-06 13:46:50 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2010-10-06 13:35:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-10-06 13:27:54 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [2010-10-06 13:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2010-10-06 13:23:34 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2010-10-06 13:23:30 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2010-10-06 13:23:25 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2010-10-06 13:23:20 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll [2010-10-06 13:23:20 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2010-10-06 13:23:20 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2010-10-06 13:19:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nokia [2010-08-20 18:33:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamila\Pulpit\AGNIESZKA [color=#E56717]========== Files - Modified Within 360 Days ==========[/color] [2011-07-30 10:49:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-07-30 10:49:41 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys [2011-07-30 10:44:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-07-26 14:22:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamila\Pulpit\OTL.exe [2011-07-26 14:08:32 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\sg64y4l4 GMER.exe [2011-07-26 13:42:10 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Kamila\Pulpit\SPTDinst-v178-x86.exe [2011-07-26 12:32:56 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-22 20:04:35 | 000,061,088 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\swinka-pepa_1.gif [2011-07-12 11:49:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-05-27 20:52:55 | 004,396,453 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\preview(1).mp3 [2011-05-27 15:25:01 | 005,878,431 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\rihanna_sm_www.przeklej.pl.mp3 [2011-05-27 15:20:23 | 004,951,980 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\Black Eyed Peas - Just Can't Get Enough.mp3 [2011-05-23 18:40:29 | 000,001,104 | ---- | M] () -- C:\WINDOWS\bestplayer.ini [2011-05-23 18:40:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\bestplayer.bpp [2011-05-23 18:40:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\bestplayer.bbt [2011-05-23 14:49:16 | 000,000,372 | ---- | M] () -- D:\doc\spider.sav [2011-05-18 14:10:26 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-04-30 11:35:10 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2011-04-05 08:30:19 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe [2011-04-01 13:55:18 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\Skrót do kwiecień 10, 2010 (2).lnk [2011-04-01 13:48:25 | 000,189,349 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\kwiecień 1, 2011 (2).pdf [2011-03-27 09:23:32 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-03-27 09:23:32 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-03-27 09:23:31 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-03-27 09:23:31 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-03-19 19:57:54 | 000,055,756 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\peppa-pig-02.jpg [2011-01-18 16:28:29 | 000,000,013 | ---- | M] () -- C:\WINDOWS\compedia.ini [2011-01-15 11:58:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\0047B0D0_kds.xml [2011-01-15 10:44:33 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\Disk Optimizer.lnk [2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-12-20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-12-20 11:03:32 | 008,176,167 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\pink_raise_your_glass_www[1].przeklej.pl.mp3 [2010-12-20 10:46:05 | 005,736,448 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\rio_hot_girl_www[1].przeklej.pl.mp3 [2010-12-20 10:38:59 | 006,723,247 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\swedish_house_mafia_one_your_name_ft_pharrell_www[1].przeklej.pl.mp3 [2010-12-20 10:35:39 | 005,734,766 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\nickelback_this_afternoon_www[1].przeklej.pl.mp3 [2010-12-17 12:26:45 | 003,046,118 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\Madcon ft[1]. Ameerah - Freaky Like Me.mp3 [2010-12-17 10:25:09 | 009,016,416 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\mohombi__bumpy_ride_www[1].przeklej.pl.mp3 [2010-12-14 12:56:10 | 000,000,540 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2010-11-30 18:36:12 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\getfile.dat [2010-11-25 22:36:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\004761A8_kds.xml [2010-10-23 13:30:30 | 000,002,383 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk [2010-10-06 13:47:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2010-10-06 13:47:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2010-09-30 11:39:34 | 004,070,470 | ---- | M] () -- C:\Documents and Settings\Kamila\Pulpit\the veronicas - Untouched.mp3 [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-26 14:08:31 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\sg64y4l4 GMER.exe [2011-07-22 20:05:06 | 000,061,088 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\swinka-pepa_1.gif [2011-05-26 17:47:31 | 004,396,453 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\preview(1).mp3 [2011-05-26 17:47:29 | 005,878,431 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\rihanna_sm_www.przeklej.pl.mp3 [2011-05-25 21:45:34 | 004,951,980 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\Black Eyed Peas - Just Can't Get Enough.mp3 [2011-05-23 18:40:29 | 000,001,104 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2011-05-23 18:40:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bestplayer.bpp [2011-05-23 18:40:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bestplayer.bbt [2011-05-18 14:23:48 | 402,182,144 | -HS- | C] () -- C:\hiberfil.sys [2011-05-18 14:10:26 | 000,000,785 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-04-01 13:56:40 | 000,189,349 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\kwiecień 1, 2011 (2).pdf [2011-04-01 13:55:18 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\Skrót do kwiecień 10, 2010 (2).lnk [2011-03-19 19:58:42 | 000,055,756 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\peppa-pig-02.jpg [2011-01-15 11:44:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\0047B0D0_kds.xml [2011-01-15 10:44:33 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\Disk Optimizer.lnk [2010-12-20 11:03:31 | 008,176,167 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\pink_raise_your_glass_www[1].przeklej.pl.mp3 [2010-12-20 10:46:04 | 005,736,448 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\rio_hot_girl_www[1].przeklej.pl.mp3 [2010-12-20 10:38:59 | 006,723,247 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\swedish_house_mafia_one_your_name_ft_pharrell_www[1].przeklej.pl.mp3 [2010-12-20 10:35:37 | 005,734,766 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\nickelback_this_afternoon_www[1].przeklej.pl.mp3 [2010-12-17 12:26:44 | 003,046,118 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\Madcon ft[1]. Ameerah - Freaky Like Me.mp3 [2010-12-17 10:25:06 | 009,016,416 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\mohombi__bumpy_ride_www[1].przeklej.pl.mp3 [2010-11-25 21:17:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\004761A8_kds.xml [2010-10-06 13:47:41 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2010-10-06 13:47:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2010-09-30 11:39:34 | 004,070,470 | ---- | C] () -- C:\Documents and Settings\Kamila\Pulpit\the veronicas - Untouched.mp3 [2010-04-02 19:09:59 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll [2010-02-18 11:00:51 | 000,000,013 | ---- | C] () -- C:\WINDOWS\compedia.ini [2009-07-01 15:48:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\a5e2fab6.sys [2008-09-19 17:08:19 | 000,574,475 | ---- | C] () -- C:\Documents and Settings\Kamila\Dane aplikacji\NMM-MetaData.db [2007-11-11 13:41:39 | 000,000,274 | ---- | C] () -- C:\WINDOWS\CO3_0.INI [2007-06-24 17:56:14 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2007-06-08 19:11:02 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ESICOMMN.DLL [2007-06-08 19:11:01 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\BTSetBootKey.exe [2007-05-23 23:10:08 | 000,000,034 | ---- | C] () -- C:\WINDOWS\winhelp.ini [2007-05-17 17:12:44 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2007-05-16 20:26:19 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2007-05-16 19:46:16 | 000,000,540 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2007-03-04 16:33:40 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2007-03-04 16:33:40 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2007-03-04 16:33:29 | 001,531,904 | ---- | C] () -- C:\WINDOWS\adiras.exe [2007-03-04 16:33:27 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe [2007-03-04 16:33:23 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2007-03-04 16:33:22 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2007-03-04 16:33:20 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2007-03-04 16:33:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2007-02-25 18:57:03 | 000,000,047 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat [2007-01-21 23:41:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2006-10-12 23:12:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-10-09 13:39:26 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin [2006-10-09 00:22:06 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\getfile.dat [2006-10-08 21:14:58 | 000,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini [2006-10-08 21:12:22 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\adinst32.dll [2006-10-08 12:44:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2006-10-08 12:40:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2006-10-07 18:50:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini [2006-10-07 18:50:03 | 000,000,462 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2006-10-07 18:50:03 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2006-10-07 18:44:29 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf05a.dat [2006-10-07 18:42:15 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2006-09-17 15:11:53 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini [2006-09-14 12:57:35 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-09-13 22:15:57 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006-09-13 22:14:30 | 000,196,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006-09-13 21:41:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006-09-13 21:30:52 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2005-09-02 14:48:40 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\sockspy.dll [2002-12-06 17:37:06 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2002-09-29 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002-09-29 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2002-09-29 00:00:00 | 000,355,830 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2002-09-29 00:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2002-09-29 00:00:00 | 000,311,740 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2002-09-29 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2002-09-29 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2002-09-29 00:00:00 | 000,049,712 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2002-09-29 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2002-09-29 00:00:00 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2002-09-29 00:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2002-09-29 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2002-09-29 00:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2002-09-29 00:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2002-09-29 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2002-03-04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [color=#E56717]========== LOP Check ==========[/color] [2007-03-06 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2010-10-06 13:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2006-10-08 08:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MSScanAppDataDir [2010-10-06 13:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2006-10-08 22:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2006-10-07 18:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2007-03-06 20:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\DataLayer [2011-07-27 12:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Free Download Manager [2006-10-08 23:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Gadu-Gadu [2007-01-29 13:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Kazaa Lite [2007-03-07 10:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Leadertech [2008-09-19 18:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Nokia [2010-10-18 20:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Nokia Multimedia Player [2007-09-09 23:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\Opera [2010-10-18 20:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\PC Suite [2007-01-03 23:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamila\Dane aplikacji\ScanSoft [2010-01-30 19:54:03 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job [2009-11-26 17:08:46 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\NSSstub.job [color=#E56717]========== Purity Check ==========[/color] < End of report >

Dodano Dzisiaj, 11:29:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-07-30 11:00:25 - Run 4 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Kamila\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,48 Mb Total Physical Memory | 113,60 Mb Available Physical Memory | 29,62% Memory free 1,46 Gb Paging File | 1,24 Gb Available in Paging File | 84,78% Paging File free Paging file location(s): C:\pagefile.sys 576 1152H:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,26 Gb Total Space | 2,26 Gb Free Space | 27,37% Space Free | Partition Type: NTFS Drive D: | 1,51 Gb Total Space | 1,05 Gb Free Space | 69,44% Space Free | Partition Type: NTFS Drive E: | 8,88 Gb Total Space | 2,55 Gb Free Space | 28,75% Space Free | Partition Type: NTFS Drive H: | 4,01 Gb Total Space | 0,60 Gb Free Space | 14,88% Space Free | Partition Type: FAT32 Computer Name: SERWER | User Name: Kamila | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-839522115-113007714-1957994488-1003\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" https [open] -- "C:\Program Files\Opera\Opera.exe" InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\eMule\eMule.exe" = C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation) "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B33F4E9-3FAF-11D7-A88F-FB2613DD5962}" = Odjazdowy Rajd "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite "{7239A06F-235B-43B1-970D-7A411FD95683}" = Nokia Software Updater "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{A0C65E65-5CF2-4C16-8023-950BA678FE15}" = XTNDConnect Blue Manager 3.3 "{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort "{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 7.0 Professional Edition "{AC76BA86-7AD7-1045-7B44-A70500000002}" = Adobe Reader 7.0.5 - Polish "{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite "{D0A858BE-A665-4C0D-BC5F-C37E534B7669}" = PC Connectivity Solution "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{DE37869C-0935-4309-81F4-BE862585AC9C}" = BitDefender 9 Professional Plus "{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver "0852D05415AB9A4F1EF451E342267F76C776ED2F" = Pakiet sterowników systemu Windows - Nokia Modem (11/03/2006 6.82.0.1) "0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Free Download Manager_is1" = Free Download Manager 2.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Nokia PC Suite" = Nokia PC Suite "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Winamp" = Winamp (remove only) "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 2 "WinRAR archiver" = Archiwizator WinRAR "Yahoo! Toolbar" = Yahoo! Toolbar [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-07-27 15:17:54 | Computer Name = SERWER | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2011-07-27 15:17:54 | Computer Name = SERWER | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2011-07-27 15:17:54 | Computer Name = SERWER | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2011-07-27 15:17:54 | Computer Name = SERWER | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2011-07-27 15:17:54 | Computer Name = SERWER | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2011-07-27 15:17:55 | Computer Name = SERWER | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2011-07-27 15:17:55 | Computer Name = SERWER | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2011-07-27 15:17:55 | Computer Name = SERWER | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2011-07-27 15:17:55 | Computer Name = SERWER | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: To połączenie sieciowe nie istnieje. Error - 2011-07-30 04:47:54 | Computer Name = SERWER | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. [ System Events ] Error - 2011-06-21 13:31:43 | Computer Name = SERWER | Source = EL90XBC | ID = 5001 Description = \DEVICE\{50AB887C-30F8-4F0A-A8B0-2D4DD964B87F}: nie można przydzielić zasobów niezbędnych dla operacji. Error - 2011-06-22 05:27:13 | Computer Name = SERWER | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu: %%1058 Error - 2011-06-22 05:27:15 | Computer Name = SERWER | Source = ACPI | ID = 327685 Description = AMLI: System BIOS ACPI dokonuje próby zapisu do niedozwolonego adresu portu We/Wy (0x70), który znajduje się w chronionym zakresie adresów 0x70 - 0x71. To może prowadzić do niestabilności systemu. Skontaktuj się z dostawcą systemu w celu uzyskania pomocy technicznej. Error - 2011-06-22 05:27:15 | Computer Name = SERWER | Source = ACPI | ID = 327684 Description = AMLI: System BIOS ACPI dokonuje próby odczytu z niedozwolonego adresu portu We/Wy (0x71), który znajduje się w chronionym zakresie adresów 0x70 - 0x71. To może prowadzić do niestabilności systemu. Skontaktuj się z dostawcą systemu w celu uzyskania pomocy technicznej. Error - 2011-06-22 05:27:15 | Computer Name = SERWER | Source = EL90XBC | ID = 5001 Description = \DEVICE\{50AB887C-30F8-4F0A-A8B0-2D4DD964B87F}: nie można przydzielić zasobów niezbędnych dla operacji. Error - 2011-06-22 05:28:07 | Computer Name = SERWER | Source = Windows Update Agent | ID = 16 Description = Nie można nawiązać połączenia: System Windows nie może połączyć się z usługą aktualizacji automatycznych i dlatego nie można pobrać i zainstalować aktualizacji zgodnie z ustalonym harmonogramem. System Windows będzie kontynuował próby ustanowienia połączenia. Error - 2011-06-22 09:15:48 | Computer Name = SERWER | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu: %%1058 Error - 2011-06-22 09:15:49 | Computer Name = SERWER | Source = ACPI | ID = 327685 Description = AMLI: System BIOS ACPI dokonuje próby zapisu do niedozwolonego adresu portu We/Wy (0x70), który znajduje się w chronionym zakresie adresów 0x70 - 0x71. To może prowadzić do niestabilności systemu. Skontaktuj się z dostawcą systemu w celu uzyskania pomocy technicznej. Error - 2011-06-22 09:15:49 | Computer Name = SERWER | Source = ACPI | ID = 327684 Description = AMLI: System BIOS ACPI dokonuje próby odczytu z niedozwolonego adresu portu We/Wy (0x71), który znajduje się w chronionym zakresie adresów 0x70 - 0x71. To może prowadzić do niestabilności systemu. Skontaktuj się z dostawcą systemu w celu uzyskania pomocy technicznej. Error - 2011-06-22 09:15:49 | Computer Name = SERWER | Source = EL90XBC | ID = 5001 Description = \DEVICE\{50AB887C-30F8-4F0A-A8B0-2D4DD964B87F}: nie można przydzielić zasobów niezbędnych dla operacji. < End of report >

Dodano Dzisiaj, 18:20:
witam. czy mogę już przystąpić do zmiany haseł?

Dodano Dzisiaj, 13:35:

Dodano Dzisiaj, 10:26:
witam.???

Dodano Dzisiaj, 10:02:
witam. czy mogę już przystąpić do zmiany haseł?

**Posty:** 2183 · przez **NieWiem** 04 Sie 2011, 11:09

Przepraszam za nieobecność.

Pobierz i zainstaluj MBAM:
mirror do pobrania

Podczas instalacji zaznaczone mają być opcje:

Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware

Wykonaj pełne skanowanie i pokaż raport.

**Posty:** 11 · przez **szymon18022005** 07 Sie 2011, 11:34

witam daja mbam log

Kod: Zaznacz wszystko: Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Wersja bazy: 7035 Windows 5.1.2600 Dodatek Service Pack 2 Internet Explorer 6.0.2900.2180 2011-08-07 11:08:33 mbam-log-2011-08-07 (11-08-17).txt Typ skanowania: Pełne skanowanie (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Przeskanowano obiektów: 203674 Upłynęło: 1 godzin(y), 42 minut(y), 52 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 15 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 6 Zainfekowanych folderów: 10 Zainfekowanych plików: 8 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CLASSES_ROOT\videoPl.chl (Trojan.Zlob) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken. HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\Software\Sysinternals Antivirus (Rogue.SysinternalsAntivirus) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Fci (Rootkit.Agent) -> No action taken. Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Kamila\Ustawienia lokalne\Dane aplikacji\bgl.exe" -a "C:\Program Files\Intern) Good: (iexplore.exe) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Bad: (85.255.116.29) Good: () -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Bad: (85.255.112.105) Good: () -> No action taken. Zainfekowanych folderów: c:\program files\funwebproducts (Adware.MyWebSearch) -> No action taken. c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> No action taken. c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> No action taken. c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> No action taken. c:\program files\microsoft common (Trojan.Agent) -> No action taken. c:\program files\mywebsearch (Adware.MyWebSearch) -> No action taken. c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> No action taken. c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> No action taken. c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> No action taken. c:\SYSTEM\s-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> No action taken. Zainfekowanych plików: c:\system volume information\_restore{6204a9c2-7ece-4741-aa9f-4a2826e85167}\RP771\A1138508.dll (Trojan.Agent) -> No action taken. c:\WINDOWS\explorer.exe:userini.exe (Rootkit.ADS) -> No action taken. c:\program files\funwebproducts\screensaver\Images\003B2C9E.urr (Adware.MyWebSearch) -> No action taken. c:\program files\mywebsearch\bar\History\search2 (Adware.MyWebSearch) -> No action taken. c:\program files\mywebsearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> No action taken. c:\program files\mywebsearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken. c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken. c:\SYSTEM\s-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> No action taken.

Dodano Dzisiaj, 11:37:
skąd to się nabrało skoro sprawdzam tylko pocztę i syn siedzi trochę na kurniku ???

Kto jest na forum