Prośba o sprawdzenie logów ComboFix i OTL

[borozu]

Witam, niedawno miałem infekcję kompa z cyfrówki kolegi ( nieumyślnie ), były z 4 robaczki które wywaliłem , problematyczny był tylko PSW.Onlinegames.NNU i jego pochodne ale finalnie i z nimi się rozprawiłem. Jednak komp teraz strasznie muli, dysk cały czas pracuje - coś jest po prostu nie tak. Format mi za bardzo teraz nie pasuje, wolałbym pousuwać infekcje o ile takowe są, oto logi:

 

Od razu mówię! Nie wiem czemu CF wykrywa midimap.dll jako zainfekowany, sprawdziłem go paroma skanerami i żaden niczego nie wykazuje

ComboFix 10-03-11.05 - User 2010-03-13   8:56.1.2 - x86Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.2047.1732 [GMT 1:00]Uruchomiony z: c:\documents and settings\User\Pulpit\ComboFix.exe * Rezydentny antywirus jest aktywnyUWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\msconfig.exec:\windows\system32\midimap.dll . . . jest zainfekowany!!.(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_NPF(((((((((((((((((((((((((   Pliki utworzone od 2010-02-13 do 2010-03-13  ))))))))))))))))))))))))))))))).2010-03-13 08:00 . 2010-03-13 08:00	--------	d-----w-	c:\windows\system32\xircom2010-03-13 08:00 . 2010-03-13 08:00	--------	d-----w-	c:\windows\system32\wbem\snmp2010-03-13 08:00 . 2010-03-13 08:00	--------	d-----w-	c:\windows\system32\oobe2010-03-13 08:00 . 2010-03-13 08:00	--------	d-----w-	c:\windows\srchasst2010-03-01 22:24 . 1998-10-07 11:54	327168	----a-w-	c:\windows\IsUn0415.exe2010-02-28 18:19 . 2010-02-28 18:19	--------	d--h--w-	c:\windows\PIF2010-02-26 19:37 . 2010-02-26 19:40	--------	d-----w-	c:\documents and settings\User\Dane aplikacji\Ubisoft2010-02-26 19:31 . 2009-03-09 14:27	453456	----a-w-	c:\windows\system32\d3dx10_41.dll2010-02-26 19:31 . 2009-03-09 14:27	1846632	----a-w-	c:\windows\system32\D3DCompiler_41.dll2010-02-26 19:31 . 2009-03-09 14:27	4178264	----a-w-	c:\windows\system32\D3DX9_41.dll2010-02-26 19:31 . 2009-03-16 13:18	69448	----a-w-	c:\windows\system32\XAPOFX1_3.dll2010-02-26 19:31 . 2009-03-16 13:18	517448	----a-w-	c:\windows\system32\XAudio2_4.dll2010-02-26 19:31 . 2009-03-16 13:18	235352	----a-w-	c:\windows\system32\xactengine3_4.dll2010-02-26 19:31 . 2009-03-16 13:18	22360	----a-w-	c:\windows\system32\X3DAudio1_6.dll2010-02-22 07:41 . 2004-07-09 03:26	47104	----a-w-	c:\windows\system32\dllcache\wstdecod.dll2010-02-22 07:41 . 2004-07-09 03:26	18688	----a-w-	c:\windows\system32\drivers\wstcodec.sys2010-02-21 22:18 . 2008-06-16 13:28	26624	----a-w-	c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll2010-02-17 00:11 . 2010-02-17 00:11	76600	----a-w-	c:\windows\system32\dk2cp32.dll2010-02-17 00:11 . 2010-02-17 00:11	49720	----a-w-	c:\windows\system32\drivers\dk2drv.sys2010-02-17 00:11 . 2010-02-17 00:11	30520	----a-w-	c:\windows\system32\DK2UInst.exe2010-02-17 00:11 . 2010-02-17 00:11	24488	----a-w-	c:\windows\system32\dk2vdd.dll2010-02-17 00:11 . 2010-02-17 00:11	18360	----a-w-	c:\windows\system32\drivers\DK2USB.sys2010-02-12 14:58 . 2010-02-12 14:58	--------	d-----w-	c:\documents and settings\User\Dane aplikacji\Malwarebytes2010-02-12 14:58 . 2010-01-07 15:07	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys2010-02-12 14:58 . 2010-02-12 14:58	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Malwarebytes2010-02-12 14:58 . 2010-01-07 15:07	19160	----a-w-	c:\windows\system32\drivers\mbam.sys2010-02-12 14:58 . 2010-02-12 14:58	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware2010-02-12 07:21 . 2006-08-29 14:56	32377	----a-w-	c:\windows\system32\drivers\prodigy.sys2010-02-12 07:21 . 2010-02-12 09:54	--------	d-----w-	c:\program files\NSS2010-02-12 07:18 . 2008-04-13 19:15	26112	----a-w-	c:\windows\system32\drivers\usbser.sys2010-02-12 07:18 . 2008-03-21 12:57	14640	------w-	c:\windows\system32\spmsgXP_2k3.dll2010-02-12 07:15 . 2010-02-12 07:15	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Nokia2010-02-12 07:15 . 2010-02-17 00:08	--------	dc----w-	c:\windows\system32\DRVSTORE2010-02-12 07:15 . 2009-10-06 10:52	91136	----a-w-	c:\windows\system32\nmwcdcls.dll2010-02-12 07:14 . 2010-02-17 00:09	--------	d-----w-	c:\program files\Nokia2010-02-12 07:14 . 2010-02-12 07:14	--------	d-----w-	c:\program files\Common Files\Nokia2010-02-12 07:14 . 2010-02-12 07:13	24566576	----a-w-	c:\documents and settings\All Users\Dane aplikacji\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_pl.exe2010-02-12 07:13 . 2010-02-12 07:13	3351812	----a-w-	c:\documents and settings\All Users\Dane aplikacji\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe2010-02-12 07:13 . 2010-02-12 07:13	36864	----a-w-	c:\documents and settings\All Users\Dane aplikacji\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe2010-02-12 07:13 . 2010-02-12 07:13	3203453	----a-w-	c:\documents and settings\All Users\Dane aplikacji\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe2010-02-12 07:13 . 2010-02-12 07:13	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Installations.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2010-03-13 08:00 . 2010-03-13 08:00	--------	d-----w-	c:\program files\microsoft frontpage2010-03-13 07:53 . 2010-01-24 11:38	--------	d-----w-	c:\documents and settings\User\Dane aplikacji\uTorrent2010-03-10 15:14 . 2009-12-20 12:35	--------	d-----w-	c:\program files\XnView2010-03-10 08:05 . 2009-11-17 13:38	--------	d-----w-	c:\program files\ApexDC++2010-03-10 06:42 . 2009-11-17 03:41	--------	d-----w-	c:\program files\Eset2010-03-01 19:22 . 2010-01-31 13:17	--------	d-----w-	c:\program files\DivxToDVD2010-02-26 19:32 . 2009-11-17 03:38	--------	d--h--w-	c:\program files\InstallShield Installation Information2010-02-19 05:30 . 2009-12-11 19:43	--------	d-----w-	c:\documents and settings\User\Dane aplikacji\Skype2010-02-19 05:29 . 2009-12-11 19:56	--------	d-----w-	c:\documents and settings\User\Dane aplikacji\skypePM2010-02-17 16:56 . 2009-11-17 03:39	--------	d-----w-	c:\program files\Common Files\InstallShield2010-02-12 09:05 . 2010-02-12 09:05	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf2010-02-12 07:20 . 2008-06-16 13:28	47898	----a-w-	c:\windows\system32\perfc015.dat2010-02-12 07:20 . 2008-06-16 13:28	352770	----a-w-	c:\windows\system32\perfh015.dat2010-02-12 07:18 . 2010-02-12 07:18	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf2010-02-12 07:18 . 2010-02-12 07:18	0	---ha-w-	c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf2010-02-09 15:39 . 2010-02-09 15:39	--------	d-----w-	c:\program files\MIKSOFT2010-02-07 04:14 . 2010-02-07 04:14	--------	d-----w-	c:\program files\SE Image Tool2010-02-06 08:39 . 2010-02-06 08:39	--------	d-----w-	c:\documents and settings\User\Dane aplikacji\Auslogics2010-02-02 18:17 . 2010-02-02 18:17	--------	d-----w-	c:\program files\ReflexiveArcade2010-01-12 04:03 . 2010-02-02 17:49	6359168	----a-w-	c:\windows\system32\nv4_disp.dll2010-01-12 04:03 . 2010-02-02 17:49	2283526	----a-w-	c:\windows\system32\nvdata.bin2010-01-12 04:03 . 2009-11-17 03:40	592488	----a-w-	c:\windows\system32\nvudisp.exe2010-01-11 10:09 . 2009-11-17 03:40	1324	----a-w-	c:\windows\system32\d3d9caps.dat2009-12-28 10:29 . 2009-12-28 10:29	411368	----a-w-	c:\windows\system32\deploytk.dll2009-12-28 10:29 . 2009-12-28 10:29	152576	----a-w-	c:\documents and settings\User\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll2009-12-28 10:28 . 2009-12-28 10:28	79488	----a-w-	c:\documents and settings\User\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll.------- Sigcheck -------[-] 2008-06-16 . 030DC4D48CC2B894FEE2F390D8E66AD5 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys[-] 2008-06-16 . 335813EACD16E84F3047A3326F6E5473 . 549888 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe[-] 2008-06-16 . 37ED43F3DEC4400586554D61C3129478 . 112128 . . [5.4.3790.5512] . . c:\windows\system32\wuauclt.exe[-] 2008-06-16 . 7F059A93D251284A8BC758327ECD3D69 . 724992 . . [5.82] . . c:\windows\system32\comctl32.dll[-] 2008-07-07 . 04404B7F25984558AD3390BF84C4EB95 . 2153472 . . [5.1.2600.5512] . . c:\windows\system32\ntoskrnl.exe[-] 2007-07-11 . CE594E18FE0D0AF804F1F3694921CE62 . 642560 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll[-] 2008-06-27 . 4EC7ED41D95D18B3CD1A2BD9DFEFB591 . 1424896 . . [6.00.2900.5512] . . c:\windows\explorer.exe[-] 2008-06-16 . C8BDAD4065118558B3DC360FC96D81DB . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll[-] 2008-07-19 . 2BC05E243B86AA8E569EE3C5D8B3C424 . 2032128 . . [5.1.2600.5512] . . c:\windows\system32\ntkrnlpa.exec:\windows\System32\wscntfy.exe ...  - brak elementu !!c:\windows\System32\ctfmon.exe ...  - brak elementu !!c:\windows\System32\regsvc.dll ...  - brak elementu !!.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2004-02-27 745472]"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-01-24 289584][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RTHDCPL"="RTHDCPL.EXE" [2009-07-20 18670592]"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-11-17 949376]"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2006-02-17 163840]"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-09-14 157592]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-28 149280]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_2"="shell32" [X]"nltide_3"="advpack.dll" [2008-06-16 124928]c:\documents and settings\All Users\Menu Start\Programy\Autostart\TSS Instrument API Tray Utility.lnk - c:\program files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe [2007-12-7 77824][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"DisableStatusMessages"= 1 (0x1)[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoSMMyPictures"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoResolveTrack"= 1 (0x1)[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"NoSMHelp"= 1 (0x1)"NoSMMyPictures"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoResolveTrack"= 1 (0x1)[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Gadu-Gadu\\gg.exe"="c:\\Program Files\\ApexDC++\\ApexDC.exe"="e:\\Burnout\\BurnoutLauncher.exe"="e:\\Burnout\\BurnoutConfigTool.exe"="e:\\Burnout\\BurnoutParadise.exe"="c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="e:\\brood\\starcraft.exe"="c:\\Program Files\\uTorrent\\uTorrent.exe"="c:\\WINDOWS\\system32\\dpvsetup.exe"="e:\\CABAL Online (Europe)\\launcher\\update\\ESTdnheadless.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"=R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-11-17 685816]R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [2010-02-17 49720]R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-11-17 15424]R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [2010-02-12 33404]R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [2010-02-12 14272]R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [2010-02-12 16314]R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [2010-02-12 8344]R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [2010-02-12 35226]R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [2010-02-12 10454]S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-17 1684736]S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2008-10-11 13352]S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys --> c:\windows\system32\drivers\nmwcdnsu.sys [?]S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys --> c:\windows\system32\drivers\nmwcdnsuc.sys [?]S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [2010-02-12 32377]S3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [2009-11-28 185344]--- Inne Usługi/Sterowniki w Pamięci ---*NewlyCreated* - HELPSVC..------- Skan uzupełniający -------.uStart Page = about:blankuInternet Connection Wizard,ShellNext = hxxp://www.apexdc.net/releasenotes/1.2.2/IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000LSP: imon.dllFF - ProfilePath - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\gn0ef9df.default\FF - prefs.js: browser.startup.homepage - google.plFF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dll---- FIREFOX - SPOSÓB POSTĘPOWANIA ----c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);.- - - - USUNIĘTO PUSTE WPISY - - - -HKLM-Run-nwiz - nwiz.exeAddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url=http://www.gmer.net]GMER - Rootkit Detector and Remover[/url]Rootkit scan 2010-03-13 09:01Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [url=http://www.gmer.net]GMER - Rootkit Detector and Remover[/url]device: opened successfullyuser: MBR read successfullycalled modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x89BBB8AC]<< kernel: MBR read successfullydetected MBR rootkit hooks:\Driver\Disk -> CLASSPNP.SYS @ 0xf764bf28\Driver\ACPI -> ACPI.sys @ 0xf74abcb8\Driver\atapi -> atapi.sys @ 0xf7833b40IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e6686 ParseProcedure -> ntoskrnl.exe @ 0x8057b6b9\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e6686 ParseProcedure -> ntoskrnl.exe @ 0x8057b6b9NDIS: Realtek PCIe GBE Family Controller -> SendCompleteHandler -> NDIS.sys @ 0xf7a20bb0 PacketIndicateHandler -> NDIS.sys @ 0xf7a2da21 SendHandler -> NDIS.sys @ 0xf7a0b87buser & kernel MBR OK **************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]"ImagePath"="c:\windows\system32\GameMon.des -service".--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(772)c:\windows\system32\sfc_os.dllc:\windows\system32\cscui.dll- - - - - - - > 'lsass.exe'(828)c:\windows\system32\scecli.dllc:\windows\system32\imon.dllc:\program files\Eset\pr_imon.dll- - - - - - - > 'explorer.exe'(408)c:\windows\system32\SHDOCVW.dllc:\windows\system32\COMRes.dllc:\windows\System32\cscui.dllc:\windows\system32\LINKINFO.dllc:\windows\system32\ntshrui.dllc:\program files\Gadu-Gadu\ggwhook.dllc:\windows\system32\wpdshext.dllc:\windows\system32\portabledeviceapi.dllc:\windows\system32\audiodev.dllc:\windows\system32\WMVCore.DLLc:\windows\system32\WMASF.DLLc:\windows\system32\msi.dllc:\windows\system32\wpdshserviceobj.dllc:\windows\system32\portabledevicetypes.dllc:\windows\system32\NETSHELL.dllc:\windows\system32\credui.dllc:\windows\system32\MSVCP60.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\windows\system32\nvsvc32.exec:\windows\RTHDCPL.EXEc:\program files\Java\jre6\bin\jqs.exec:\program files\Common Files\Nokia\Tss\Instrument API\bin\root.exec:\program files\Eset\nod32krn.exe.**************************************************************************.Czas ukończenia: 2010-03-13  09:03:41 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt  2010-03-13 08:03Przed: 83 324 084 224 bajtów wolnychPo: 85 386 694 656 bajtów wolnych- - End Of File - - B9DDC1451B6D8194BC525B9F5DF06D0E

 

OTL:

 

OTL logfile created on: 2010-03-13 08:39:25 - Run 1OTL by OldTimer - Version 3.1.37.0     Folder = C:\Documents and Settings\User\PulpitWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 7.0.5730.11)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 98,64 Gb Total Space | 73,83 Gb Free Space | 74,86% Space Free | Partition Type: NTFSDrive D: | 342,77 Gb Total Space | 42,45 Gb Free Space | 12,38% Space Free | Partition Type: NTFSDrive E: | 154,76 Gb Total Space | 129,16 Gb Free Space | 83,46% Space Free | Partition Type: NTFSDrive F: | 1,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFSG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: HUSKYCurrent User Name: UserLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-03-12 17:54:13 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2010-03-12 13:35:07 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exePRC - [2010-01-24 12:38:40 | 000,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exePRC - [2009-11-17 04:51:07 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32kui.exePRC - [2009-11-17 04:51:07 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exePRC - [2008-06-27 16:36:58 | 001,424,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2007-12-07 16:55:08 | 000,380,928 | ---- | M] () -- C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exePRC - [2006-09-14 21:09:07 | 000,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exePRC - [2006-02-17 17:14:22 | 000,163,840 | ---- | M] (A4Tech Co., Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exePRC - [2004-02-27 11:03:26 | 000,745,472 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe  [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-03-12 13:35:07 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exeMOD - [2004-08-24 14:43:52 | 000,036,864 | ---- | M] (A4Tech Co., Ltd.) -- C:\WINDOWS\system32\Amhooker.dllMOD - [2000-07-07 18:42:56 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll  [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] --  -- (ALG)SRV - [2009-11-17 04:51:07 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)SRV - [2009-11-17 02:12:00 | 003,596,060 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)  [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-02-17 01:11:42 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dk2drv.sys -- (dk2drv)DRV - [2010-02-12 08:49:28 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\parldr2k.sys -- (PARLDR2K)DRV - [2010-02-12 08:49:20 | 000,035,226 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsvcom.sys -- (FLSVCOM)DRV - [2010-02-12 08:49:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flspar.sys -- (FLSPAR)DRV - [2010-02-12 08:49:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsser.sys -- (FLSSER)DRV - [2010-02-12 08:49:19 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fle5wnnt.sys -- (FLE5WNNT)DRV - [2010-02-12 08:49:19 | 000,014,272 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsiface.sys -- (FLSIFACE)DRV - [2010-01-12 05:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)DRV - [2009-12-11 18:00:41 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)DRV - [2009-11-17 04:51:07 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)DRV - [2009-11-17 04:51:07 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)DRV - [2009-11-12 22:42:16 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)DRV - [2009-07-20 18:08:26 | 005,795,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)DRV - [2009-06-05 14:16:32 | 000,142,336 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)DRV - [2008-08-05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)DRV - [2008-06-16 14:28:36 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)DRV - [2007-09-25 15:37:50 | 000,020,520 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)DRV - [2007-09-25 15:37:48 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)DRV - [2006-08-29 15:56:20 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY)DRV - [2006-05-09 16:26:06 | 000,013,312 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)DRV - [2006-01-11 14:33:32 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)DRV - [2006-01-04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)DRV - [2005-06-13 09:08:36 | 000,085,664 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)DRV - [2005-06-13 09:06:58 | 000,087,792 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)DRV - [2005-06-13 09:05:16 | 000,096,224 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)DRV - [2005-06-13 09:05:08 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)DRV - [2005-06-13 09:03:12 | 000,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)DRV - [2005-02-11 09:24:24 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)DRV - [2005-02-11 09:22:48 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)DRV - [2005-02-11 09:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)DRV - [2005-02-11 09:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)DRV - [2005-02-11 09:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)DRV - [2004-10-07 15:37:16 | 000,185,344 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8180.sys -- (rtl8180) Realtek RTL8180 Wireless LAN (Mini-)DRV - [2004-08-12 17:45:54 | 000,137,728 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)  [color=#E56717]========== Standard Registry (SafeList) ==========[/color]  [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blankIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl"FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.1FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-12 17:54:25 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-12 17:54:25 | 000,000,000 | ---D | M] [2009-11-17 14:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions[2010-03-11 17:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\gn0ef9df.default\extensions[2009-11-17 14:42:24 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\gn0ef9df.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}[2010-02-11 09:28:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\gn0ef9df.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}[2010-01-04 15:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions[2009-11-16 16:23:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll[2010-03-12 17:54:21 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml[2010-03-12 17:54:21 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml[2010-03-12 17:54:21 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml[2010-03-12 17:54:21 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml[2010-03-12 17:54:21 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml[2010-03-12 17:54:21 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2008-06-16 14:28:36 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1       localhostO2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz]  File not foundO4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co., Ltd.)O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (sms-express.com)O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TSS Instrument API Tray Utility.lnk = C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe (Nokia)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not foundO10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not foundO10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not foundO10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not foundO10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not foundO10 - Protocol_Catalog9\Catalog_Entries\000000000011 -  File not foundO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab[/url] (Java Plug-in 1.6.0_17)O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab[/url] (Java Plug-in 1.6.0_17)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab[/url] (Java Plug-in 1.6.0_17)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url=http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/url] (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.177.196.4 195.177.196.3 195.177.196.14O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Bieżąca strona główna) - About:HomeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-11-17 04:23:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *) -  File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-03-13 00:04:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\User\Recent[2010-03-12 13:34:52 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe[2010-03-01 23:24:19 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn0415.exe[2010-02-28 19:19:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF[2010-02-26 20:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Ubisoft[2010-02-26 20:31:19 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll[2010-02-26 20:31:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll[2010-02-26 20:31:18 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll[2010-02-26 20:31:16 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll[2010-02-26 20:31:16 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll[2010-02-26 20:31:14 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll[2010-02-26 20:31:13 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll[2010-02-22 08:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\My Games[2010-02-22 08:41:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages[2010-02-22 08:41:00 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll[2010-02-22 08:40:59 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll[2010-02-22 08:40:59 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys[2010-02-22 08:40:58 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax[2010-02-22 08:40:58 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax[2010-02-22 08:40:58 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax[2010-02-22 08:40:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax[2010-02-22 08:40:58 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys[2010-02-22 08:40:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax[2010-02-22 08:40:58 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys[2010-02-22 08:40:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax[2010-02-22 08:40:55 | 001,962,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll[2010-02-22 08:40:55 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll[2010-02-22 08:40:55 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll[2010-02-22 08:40:55 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe[2010-02-22 08:40:55 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll[2010-02-22 08:40:55 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll[2010-02-22 08:40:55 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdvd.dll[2010-02-22 08:40:55 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll[2010-02-22 08:40:55 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll[2010-02-22 08:40:55 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll[2010-02-22 08:40:55 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll[2010-02-22 08:40:55 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll[2010-02-22 08:40:55 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll[2010-02-22 08:40:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll[2010-02-22 08:40:55 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll[2010-02-22 08:40:55 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll[2010-02-22 08:40:55 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll[2010-02-22 08:40:55 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll[2010-02-22 08:40:55 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll[2010-02-22 08:40:55 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll[2010-02-22 08:40:55 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll[2010-02-22 08:40:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe[2010-02-22 08:40:55 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll[2010-02-22 08:40:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll[2010-02-22 08:40:55 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll[2010-02-22 08:40:55 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll[2010-02-22 08:40:55 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys[2010-02-22 08:40:54 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll[2010-02-22 08:40:54 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll[2010-02-22 08:40:54 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll[2010-02-22 08:40:54 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll[2010-02-22 08:40:54 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll[2010-02-22 08:40:54 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll[2010-02-22 08:40:54 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll[2010-02-22 08:40:54 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll[2010-02-22 08:40:54 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll[2010-02-22 08:40:54 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll[2010-02-22 08:40:54 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll[2010-02-22 08:40:54 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll[2010-02-22 08:40:54 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll[2010-02-22 08:40:54 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl[2010-02-22 08:40:54 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll[2010-02-22 08:40:54 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll[2010-02-22 08:40:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe[2010-02-22 08:40:54 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll[2010-02-22 08:40:54 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll[2010-02-22 08:40:54 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll[2010-02-22 08:40:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll[2010-02-22 08:40:54 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll[2010-02-22 08:40:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll[2010-02-22 08:40:54 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe[2010-02-22 08:40:54 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll[2010-02-22 08:40:54 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll[2010-02-22 08:40:54 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe[2010-02-22 08:40:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll[2010-02-22 08:40:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll[2010-02-22 08:40:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll[2010-02-17 01:11:42 | 000,076,600 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\dk2cp32.dll[2010-02-17 01:11:42 | 000,060,216 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\DESkey32.cpl[2010-02-17 01:11:42 | 000,049,720 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\dk2drv.sys[2010-02-17 01:11:42 | 000,030,520 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\DK2UInst.exe[2010-02-17 01:11:42 | 000,024,488 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\dk2vdd.dll[2010-02-17 01:11:42 | 000,018,360 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\DK2USB.sys[2010-02-12 15:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Malwarebytes[2010-02-12 15:58:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys[2010-02-12 15:58:53 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2010-02-12 15:58:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes[2010-02-12 15:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2010-02-12 09:59:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt[2010-02-12 08:49:28 | 000,010,454 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\parldr2k.sys[2010-02-12 08:49:20 | 000,079,408 | ---- | C] (DESkey) -- C:\WINDOWS\System32\flsport.cpl[2010-02-12 08:49:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FLSUSB\FLSUSB.SYS[2010-02-12 08:49:20 | 000,051,798 | ---- | C] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FLSUSB.SYS[2010-02-12 08:49:20 | 000,035,226 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\flsvcom.sys[2010-02-12 08:49:20 | 000,016,314 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\flspar.sys[2010-02-12 08:49:20 | 000,008,344 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\flsser.sys[2010-02-12 08:49:19 | 000,425,984 | ---- | C] (NMP) -- C:\WINDOWS\System32\fls1wn32.dll[2010-02-12 08:49:19 | 000,080,160 | ---- | C] (NMP) -- C:\WINDOWS\System32\fls1wn16.dll[2010-02-12 08:49:19 | 000,077,896 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FLSUSB\FLS5FWLD.SYS[2010-02-12 08:49:19 | 000,077,896 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FLS5FWLD.SYS[2010-02-12 08:49:19 | 000,075,336 | ---- | C] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FLSUSB\FLS5USB.SYS[2010-02-12 08:49:19 | 000,075,336 | ---- | C] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FLS5USB.SYS[2010-02-12 08:49:19 | 000,069,760 | ---- | C] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FD1USB.SYS[2010-02-12 08:49:19 | 000,061,440 | ---- | C] (Data Encryption Systems Ltd) -- C:\WINDOWS\System32\fle5wn32.dll[2010-02-12 08:49:19 | 000,053,248 | ---- | C] (Data Encryption Systems Ltd) -- C:\WINDOWS\System32\FLS5FL32.DLL[2010-02-12 08:49:19 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FLSUSB\FlsFWLdr.sys[2010-02-12 08:49:19 | 000,050,175 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FlsFWLdr.sys[2010-02-12 08:49:19 | 000,033,404 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\fle5wnnt.sys[2010-02-12 08:49:19 | 000,022,064 | ---- | C] (NMP) -- C:\WINDOWS\System32\fle5wn16.dll[2010-02-12 08:49:19 | 000,014,272 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\flsiface.sys[2010-02-12 08:49:19 | 000,009,400 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\flscoins.dll[2010-02-12 08:49:19 | 000,009,400 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FLSUSB\flscoins.dll[2010-02-12 08:49:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\FLSUSB[2010-02-12 08:49:16 | 000,092,984 | ---- | C] (Data Encryption Systems Ltd) -- C:\WINDOWS\System32\DNClnt32.dll[2010-02-12 08:49:16 | 000,089,400 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\DNCP32.DLL[2010-02-12 08:49:16 | 000,064,312 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\vercp32.dll[2010-02-12 08:49:16 | 000,032,208 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\dk2win16.dll[2010-02-12 08:49:16 | 000,014,856 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\dkpccard.sys[2010-02-12 08:49:16 | 000,011,576 | ---- | C] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\DKCLINST.DLL[2010-02-12 08:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESkey[2010-02-12 08:28:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\nokia hubsona[2010-02-12 08:21:44 | 000,032,377 | ---- | C] (B-phreaks) -- C:\WINDOWS\System32\drivers\prodigy.sys[2010-02-12 08:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\NSS[2010-02-12 08:18:06 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll[2010-02-12 08:15:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia[2010-02-12 08:15:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE[2010-02-12 08:15:07 | 000,091,136 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll[2010-02-12 08:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia[2010-02-12 08:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia[2010-02-12 08:13:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations[2009-11-17 04:25:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft[2009-11-17 04:25:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft[2009-11-17 04:23:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft[2009-11-17 04:23:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-03-13 08:35:25 | 000,178,688 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-03-13 08:27:41 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml[2010-03-13 08:27:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2010-03-13 08:27:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010-03-13 00:04:36 | 002,621,440 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT[2010-03-12 19:02:54 | 004,803,544 | -H-- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db[2010-03-12 13:37:14 | 003,887,900 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\ComboFix.exe[2010-03-12 13:35:07 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe[2010-03-10 09:05:18 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\ApexDC++.lnk[2010-03-10 01:11:28 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2010-02-28 19:19:39 | 000,000,439 | ---- | M] () -- C:\WINDOWS\system.ini[2010-02-25 08:54:53 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2010-02-24 15:45:03 | 000,000,583 | ---- | M] () -- C:\WINDOWS\QIII.INI[2010-02-17 18:04:06 | 000,000,529 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Jagged Alliance 2 Wildfire.lnk[2010-02-17 01:11:42 | 000,076,600 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\dk2cp32.dll[2010-02-17 01:11:42 | 000,060,216 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\DESkey32.cpl[2010-02-17 01:11:42 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\dk2drv.sys[2010-02-17 01:11:42 | 000,030,520 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\DK2UInst.exe[2010-02-17 01:11:42 | 000,024,488 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\dk2vdd.dll[2010-02-17 01:11:42 | 000,018,360 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\DK2USB.sys[2010-02-17 01:11:42 | 000,010,503 | ---- | M] () -- C:\WINDOWS\System32\dk2cp32.hlp[2010-02-17 01:11:42 | 000,006,013 | ---- | M] () -- C:\WINDOWS\System32\DESkey32.hlp[2010-02-17 01:07:55 | 000,004,430 | ---- | M] () -- C:\WINDOWS\System32\FLSINSTU.INI[2010-02-12 15:58:58 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk[2010-02-12 10:05:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf[2010-02-12 08:51:12 | 000,000,256 | ---- | M] () -- C:\dk2.mem[2010-02-12 08:50:25 | 000,001,971 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TSS Instrument API Tray Utility.lnk[2010-02-12 08:50:25 | 000,001,760 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Phoenix.lnk[2010-02-12 08:49:28 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\parldr2k.sys[2010-02-12 08:49:25 | 000,000,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\FLSUSB\FLSUSB.INI[2010-02-12 08:49:20 | 000,079,408 | ---- | M] (DESkey) -- C:\WINDOWS\System32\flsport.cpl[2010-02-12 08:49:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FLSUSB\FLSUSB.SYS[2010-02-12 08:49:20 | 000,051,798 | ---- | M] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FLSUSB.SYS[2010-02-12 08:49:20 | 000,035,226 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\flsvcom.sys[2010-02-12 08:49:20 | 000,023,120 | ---- | M] () -- C:\WINDOWS\System32\drivers\FPGA8501.rd4[2010-02-12 08:49:20 | 000,022,928 | ---- | M] () -- C:\WINDOWS\System32\drivers\FPGA8501U.rd4[2010-02-12 08:49:20 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\flspar.sys[2010-02-12 08:49:20 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\flsser.sys[2010-02-12 08:49:20 | 000,007,202 | ---- | M] () -- C:\WINDOWS\System32\drivers\FLSUSB\flsvser.cat[2010-02-12 08:49:20 | 000,004,430 | ---- | M] () -- C:\WINDOWS\System32\flsinst.ini[2010-02-12 08:49:20 | 000,000,064 | ---- | M] () -- C:\WINDOWS\FLS1.INI[2010-02-12 08:49:19 | 000,425,984 | ---- | M] (NMP) -- C:\WINDOWS\System32\fls1wn32.dll[2010-02-12 08:49:19 | 000,107,816 | ---- | M] () -- C:\WINDOWS\System32\FLSDEVCP.EXE[2010-02-12 08:49:19 | 000,080,160 | ---- | M] (NMP) -- C:\WINDOWS\System32\fls1wn16.dll[2010-02-12 08:49:19 | 000,077,896 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FLSUSB\FLS5FWLD.SYS[2010-02-12 08:49:19 | 000,077,896 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FLS5FWLD.SYS[2010-02-12 08:49:19 | 000,075,336 | ---- | M] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FLSUSB\FLS5USB.SYS[2010-02-12 08:49:19 | 000,075,336 | ---- | M] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FLS5USB.SYS[2010-02-12 08:49:19 | 000,069,760 | ---- | M] (Data Encryption Systems) -- C:\WINDOWS\System32\drivers\FD1USB.SYS[2010-02-12 08:49:19 | 000,061,440 | ---- | M] (Data Encryption Systems Ltd) -- C:\WINDOWS\System32\fle5wn32.dll[2010-02-12 08:49:19 | 000,053,248 | ---- | M] (Data Encryption Systems Ltd) -- C:\WINDOWS\System32\FLS5FL32.DLL[2010-02-12 08:49:19 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FLSUSB\FlsFWLdr.sys[2010-02-12 08:49:19 | 000,050,175 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FlsFWLdr.sys[2010-02-12 08:49:19 | 000,040,070 | ---- | M] () -- C:\WINDOWS\System32\drivers\FLS8500.LDR[2010-02-12 08:49:19 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\fle5wnnt.sys[2010-02-12 08:49:19 | 000,022,064 | ---- | M] (NMP) -- C:\WINDOWS\System32\fle5wn16.dll[2010-02-12 08:49:19 | 000,020,388 | ---- | M] () -- C:\WINDOWS\System32\drivers\fls8200.ldr[2010-02-12 08:49:19 | 000,020,320 | ---- | M] () -- C:\WINDOWS\System32\drivers\fls8000.ldr[2010-02-12 08:49:19 | 000,019,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\fls8100.ldr[2010-02-12 08:49:19 | 000,019,157 | ---- | M] () -- C:\WINDOWS\System32\drivers\fls8400.ldr[2010-02-12 08:49:19 | 000,014,272 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\flsiface.sys[2010-02-12 08:49:19 | 000,009,400 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\flscoins.dll[2010-02-12 08:49:19 | 000,009,400 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\FLSUSB\flscoins.dll[2010-02-12 08:49:19 | 000,008,522 | ---- | M] () -- C:\WINDOWS\System32\drivers\FLSUSB\fls5usb.cat[2010-02-12 08:49:19 | 000,004,188 | ---- | M] () -- C:\WINDOWS\System32\drivers\FLSUSB\FLS5.INF[2010-02-12 08:49:19 | 000,003,024 | ---- | M] () -- C:\WINDOWS\System32\drivers\FLSUSB\FLS5VSER.INF[2010-02-12 08:49:18 | 001,990,656 | ---- | M] () -- C:\WINDOWS\System32\FLSINST.DLL[2010-02-12 08:49:18 | 000,009,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\FLSUSB\DKU8.cat[2010-02-12 08:49:18 | 000,003,887 | ---- | M] () -- C:\WINDOWS\System32\drivers\FLSUSB\DKU8.inf[2010-02-12 08:49:16 | 000,092,984 | ---- | M] (Data Encryption Systems Ltd) -- C:\WINDOWS\System32\DNClnt32.dll[2010-02-12 08:49:16 | 000,092,984 | ---- | M] () -- C:\WINDOWS\System32\dkcpanel.exe[2010-02-12 08:49:16 | 000,089,400 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\DNCP32.DLL[2010-02-12 08:49:16 | 000,064,312 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\vercp32.dll[2010-02-12 08:49:16 | 000,032,208 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\dk2win16.dll[2010-02-12 08:49:16 | 000,014,856 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\drivers\dkpccard.sys[2010-02-12 08:49:16 | 000,011,576 | ---- | M] (Data Encryption Systems Limited) -- C:\WINDOWS\System32\DKCLINST.DLL[2010-02-12 08:49:16 | 000,009,227 | ---- | M] () -- C:\WINDOWS\System32\DNCP32.HLP[2010-02-12 08:49:15 | 002,325,304 | ---- | M] () -- C:\WINDOWS\System32\DK2INST.DLL[2010-02-12 08:20:02 | 000,755,114 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2010-02-12 08:20:02 | 000,352,770 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2010-02-12 08:20:02 | 000,309,094 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2010-02-12 08:20:02 | 000,047,898 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2010-02-12 08:20:02 | 000,038,722 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2010-02-12 08:18:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf[2010-02-12 08:18:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-03-12 13:36:15 | 003,887,900 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\ComboFix.exe[2010-02-24 15:45:03 | 000,000,583 | ---- | C] () -- C:\WINDOWS\QIII.INI[2010-02-22 08:40:59 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll[2010-02-22 08:40:59 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax[2010-02-22 08:40:59 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax[2010-02-22 08:40:56 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll[2010-02-22 08:40:55 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax[2010-02-22 08:40:55 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll[2010-02-22 08:40:55 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll[2010-02-22 08:40:55 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll[2010-02-17 18:04:06 | 000,000,529 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Jagged Alliance 2 Wildfire.lnk[2010-02-17 01:11:42 | 000,010,503 | ---- | C] () -- C:\WINDOWS\System32\dk2cp32.hlp[2010-02-17 01:11:42 | 000,006,013 | ---- | C] () -- C:\WINDOWS\System32\DESkey32.hlp[2010-02-17 01:07:55 | 000,004,430 | ---- | C] () -- C:\WINDOWS\System32\FLSINSTU.INI[2010-02-12 15:58:58 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk[2010-02-12 10:05:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf[2010-02-12 08:51:12 | 000,000,256 | ---- | C] () -- C:\dk2.mem[2010-02-12 08:50:25 | 000,001,971 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TSS Instrument API Tray Utility.lnk[2010-02-12 08:50:25 | 000,001,760 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Phoenix.lnk[2010-02-12 08:49:23 | 000,000,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\FLSUSB\FLSUSB.INI[2010-02-12 08:49:20 | 000,023,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\FPGA8501.rd4[2010-02-12 08:49:20 | 000,022,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\FPGA8501U.rd4[2010-02-12 08:49:20 | 000,007,202 | ---- | C] () -- C:\WINDOWS\System32\drivers\FLSUSB\flsvser.cat[2010-02-12 08:49:20 | 000,004,430 | ---- | C] () -- C:\WINDOWS\System32\flsinst.ini[2010-02-12 08:49:20 | 000,000,064 | ---- | C] () -- C:\WINDOWS\FLS1.INI[2010-02-12 08:49:19 | 000,107,816 | ---- | C] () -- C:\WINDOWS\System32\FLSDEVCP.EXE[2010-02-12 08:49:19 | 000,040,070 | ---- | C] () -- C:\WINDOWS\System32\drivers\FLS8500.LDR[2010-02-12 08:49:19 | 000,020,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\fls8200.ldr[2010-02-12 08:49:19 | 000,020,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\fls8000.ldr[2010-02-12 08:49:19 | 000,019,277 | ---- | C] () -- C:\WINDOWS\System32\drivers\fls8100.ldr[2010-02-12 08:49:19 | 000,019,157 | ---- | C] () -- C:\WINDOWS\System32\drivers\fls8400.ldr[2010-02-12 08:49:19 | 000,008,522 | ---- | C] () -- C:\WINDOWS\System32\drivers\FLSUSB\fls5usb.cat[2010-02-12 08:49:19 | 000,004,188 | ---- | C] () -- C:\WINDOWS\System32\drivers\FLSUSB\FLS5.INF[2010-02-12 08:49:19 | 000,003,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\FLSUSB\FLS5VSER.INF[2010-02-12 08:49:18 | 001,990,656 | ---- | C] () -- C:\WINDOWS\System32\FLSINST.DLL[2010-02-12 08:49:18 | 000,009,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\FLSUSB\DKU8.cat[2010-02-12 08:49:18 | 000,003,887 | ---- | C] () -- C:\WINDOWS\System32\drivers\FLSUSB\DKU8.inf[2010-02-12 08:49:16 | 000,092,984 | ---- | C] () -- C:\WINDOWS\System32\dkcpanel.exe[2010-02-12 08:49:16 | 000,009,227 | ---- | C] () -- C:\WINDOWS\System32\DNCP32.HLP[2010-02-12 08:49:15 | 002,325,304 | ---- | C] () -- C:\WINDOWS\System32\DK2INST.DLL[2010-02-12 08:18:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf[2010-02-12 08:18:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf[2009-11-30 00:59:19 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2009-11-28 12:10:41 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI[2009-11-18 00:39:00 | 000,178,688 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-11-17 15:02:46 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2009-11-17 14:58:42 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys[2009-11-17 14:38:57 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest[2009-11-17 14:38:56 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2009-11-17 04:51:08 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys[2009-11-17 04:38:56 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll[2008-07-20 01:16:28 | 000,000,819 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\WINDOWS\System32\dk2win32.dll< End of report >

 

Na koniec wspomnę o jednej dziwnej sprawie, chciałem z rana puścić skaner z antywirusa NOD32 kiedy się zorientowałem, że nie ma żadnych modułów i filtrów ( AMONM, EMON, NOD32 i reszty, po prostu poznikały jakby coś je zżarło 8O )

 

[Kolobos]

Czy jakis proces obciaza procesor?

 

Nod przeinstaluj.

[borozu]

Noda przeinstaluję najpewniej wieczorem, procesor ma parę procent obciążenia max.

[ULLISSES]

Ja proponuję odinstalować NOD i wrzucić Avirę. Albo NOD się posypał i źle działa zmulając kompa, albo zjada go robak. Popularne antywirusy są częstym celem ataków wirusów.

[borozu]

Nod powrócił do poprawnego działania po restarcie komputera i komp także przestał "zamulać". Co rusz odpalam przeróżne skanery by się upewnić w 100%, że pozbyłem się wszystkich wirusków.