Skocz do zawartości
piter488

Wirus TROJAN.BHO.KMY.

Przez piter488, w Centrum Bezpieczeństwa

Rekomendowane odpowiedzi

piter488 Newbie

piter488

Opublikowano
Opublikowano

Witam.

Co 2-3godz.net zaczyna się wieszać ,robię reset i jest OK,ale po 2-3godz to samo.Skanowałem Malwarebytes (nic nie wykrył) Dr.Web pokazał 2 infekcje i usunął .Skan Spyware Doctor pokazuje ;zagrożenie wysokie

Trojan.BHO.KMY. plik: C\WINDOWS\SYSTEM32\ctfmon(2).exe

Proszę o pomoc w usunięciu tego Trojana.

 

 

Log z OTL

OTL logfile created on: 2010-03-26 23:51:48 - Run 3

OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Ppp\Moje dokumenty\Pobieranie

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

1 023,00 Mb Total Physical Memory | 320,00 Mb Available Physical Memory | 31,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 66,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 35,15 Gb Total Space | 5,65 Gb Free Space | 16,08% Space Free | Partition Type: NTFS

Drive D: | 39,37 Gb Total Space | 27,62 Gb Free Space | 70,15% Space Free | Partition Type: NTFS

Drive E: | 1,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: PPP-01524B0F4EA

Current User Name: Ppp

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 60 Days

Output = Standard

 

========== Processes (All) ==========

 

PRC - [2010-03-26 23:28:02 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ppp\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2010-03-24 13:37:46 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010-01-13 23:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe

PRC - [2009-12-23 17:14:30 | 014,100,888 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exe

PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe

PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe

PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

PRC - [2009-11-18 12:47:14 | 001,243,088 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe

PRC - [2009-11-13 07:00:39 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe

PRC - [2009-11-10 10:28:08 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe

PRC - [2009-11-06 14:29:22 | 001,141,712 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe

PRC - [2009-10-30 11:18:16 | 000,359,624 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe

PRC - [2009-10-11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe

PRC - [2009-10-11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2009-09-25 00:00:00 | 000,138,568 | ---- | M] (WinAbility® Software Corporation) -- C:\Program Files\Folder Guard\FGKey.exe

PRC - [2009-03-11 11:00:54 | 024,095,528 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe

PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe

PRC - [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe

PRC - [2008-04-14 18:21:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe

PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]

PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]

PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]

PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]

PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]

PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [imgSVC]

PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]

PRC - [2008-04-14 18:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe

PRC - [2008-04-14 18:21:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe

PRC - [2008-04-14 18:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe

PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008-04-14 18:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe

PRC - [2008-04-14 18:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe

PRC - [2008-04-14 18:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe

PRC - [2005-06-06 22:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

PRC - [2005-03-31 10:18:49 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe

PRC - [2004-12-22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

PRC - [2004-08-25 06:26:56 | 000,389,120 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe

PRC - [2004-07-14 07:44:40 | 000,585,728 | R--- | M] (VIA Technologies) -- C:\Program Files\VIA\RAID\raid_tool.exe

PRC - [2003-10-31 19:42:40 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

 

 

========== Modules (All) ==========

 

MOD - [2010-03-26 23:28:02 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ppp\Moje dokumenty\Pobieranie\OTL.exe

MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll

MOD - [2009-10-30 11:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll

MOD - [2009-09-25 00:00:00 | 000,112,968 | ---- | M] (WinAbility® Software Corporation) -- C:\Program Files\Folder Guard\FGH32.dll

MOD - [2009-09-09 22:54:58 | 000,155,184 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\smum32.dll

MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll

MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll

MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll

MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll

MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll

MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll

MOD - [2008-10-15 17:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll

MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll

MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll

MOD - [2008-04-14 18:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv

MOD - [2008-04-14 18:20:59 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll

MOD - [2008-04-14 18:20:57 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll

MOD - [2008-04-14 18:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll

MOD - [2008-04-14 18:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll

MOD - [2008-04-14 18:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll

MOD - [2008-04-14 18:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll

MOD - [2008-04-14 18:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll

MOD - [2008-04-14 18:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll

MOD - [2008-04-14 18:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll

MOD - [2008-04-14 18:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll

MOD - [2008-04-14 18:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll

MOD - [2008-04-14 18:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll

MOD - [2008-04-14 18:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll

MOD - [2008-04-14 18:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll

MOD - [2008-04-14 18:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll

MOD - [2008-04-14 18:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime

MOD - [2008-04-14 17:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

MOD - [2000-07-07 17:42:56 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)

SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)

SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)

SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)

SRV - [2009-11-10 10:28:08 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)

SRV - [2009-11-06 14:29:22 | 001,141,712 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)

SRV - [2009-10-30 11:18:16 | 000,359,624 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)

SRV - [2005-11-14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)

DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2009-11-09 11:20:12 | 000,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)

DRV - [2009-09-25 00:00:00 | 000,055,376 | ---- | M] (WinAbility® Software Corporation) [Kernel | Auto | Running] -- C:\Program Files\Folder Guard\FGUARD32.sys -- (FGUARD32)

DRV - [2006-09-18 13:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)

DRV - [2006-09-18 13:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)

DRV - [2006-09-18 13:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)

DRV - [2006-09-18 13:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)

DRV - [2006-09-18 13:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)

DRV - [2006-09-18 13:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)

DRV - [2006-09-18 13:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)

DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)

DRV - [2004-08-25 06:28:46 | 000,787,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)

DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)

DRV - [2003-07-01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = Search Assistant

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Internet Explorer Search

IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-789336058-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKU\S-1-5-21-789336058-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Recherche Google

IE - HKU\S-1-5-21-789336058-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !

IE - HKU\S-1-5-21-789336058-1177238915-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKU\S-1-5-21-789336058-1177238915-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"

FF - prefs.js..browser.search.defaultthis.engineName: "4shared Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Crawler Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3

FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.6.0.20

FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.19.1

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8

FF - prefs.js..extensions.enabledItems: {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2

FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1

FF - prefs.js..network.proxy.http: "174.142.24.201"

FF - prefs.js..network.proxy.http_port: 3128

 

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-24 23:34:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-24 13:37:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

 

[2009-03-29 17:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Extensions

[2009-12-28 15:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\9z33mup4.default\extensions

[2010-03-26 17:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions

[2010-02-19 02:19:26 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}

[2009-09-03 05:45:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010-03-12 09:29:04 | 000,000,000 | ---D | M] (Linkification) -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}

[2010-03-03 12:12:16 | 000,000,000 | ---D | M] (oldbar) -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}

[2010-03-01 13:03:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010-03-01 13:03:47 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2010-03-04 17:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\autopager@mozilla.org

[2010-03-01 13:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\foxyproxy@eric.h.jung

[2009-11-12 19:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\extensions\piclens@cooliris.com

[2010-03-01 18:50:57 | 000,000,905 | ---- | M] () -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\searchplugins\conduit.xml

[2010-02-19 02:21:51 | 000,001,201 | ---- | M] () -- C:\Documents and Settings\Ppp\Dane aplikacji\Mozilla\Firefox\Profiles\oa86d9w8.default\searchplugins\winamp-search.xml

[2010-03-26 19:34:57 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2009-12-02 19:26:25 | 000,000,000 | ---D | M] (QuestService) -- C:\Program Files\Mozilla Firefox\extensions\{F2DDDB92-1605-4260-9B25-45A4DAE87B50}(2)

[2010-02-15 10:59:20 | 000,931,328 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBOARDS.dll

[2009-08-31 13:10:22 | 000,550,400 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS70.dll

[2009-08-31 13:10:26 | 000,550,400 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS80.dll

[2009-08-31 13:10:32 | 000,546,304 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS90.dll

[2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

[2010-03-12 21:25:25 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2009-09-21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

[2010-03-12 21:25:25 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2010-03-12 21:25:25 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2010-03-12 21:25:25 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2010-03-12 21:25:25 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2010-03-12 21:25:25 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

 

O1 HOSTS File: ([2009-12-28 15:48:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Ppp\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O3 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.

O3 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)

O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [FG_Monitor] C:\Program Files\Folder Guard\FGKey.exe (WinAbility® Software Corporation)

O4 - HKLM..\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)

O4 - HKU\.DEFAULT..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)

O4 - HKU\S-1-5-18..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)

O4 - HKU\S-1-5-21-789336058-1177238915-725345543-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()

O4 - HKU\S-1-5-21-789336058-1177238915-725345543-1003..\Run: [bitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)

O4 - HKU\S-1-5-21-789336058-1177238915-725345543-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (sms-express.com)

O4 - HKU\S-1-5-21-789336058-1177238915-725345543-1003..\Run: [iPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)

O4 - HKU\S-1-5-21-789336058-1177238915-725345543-1003..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O7 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Ppp\Moje dokumenty\Moje obrazy\w.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ppp\Moje dokumenty\Moje obrazy\w.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-03-28 17:29:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-12-09 00:31:58 | 000,000,000 | ---D | M]

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

========== Files/Folders - Created Within 60 Days ==========

 

[2010-03-26 23:36:05 | 000,000,000 | ---D | C] -- C:\_OTL

[2010-03-26 22:27:56 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll

[2010-03-26 22:27:55 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll

[2010-03-26 22:27:55 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll

[2010-03-26 22:12:26 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2010-03-26 22:12:11 | 000,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2010-03-26 22:12:11 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2010-03-26 22:12:02 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys

[2010-03-26 22:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor

[2010-03-26 22:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2010-03-26 22:11:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ppp\Dane aplikacji\PC Tools

[2010-03-26 22:11:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools

[2010-03-26 20:27:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010-03-13 17:50:28 | 000,000,000 | ---D | C] -- C:\Program Files\Webzen

[2010-03-01 17:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

[2010-03-01 17:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ppp\Ustawienia lokalne\Dane aplikacji\4shared.com

[2010-02-19 14:15:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ppp\Ustawienia lokalne\Dane aplikacji\Winamp Toolbar

[2010-02-19 02:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect

[2010-02-19 02:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar

[2010-02-19 02:19:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar

[2010-02-19 02:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp

[2010-02-19 02:18:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ppp\Dane aplikacji\Winamp

[2010-02-17 00:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast

[2009-12-28 16:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe

[2009-12-28 16:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2009-12-28 16:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Threat Expert

[2009-12-25 23:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Mozilla

[2009-12-25 23:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Mozilla

[2009-08-19 06:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2009-03-28 17:41:36 | 000,151,552 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll

[2009-03-28 17:29:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2009-03-28 17:29:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

 

========== Files - Modified Within 60 Days ==========

 

[2010-03-26 23:02:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-03-26 23:02:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-03-26 22:12:08 | 000,001,655 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk

[2010-03-26 21:38:12 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010-03-26 21:15:59 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\Ppp\ntuser.dat

[2010-03-26 21:15:59 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Ppp\ntuser.ini

[2010-03-26 07:21:13 | 001,580,032 | -H-- | M] () -- C:\Documents and Settings\Ppp\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2010-03-26 07:21:04 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat

[2010-03-22 04:21:57 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Ppp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-03-10 09:46:02 | 000,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini

[2010-03-07 12:35:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010-03-05 14:44:51 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

[2010-02-24 16:07:52 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010-02-19 02:19:31 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk

[2010-02-03 17:59:47 | 000,000,492 | ---- | M] () -- C:\Documents and Settings\Ppp\Pulpit\Skrót do Game.lnk

[2010-02-03 17:51:54 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\Ppp\Pulpit\Skrót do motogp.lnk

[2010-01-31 13:40:49 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI

 

========== Files Created - No Company Name ==========

 

[2010-03-26 22:27:57 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll

[2010-03-26 22:27:56 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip

[2010-03-26 22:27:56 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml

[2010-03-26 22:27:56 | 000,000,880 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml

[2010-03-26 22:27:56 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip

[2010-03-26 22:12:26 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat

[2010-03-26 22:12:11 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat

[2010-03-26 22:12:11 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat

[2010-03-26 22:12:08 | 000,001,655 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Spyware Doctor.lnk

[2010-03-26 22:12:03 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat

[2010-03-05 14:44:51 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol

[2010-02-19 02:19:31 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk

[2010-02-03 17:58:19 | 000,000,492 | ---- | C] () -- C:\Documents and Settings\Ppp\Pulpit\Skrót do Game.lnk

[2010-02-03 17:51:54 | 000,000,412 | ---- | C] () -- C:\Documents and Settings\Ppp\Pulpit\Skrót do motogp.lnk

[2010-01-31 13:40:47 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2009-12-25 22:44:36 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old

[2009-12-10 10:20:48 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini

[2009-12-05 18:53:03 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini

[2009-12-03 09:08:54 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009-11-26 17:43:41 | 000,000,250 | ---- | C] () -- C:\WINDOWS\XIIIHooligans.ini

[2009-05-05 20:06:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI

[2009-03-29 19:07:36 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Ppp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-03-29 15:04:39 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll

[2009-03-29 15:02:53 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll

[2009-03-29 15:02:45 | 000,246,784 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll

[2009-03-29 15:02:39 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll

[2009-03-29 15:02:35 | 000,148,480 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll

[2009-03-29 15:02:30 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll

[2009-03-29 15:02:26 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll

[2009-03-29 15:02:19 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll

[2009-03-29 15:02:15 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll

[2009-03-29 15:02:11 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll

[2009-03-29 15:01:40 | 001,388,966 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll

[2009-03-29 15:01:20 | 000,557,451 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll

[2009-03-29 15:01:11 | 000,145,081 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll

[2009-03-29 15:01:04 | 004,421,889 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll

[2009-03-29 15:00:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll

[2009-03-29 15:00:27 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll

[2009-03-29 15:00:24 | 000,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll

[2009-03-29 15:00:18 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll

[2009-03-29 15:00:10 | 000,486,400 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll

[2009-03-29 15:00:06 | 000,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll

[2009-03-29 15:00:01 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll

[2009-03-29 14:59:50 | 002,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll

[2009-03-29 14:52:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009-03-28 17:53:29 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-03-28 17:51:03 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll

[2009-03-28 17:51:03 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll

[2009-03-28 17:51:03 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll

[2009-03-28 17:51:03 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll

[2009-03-28 17:51:03 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2009-03-28 17:51:03 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009-03-28 17:51:03 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll

[2009-03-28 17:51:03 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

[2009-03-28 17:51:01 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2009-03-28 17:47:54 | 000,001,351 | ---- | C] () -- C:\WINDOWS\wincmd.ini

[2009-03-28 17:45:24 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Ppp\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

[2009-03-28 17:40:42 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys

[2009-03-28 17:38:17 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini

[2009-03-28 17:38:13 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2007-06-19 07:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll

[2007-04-20 06:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2007-04-20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2007-04-20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2007-04-20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2007-04-20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2007-04-20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2007-04-20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2007-04-20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2007-04-20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2004-08-25 06:27:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

[2004-08-25 06:27:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(4).dll

[2004-08-25 06:27:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(3).dll

[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

 

========== LOP Check ==========

 

[2009-03-31 23:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET

[2009-12-09 23:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Folder Guard

[2009-12-28 01:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla

[2009-04-27 16:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Mistrz Klawiatury II Data

[2009-08-19 06:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2009-05-05 20:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca

[2010-03-26 23:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2009-04-24 12:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru(2)

[2010-03-26 23:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\BitTorrent

[2009-03-29 13:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\CometNetwork

[2010-03-26 23:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\DNA

[2009-04-01 10:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\ESET

[2009-11-12 19:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Expressivo(2)

[2009-05-28 18:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Gadu-Gadu

[2009-10-18 20:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\GanymedeNet

[2010-03-26 23:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\ipla

[2009-05-06 07:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Leadertech

[2009-06-14 13:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Nowe Gadu-Gadu

[2009-08-19 06:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\OpenFM

[2009-05-02 13:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Simple Sudoku

[2009-06-08 17:14:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\SlipStream

[2009-05-06 06:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Teleca

[2009-12-08 00:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\Thinstall

[2009-03-29 16:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\TigerPlayer

[2009-07-28 20:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ppp\Dane aplikacji\uTorrent

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %systemdrive%\*.* >

[2009-03-28 17:29:14 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2009-03-28 17:24:03 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2009-12-27 18:40:01 | 000,000,281 | RHS- | M] () -- C:\boot.ini

[2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr

[2009-03-28 17:29:14 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2010-02-03 17:42:29 | 000,000,157 | ---- | M] () -- C:\error.txt

[2009-03-28 17:29:14 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010-03-25 23:40:18 | 000,052,994 | ---- | M] () -- C:\mksbasel.cpp.log

[2009-03-28 17:29:14 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008-09-04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\npbittorrent.dll

[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2009-04-05 06:06:51 | 000,251,152 | RHS- | M] () -- C:\ntldr

[2010-03-26 23:02:36 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys

[2009-06-01 22:38:56 | 000,014,179 | ---- | M] () -- C:\Walled In.DVDRip.Xvid.TFE.avi[1]

 

 

< MD5 for: AGP440.SYS >

[2009-04-05 06:01:44 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:agp440.sys

[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[2009-04-28 03:59:35 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[2009-04-28 03:59:35 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys

[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys

[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

 

< MD5 for: ATAPI.SYS >

[2009-04-05 06:01:44 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys

[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2009-04-28 03:59:35 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2009-04-28 03:59:35 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys

[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

 

< MD5 for: BEEP.SYS >

[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys

[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys

[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

 

< MD5 for: CDROM.SYS >

[2009-04-05 06:01:44 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:cdrom.sys

[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys

[2009-04-28 03:59:35 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys

[2009-04-28 03:59:35 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys

[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys

[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

 

< MD5 for: EVENTLOG.DLL >

[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll

[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

 

< MD5 for: NDIS.SYS >

[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys

[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys

[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

 

< MD5 for: WINLOGON.EXE >

[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe

[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8

< End of report >

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
ULLISSES Enthusiast

ULLISSES

Opublikowano
Opublikowano

1. Odinstaluj Avast.

2. Odłącz dysk, zanieś do kumpla, zainstaluj u niego Avira Antivir, podłacz dysk, przeskanuj i po zabawie.

3. Ewentualnie możesz próbować instalować u siebie. Jak normalnie będzie robił problemy, to spróbuj w trybie awaryjnym.

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
Kolobos Newbie

Kolobos

Opublikowano
Opublikowano

Odinstaluj lub wylacz btdna:

PRC - [2009-11-13 07:00:39 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe

 

Odinstaluj tez: Winamp Toolbar, 4shared.com, Conduit

 

Uzyj JavaRa i przy jego pomocy pobierz najnowsza wersje javy i usun wszystkie poprzednie.

 

Do kasacji:

C:\Program Files\Conduit

c:\Documents and Settings\All Users\Dane aplikacji\Wru(2)

 

Wklej to do OTL i nacisnij Run Fix:

 

:OTL

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = Search Assistant

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Internet Explorer Search

IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKU\S-1-5-21-789336058-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Recherche Google

IE - HKU\S-1-5-21-789336058-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !

IE - HKU\S-1-5-21-789336058-1177238915-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"

FF - prefs.js..browser.search.defaultthis.engineName: "4shared Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Crawler Search"

O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O3 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.

O3 - HKU\S-1-5-21-789336058-1177238915-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O4 - HKU\S-1-5-21-789336058-1177238915-725345543-1003..\Run: [bitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

Dołącz do dyskusji

Możesz dodać zawartość już teraz a zarejestrować się później. Jeśli posiadasz już konto, zaloguj się aby dodać zawartość za jego pomocą.

Gość
Dodaj odpowiedź do tematu...

×   Wklejono zawartość z formatowaniem.   Przywróć formatowanie

  Dozwolonych jest tylko 75 emoji.

×   Odnośnik został automatycznie osadzony.   Przywróć wyświetlanie jako odnośnik

×   Przywrócono poprzednią zawartość.   Wyczyść edytor

×   Nie możesz bezpośrednio wkleić grafiki. Dodaj lub załącz grafiki z adresu URL.

Ładowanie
×
Tematy
×
×
  • Dodaj nową pozycję...